Enable CodeQL static code analysis scans

opiproject / pydpu

Python library and cli to communicate with DPUs and IPUs

Apache License 2.0

5 stars 8 forks source link

Enable CodeQL static code analysis scans #57

Closed glimchb closed 1 year ago

glimchb commented 1 year ago

CodeQL scans are supposed to harden our code against potential security issues. The code is going to be checked against default security DB for go and additionally against security-extended and security-and-quality DBs. Additional benefit is the improvement of OSSF score for the project.

codecov[bot] commented 1 year ago

Codecov Report

Merging #57 (430dd81) into main (e963f8d) will not change coverage. The diff coverage is n/a.

@@           Coverage Diff           @@
##             main      #57   +/-   ##
=======================================
  Coverage   56.60%   56.60%           
=======================================
  Files          34       34           
  Lines        4489     4489           
=======================================
  Hits         2541     2541           
  Misses       1948     1948

github-advanced-security[bot] commented 1 year ago

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.