Closed esabol closed 7 months ago
This pull request adds a CodeQL workflow to the repository's GitHub Actions.
See https://codeql.github.com/ for details on CodeQL.
After merging, I think you probably need to enable it in the repository's Settings. See https://docs.github.com/en/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning for instructions. We need to use the "Advanced" setup because gearmand needs various prerequisites installed.
Some of the warnings seem spurious. You can disable specific warnings on specific lines of the code in the web interface. We'll probably need to do that at some point, but some of the warnings should be fixed, I feel.
This pull request adds a CodeQL workflow to the repository's GitHub Actions.
See https://codeql.github.com/ for details on CodeQL.
After merging, I think you probably need to enable it in the repository's Settings. See https://docs.github.com/en/code-security/code-scanning/enabling-code-scanning/configuring-default-setup-for-code-scanning for instructions. We need to use the "Advanced" setup because gearmand needs various prerequisites installed.
Some of the warnings seem spurious. You can disable specific warnings on specific lines of the code in the web interface. We'll probably need to do that at some point, but some of the warnings should be fixed, I feel.