Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: Enable codeql action #1454

Closed

Conversation

naveensrinivasan
Copy link
Contributor

This action runs GitHub's industry-leading semantic code analysis engine,
CodeQL, against a repository's source code to find security vulnerabilities.

https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql

https://github.com/ossf/scorecard/blob/main/docs/checks.md#sast
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
@Byron
Copy link
Member

Byron commented May 31, 2022

Thanks a lot!

Can you make it so it only runs once all tests have passed?
And could you exclude the tests from being checked as well?

@naveensrinivasan
Copy link
Contributor Author

Thanks a lot!

Can you make it so it only runs once all tests have passed? And could you exclude the tests from being checked as well?

I can ignore the tests folder in this PR.

@Byron
Copy link
Member

Byron commented May 31, 2022

Thanks! Can you also make it so it only runs once all tests have passed?

@naveensrinivasan
Copy link
Contributor Author

Thanks! Can you also make it so it only runs once all tests have passed?

I can do that in the next PR.

Copy link
Member

@Byron Byron left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alright, I will be waiting for exclusion of tests in this PR, so the dependency adjustment can be happening in the next one (even though I think it could happen in this one as well, but that might be a misconception).

@naveensrinivasan
Copy link
Contributor Author

I am going to close this for now. I can probably pick it up later. Thanks

@EliahKagan EliahKagan mentioned this pull request Dec 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

2 participants