DevSkim is an open source set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
We currently use this as a code scanning workflow in all of our in-vehicle stack projects. The proposal is to add this Code Scanning workflow to this repository as a best practice.
Expected outcome
DevSkim code scanning is introduced. Any flagged alerts are addressed appropriately.
Description
DevSkim is an open source set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities. We currently use this as a code scanning workflow in all of our in-vehicle stack projects. The proposal is to add this Code Scanning workflow to this repository as a best practice.
Expected outcome
DevSkim code scanning is introduced. Any flagged alerts are addressed appropriately.
Additional Information
Link to DevSkim project: https://github.com/microsoft/DevSkim
Tasks