chore: Enable codeql action#1454
chore: Enable codeql action#1454naveensrinivasan wants to merge 1 commit intogitpython-developers:mainfrom
Conversation
This action runs GitHub's industry-leading semantic code analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql https://github.com/ossf/scorecard/blob/main/docs/checks.md#sast Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
|
Thanks a lot! Can you make it so it only runs once all tests have passed? |
I can ignore the tests folder in this PR. |
|
Thanks! Can you also make it so it only runs once all tests have passed? |
I can do that in the next PR. |
Byron
left a comment
Byron
left a comment
There was a problem hiding this comment.
Alright, I will be waiting for exclusion of tests in this PR, so the dependency adjustment can be happening in the next one (even though I think it could happen in this one as well, but that might be a misconception).
|
I am going to close this for now. I can probably pick it up later. Thanks |
2 participants
This action runs GitHub's industry-leading semantic code analysis engine,
CodeQL, against a repository's source code to find security vulnerabilities.
https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql
https://github.com/ossf/scorecard/blob/main/docs/checks.md#sast
Signed-off-by: naveen 172697+naveensrinivasan@users.noreply.github.com