- Notifications
You must be signed in to change notification settings - Fork1.2k
Add OSV scanner#7768
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
base:main
Are you sure you want to change the base?
Add OSV scanner#7768
Uh oh!
There was an error while loading.Please reload this page.
Conversation
This is almost identical to the latest version used in the qsimrepository. It has a minor improvement in using an `ubuntu-slim` runnerfor the summary-writing job and also respecting the `runner.debug`variable.
This is almost identical to the latest version used in the qsimrepository. It has a minor improvement in respecting the `runner.debug`variable.
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear onthis overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check outthe documentation. |
codecovbot commentedNov 23, 2025 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@## main #7768 +/- ##==========================================- Coverage 99.57% 99.57% -0.01%========================================== Files 1102 1102 Lines 98425 98425 ==========================================- Hits 98006 98005 -1- Misses 419 420 +1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
Uh oh!
There was an error while loading.Please reload this page.
pavoljuhas left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Let us run these as scheduled scans to save on resources and avoid user confusion.
Also please move the introduction of osv-scan to its own PR.
Uh oh!
There was an error while loading.Please reload this page.
| @@ -0,0 +1,145 @@ | |||
| # Copyright 2025 Google LLC | |||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Can you please move this to a separate PR?
Also, let us try to keep this as simple and as close as possible to the example workflows athttps://github.com/google/osv-scanner. Running this on schedule should be sufficient; again, we do not need to create noise in CI-checks for our contributors. (we have no large scale continuous deployment of Cirq so it is not that critical to catch vulnerabilities on the spot. Also the only kind of PRs that can introduce them are changes Python dependencies or GHA workflows)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
I moved the Scorecard changes to another PR (#7776)
The changes are being done in another PR:quantumlib#7776
Uh oh!
There was an error while loading.Please reload this page.
This is almost identical to the latest version of this scanner used in the qsim repository.