Changes description
Added GitHub official static code analysis (via CodeQL, same as LGTM) inside of build and publish workflows.
Updated features
build/publish workflows: added static code analysis for vulnerability as a first step of the workflow. If this steps fails, the downstream steps will not run. Any vulnerabilities will be reported by the code analysis actions inside of the Security tab of the repository. Also fixed triggers.
Changes description Added GitHub official static code analysis (via
CodeQL
, same asLGTM
) inside ofbuild
andpublish
workflows.Updated features
build
/publish
workflows: added static code analysis for vulnerability as a first step of the workflow. If this steps fails, the downstream steps will not run. Any vulnerabilities will be reported by the code analysis actions inside of theSecurity
tab of the repository. Also fixed triggers.