gitpython-developers/GitPythonPublic

NotificationsYou must be signed in to change notification settings
Fork938
Star4.9k

chore: Enable codeql action#1454

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Jump to bottom

Closed

naveensrinivasan wants to merge1 commit intogitpython-developers:mainfromturrisxyz:CodeQL-GitHub

Closed

chore: Enable codeql action#1454

naveensrinivasan wants to merge1 commit intogitpython-developers:mainfromturrisxyz:CodeQL-GitHub

Conversation

Copy link

Contributor

naveensrinivasan commentedMay 30, 2022

This action runs GitHub's industry-leading semantic code analysis engine,
CodeQL, against a repository's source code to find security vulnerabilities.

https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql

https://github.com/ossf/scorecard/blob/main/docs/checks.md#sast
Signed-off-by: naveen172697+naveensrinivasan@users.noreply.github.com

chore: Enable codeql action

d3fec1e

This action runs GitHub's industry-leading semantic code analysis engine,CodeQL, against a repository's source code to find security vulnerabilities.https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeqlhttps://github.com/ossf/scorecard/blob/main/docs/checks.md#sastSigned-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>

Copy link

Member

Byron commentedMay 31, 2022•
edited
Loading

Thanks a lot!

Can you make it so it only runs once all tests have passed?
And could you exclude the tests from being checked as well?

Copy link

ContributorAuthor

naveensrinivasan commentedMay 31, 2022

Thanks a lot!
Can you make it so it only runs once all tests have passed? And could you exclude the tests from being checked as well?

I can ignore the tests folder in this PR.

Copy link

Member

Byron commentedMay 31, 2022

Thanks! Can you also make it so it only runs once all tests have passed?

Copy link

ContributorAuthor

naveensrinivasan commentedMay 31, 2022

Thanks! Can you also make it so it only runs once all tests have passed?

I can do that in the next PR.

Byron requested changes

May 31, 2022

View reviewed changes

Copy link

Member

Byron left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Alright, I will be waiting for exclusion of tests in this PR, so the dependency adjustment can be happening in the next one (even though I think it could happen in this one as well, but that might be a misconception).

Copy link

ContributorAuthor

naveensrinivasan commentedJul 4, 2022

I am going to close this for now. I can probably pick it up later. Thanks

naveensrinivasan closed this

Jul 4, 2022

EliahKagan mentioned this pull request

Dec 13, 2023

Enable CodeQL#1769

Merged

Labels

None yet

2 participants

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

chore: Enable codeql action#1454

chore: Enable codeql action#1454

Uh oh!