search

sahil-sagwekar2652 / GitHub-Automation-scripts

Bash and Python scripts to automate your Git & GitHub workflow. Made by using only standard python libraries.
https://sahil-sagwekar2652.github.io/GitHub-Automation-scripts/
MIT License
52 stars 64 forks source link

[Feature Request]: add codeql workflow #110

Closed harmeetsingh11 closed 1 year ago

harmeetsingh11 commented 1 year ago

Is your feature request related to a problem? Please describe.

The repository contains code in python, it does not have workflow for code scanning.

Describe the solution you'd like

I want to add the codeql workflow to automate security checks. CodeQL is the code analysis engine developed by GitHub to identify vulnerabilities in code. It will analyze your code and display the results as code scanning alerts. It will be enabled on every push, commit and pull request using GitHub actions.

Record

sahil-sagwekar2652 commented 1 year ago

I already have a Flake8 Linter workflow. How will CodeQL work alongside that?

harmeetsingh11 commented 1 year ago

Flake8 Linter helps prevent things like syntax errors, typos, bad formatting, incorrect styling etc. But codeQL workflow will scan your code to identify vulnerabilities.