bskinn / sphobjinv

Toolkit for manipulation and inspection of Sphinx objects.inv files

https://sphobjinv.readthedocs.io

MIT License

78 stars 7 forks source link

Create codeql.yml #278

Closed bskinn closed 2 months ago

bskinn commented 1 year ago

Give CodeQL a try, see what it does...

~Documentation~
~Tests~
[ ] CHANGELOG

codecov-commenter commented 1 year ago

Codecov Report

Merging #278 (e176dc3) into main (77bfc4d) will not change coverage. The diff coverage is n/a.

@@            Coverage Diff            @@
##              main      #278   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           20        20           
  Lines          743       743           
=========================================
  Hits           743       743

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more

bskinn commented 2 months ago

I don't want to add this now. sphobjinv shouldn't be a security risk, as it's not a webapp and doesn't interact with web APIs and such.

Bandit is probably enough.