minio / sidekick

High Performance HTTP Sidecar Load Balancer
GNU Affero General Public License v3.0
546 stars 82 forks source link

Add CodeQL security scanning #32

Closed jhutchings1 closed 4 years ago

jhutchings1 commented 4 years ago

Hi, I'm a PM on the GitHub security team. This repository is eligible to try the new GitHub Advanced Security code scanning beta.

Code scanning runs a static analysis tool called CodeQL which scans your code at build time to find any potential security issues. We've tuned the set of queries to be only the most severe, most precise issues. We'll show alerts in the security tab, and we'll show alerts for any net new vulnerabilities on pull requests as well. We've tried to make this super developer friendly, but we'd love your feedback as we work through the beta.

If you're interested in trying it out, you can merge this pull request to set up the Actions workflow.

jhutchings1 commented 4 years ago

This one is building properly in my fork, so it should be good to go!