Set up CodeQL checks - Githubissues

CDCgov / dibbs-cloud

Creative Commons Zero v1.0 Universal

1 stars 0 forks source link

Set up CodeQL checks #11

Open rin-skylight opened 5 months ago

rin-skylight commented 5 months ago

Background

Security is paramount for CDC infrastructure. We practice "shift-left" security, where good security starts with the code.

Action requested

Set up CodeQL to run with each PR.

Acceptance Criteria

CodeQL is enabled in the repo.
CodeQL results are a required check on each PR.

Additional context

This will come in handy at our yearly CDC reviews!

rin-skylight commented 4 months ago

CodeQL is likely not going to be used in this repo for some time, if ever, as it does not include our primary bits of code in its language set. Will revisit as the project expands in scope.