chore: add codeql pipeline by inigomarquinez · Pull Request #26 · jshttp/statuses (original) (raw)
Navigation Menu
Appearance settings
- AI CODE CREATION
* GitHub CopilotWrite better code with AI
* GitHub Copilot appDirect agents from issue to merge
* MCP RegistryNewIntegrate external tools - DEVELOPER WORKFLOWS
* ActionsAutomate any workflow
* CodespacesInstant dev environments
* IssuesPlan and track work
* Code ReviewManage code changes - APPLICATION SECURITY
* GitHub Advanced SecurityFind and fix vulnerabilities
* Code securitySecure your code as you build
* Secret protectionStop leaks before they start - EXPLORE
* Why GitHub
* Documentation
* Blog
* Changelog
* Marketplace
- AI CODE CREATION
- BY COMPANY SIZE
* Enterprises
* Small and medium teams
* Startups
* Nonprofits - BY USE CASE
* App Modernization
* DevSecOps
* DevOps
* CI/CD
* View all use cases - BY INDUSTRY
* Healthcare
* Financial services
* Manufacturing
* Government
* View all industries
- BY COMPANY SIZE
- EXPLORE BY TOPIC
* AI
* Software Development
* DevOps
* Security
* View all topics - EXPLORE BY TYPE
* Customer stories
* Events & webinars
* Ebooks & reports
* Business insights
* GitHub Skills - SUPPORT & SERVICES
* Documentation
* Customer support
* Community forum
* Trust center
* Partners
- EXPLORE BY TOPIC
- COMMUNITY
* GitHub SponsorsFund open source developers - PROGRAMS
* Security Lab
* Maintainer Community
* Accelerator
* GitHub Stars
* Archive Program - REPOSITORIES
* Topics
* Trending
* Collections
- COMMUNITY
- Pricing
Provide feedback
We read every piece of feedback, and take your input very seriously.
Include my email address so I can be contacted
Saved searches
Use saved searches to filter your results more quickly
Appearance settings
Notifications You must be signed in to change notification settings
Additional navigation options
Merged
merged 1 commit into
jshttp:masterfrom
inigomarquinez:tools/add-codeql
Nov 7, 2024
ConversationCommits (1)ChecksFiles changed
Merged
merged 1 commit into
jshttp:masterfrom
inigomarquinez:tools/add-codeql
Conversation
Copy link Copy Markdown
Contributor
Main Changes
This change includes the addition of CodeQL as the SAST tool for the project. It will run an analysis every day-
Impact on the OSSF Scorecard
Context
Changes related
Team discussion related
- Ref: Implementing OSSF Scorecard expressjs/security-wg#2
- Report: https://kooltheba.github.io/openssf-scorecard-api-visualizer/#/projects/github.com/jshttp/statuses/commit/454ceb6e0bfea4f889be244de2538df8afb4dc2a
[chore: add codeql pipeline](/jshttp/statuses/pull/26/commits/04bb3a9ee9d3eade7b69b596dc4d2199031f2d8e "chore: add codeql pipeline")
[04bb3a9](/jshttp/statuses/pull/26/commits/04bb3a9ee9d3eade7b69b596dc4d2199031f2d8e)
UlisesGascon approved these changes Apr 29, 2024
Copy link Copy Markdown
Member
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
[ Show hidden characters]({{ revealButtonHref }})
Sign up for free to join this conversation on GitHub. Already have an account?Sign in to comment
Reviewers
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development
Successfully merging this pull request may close these issues.
2 participants
