ODNZSL / nzsl-online

New Zealand Sign Language Dictionary
GNU General Public License v3.0
40 stars 11 forks source link

ci: setup code scanning workflow #1465

Closed G-Rath closed 1 year ago

G-Rath commented 2 years ago

Actions + Code Scanning is free for public / oss repos, so let's start using that!

G-Rath commented 1 year ago

I'm going to ignore the weakened CSRF vulnerabilities that are being flagged for now in order to land this, because they're about changing the order of stuff that's cosmetic so if they're exploited there's not a lot of damage that can be done, and it looks like it'll be a bit of work to fix.

(still would be nice to have them addressed some day)