Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: Add code scanning CodeQL workflow #1085

Merged
merged 4 commits into from
Sep 30, 2020
Merged

ci: Add code scanning CodeQL workflow #1085

merged 4 commits into from
Sep 30, 2020

Conversation

matthewfeickert
Copy link
Member

@matthewfeickert matthewfeickert commented Sep 30, 2020
edited
Loading

Description

Add code scanning from GitHub by adding a CodeQL workflow. The workflow added is a modified version of the starting stock workflow GitHub provides. Alerts are shown in the Security tab for the project.

c.f.

Checklist Before Requesting Reviewer

  • Tests are passing
  • "WIP" removed from the title of the pull request
  • Selected an Assignee for the PR to be responsible for the log summary

Before Merging

For the PR Assignees:

  • Summarize commit messages into a comprehensive review of the PR
* Add code scanning workflow using GitHub's CodeQL
   - c.f. https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/enabling-code-scanning-for-a-repository

@matthewfeickert matthewfeickert added the CI CI systems, GitHub Actions label Sep 30, 2020
@matthewfeickert matthewfeickert self-assigned this Sep 30, 2020
@codecov
Copy link

codecov bot commented Sep 30, 2020
edited
Loading

Codecov Report

Merging #1085 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #1085   +/-   ##
=======================================
  Coverage   96.81%   96.81%           
=======================================
  Files          59       59           
  Lines        3490     3490           
  Branches      499      499           
=======================================
  Hits         3379     3379           
  Misses         68       68           
  Partials       43       43
Flag Coverage Δ
#unittests 96.81% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 182c643...76bb366. Read the comment docs.

@matthewfeickert
Copy link
Member Author

This might make LGTM (one of the slowest checks) unnecessary now, given that CodeQL is the result of GitHub acquiring Semmle.

@matthewfeickert matthewfeickert changed the title ci: Add code scanning workflow ci: Add code scanning CodeQL workflow Sep 30, 2020
@matthewfeickert matthewfeickert marked this pull request as ready for review September 30, 2020 21:15
@matthewfeickert matthewfeickert merged commit 502a4a9 into master Sep 30, 2020
@matthewfeickert matthewfeickert deleted the ci/add-code-scanning branch September 30, 2020 21:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lukasheinrich lukasheinrich lukasheinrich approved these changes

@kratsg kratsg kratsg approved these changes

Assignees

@matthewfeickert matthewfeickert

Labels
CI CI systems, GitHub Actions
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@matthewfeickert @kratsg @lukasheinrich