Skip to content

Introduce CodeQL
Compare
Choose a tag to compare
@julien-may julien-may released this 31 Oct 08:17
· 65 commits to main since this release
v5.3.0
394a15b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

This release introduces the CodeQL job that eventually will be used by all of our repositories that are deployed on production.

The reason to have CodeQL as part of CircleCI instead of using GitHub Actions is to lower the risk of stuck builds / deployments because one of the CI platforms (CircleCI or GitHub) is down.

This new CircleCI job was created according to the CodeQL documentation from GitHub: https://docs.github.com/en/code-security/code-scanning/using-codeql-code-scanning-with-your-existing-ci-system. It is supposed to support all the repositories, and therefore tech stacks, we currently have and use.

Assets 2
Loading