devstream icon indicating copy to clipboard operation
devstream copied to clipboard
verified publisher icon devstream-io

:four_leaf_clover: `Proposal`: Integrate CodeQL into CI

Open algobot76 opened this issue 3 years ago • 2 comments

What Would You Like to Add? Why Is This Needed?

CodeQL is a tool made by GitHub to “automate security checks” and is "free for research and open source." I think we could use this tool to enhance dtm's security. Also, there is an existing GitHub action (https://github.com/github/codeql-action) which makes the integration a lot easier.

Design

NONE

Anything else

CodeQL Docs: https://codeql.github.com/docs/

algobot76 avatar Jul 05 '22 15:07 algobot76

A great proposal. Would you like to take over this feature?

xavier-hou avatar Jul 06 '22 02:07 xavier-hou

A great proposal. Would you like to take over this feature?

sure

algobot76 avatar Jul 06 '22 06:07 algobot76