2492 Tweaks and fixes to CI actions

freelawproject / x-ray

A tool to detect whether a PDF has a bad redaction

BSD 2-Clause "Simplified" License

128 stars 12 forks source link

2492 Tweaks and fixes to CI actions #133

Closed albertisfu closed 1 year ago

albertisfu commented 1 year ago

This fixes poetry issue in actions, now using the latest version
Upgraded CodeQL action that was also failing here
Set CodeQL action to only run once a day as a github scheduled action at 2:00. A question about this, I read that scheduled actions run on the default branch (main) so in this case, if CodeQL detects a problem on main that would mean for that moment code is already released, is that a problem?

mlissner commented 1 year ago

if CodeQL detects a problem on main that would mean for that moment code is already released, is that a problem?

Yeah, it's not great, but it's never discovered anything so far, so we just have to be ready to jump on it when/if it happens. I think it's an OK tradeoff between security scanning and getting our jobs done.