New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable CodeQL in this repo #538

Merged

damonbarry merged 1 commit into Azure:release/1.4 from damonbarry:codeql-1.4

Jul 17, 2023

Member

damonbarry commented Jul 17, 2023

Cherry-pick 6404c3b.


          Enable CodeQL in this repo (Azure#537)

4c85b1a

CodeQL detects one C# file and four C files in this repository and wants to run analysis on them. This PR enables CodeQL analysis.

For the C code, since CodeQL's autobuild can't figure out our Rust-based build, I added a custom pipeline. I adapted the YAML that GitHub generates for [advanced code scanning](https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository#configuring-code-scanning-manually).

For C#, the single file in this repo is not production code--it's meant to be run inside an Azure Function during a test--so building it in the new pipeline isn't worth the effort. Instead, I changed the extension on the file. Hopefully CodeQL will pass over it.

damonbarry requested a review from arsing

July 17, 2023 19:00

arsing approved these changes

View reviewed changes

damonbarry merged commit cfdbac7 into Azure:release/1.4

87 checks passed

damonbarry deleted the codeql-1.4 branch

July 17, 2023 19:37

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet