Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: introduce static analysis with CodeQL #655

Merged
merged 1 commit into from
Nov 19, 2020
Merged

Conversation

liangyuanruo
Copy link
Contributor

@liangyuanruo liangyuanruo commented Nov 17, 2020

This PR runs GitHub's static analysis engine, CodeQL, against a repository's source code to find security vulnerabilities. It then automatically uploads the results to GitHub so they can be displayed in the repository's security tab. CodeQL runs an extensible set of queries, which have been developed by the community and the GitHub Security Lab to find common vulnerabilities in the code.

CodeQL is free for open source repositories.

@liangyuanruo liangyuanruo marked this pull request as ready for review November 17, 2020 08:04
@liangyuanruo liangyuanruo requested a review from karrui November 17, 2020 09:23
@liangyuanruo liangyuanruo merged commit f25cd36 into develop Nov 19, 2020
@liangyuanruo liangyuanruo deleted the feat/codeql branch November 19, 2020 06:35
@mantariksh mantariksh mentioned this pull request Nov 24, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants