After running they found multiple issues and nitpicks about the code.
As these checks aren't impeditive to PR workflow, It's possible to tackle the results:
As needed
as we have volunteers willing to work on it
For tackling this we must decide on one or more strategies like:
Fixing each of the code issues found by the tools
Configuring each tool according to the needs of the project
Defining code quality rules that suit the scanning like:
Code formatting
Review rules
Issue resolution rules
Disabling some scanning and checks
Code scanning tools and results example
Full results are in the Security section of this repository.
CodeQL No new or fixed alerts
Code scanning results / Bandit (reported by Codacy) Successful in 1m — 206 new alerts, 196 fixes
Code scanning results / Checkov (reported by Codacy) Successful in 1m — 2 new alerts
Code scanning results / CodeQL Successful in 3s — No new or fixed alerts
Code scanning results / Jacksonlinter (reported by Codacy) Successful in 1m — 2 new alerts, 2 fixes
Code scanning results / Prospector (reported by Codacy) Successful in 1m — 1,909 new alerts, 1,352 fixes
Code scanning results / Pylint (reported by Codacy) Successful in 1m — 4,259 new alerts, 4,254 fixes
Code scanning results / Pylintpython3 (reported by Codacy) Successful in 1m — 3,765 new alerts, 3,793 fixes
Code scanning results / Remark-lint (reported by Codacy) Successful in 1m — 16 new alerts
Code scanning results / Spectral (reported by Codacy)
Problem description
For tackling this we must decide on one or more strategies like:
Code scanning tools and results example
Full results are in the Security section of this repository.