Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create codeql.yml #146

Closed
wants to merge 1 commit into from
Closed

Create codeql.yml #146

wants to merge 1 commit into from

Conversation

ThibaudLopez
Copy link
Contributor

Enable CodeQL

Enable CodeQL
@ThibaudLopez ThibaudLopez requested review from a team as code owners March 23, 2023 22:55
@github-advanced-security
Copy link

You have successfully added a new CodeQL configuration /language:python. As part of the setup process, we have scanned this repository and found no existing alerts. In the future, you will see all code scanning alerts on the repository Security tab.

@ThibaudLopez
Copy link
Contributor Author

@DzmitryFomchyn , do you know how to setup CodeQL for Java for this repo? It failed to auto scan.

@DzmitryFomchyn
Copy link
Contributor

@DzmitryFomchyn , do you know how to setup CodeQL for Java for this repo? It failed to auto scan.

@ThibaudLopez it seems that the error is SDK Registry token is not specified. which comes from here. We need a few more tokens to build the SDK (more information).

@ThibaudLopez
Copy link
Contributor Author

@DzmitryFomchyn , do you know how to do the setup?

@ThibaudLopez
Copy link
Contributor Author

see mapbox/mapbox-navigation-android#7048 for example of CodeQL setup for Kotlin

@ghost
Copy link

ghost commented Apr 9, 2024

Seems to be way outdated

@ghost ghost closed this Apr 9, 2024
@ThibaudLopez
Copy link
Contributor Author

re-opening... we still need code scanning for this repo

@ThibaudLopez ThibaudLopez reopened this Apr 10, 2024
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@ghost
Copy link

ghost commented Apr 11, 2024

@ThibaudLopez It's broken in its current form. CI/CD didn't pass.

@ThibaudLopez
Copy link
Contributor Author

@eugenes78 , correct, CodeQL is not yet setup to build the Java project of this repo as the CodeQL auto-build doesn't succeed. We need somebody that's familiar with how to build this repo to please setup the CodeQL YAML to do the same build.

@ghost
Copy link

ghost commented May 17, 2024

@ThibaudLopez Are you making progress on this one? It's open for more than a year already...

@ThibaudLopez
Copy link
Contributor Author

ThibaudLopez commented May 20, 2024

@eugenes78 ,

Are you making progress on this one? It's open for more than a year already...

No, we've been needing help for a year, somebody familiar with how to build this repo, then put those instructions in the CodeQL YAML. If needed, we can close this PR and leave this repo without code scanning. We can try the other code scanning (we can follow-up internally).

@ghost ghost closed this May 31, 2024
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants