Closed mrc0mmand closed 2 years ago
mrc0mmand
commented
2 years ago Looks like it's doing its thing and the results are definitely interesting - https://github.com/systemd/python-systemd/security/code-scanning?query=pr%3A121+tool%3ACodeQL+is%3Aopen. It'd be probably worth going through them and possibly fixing the potential issues.
Anyway, once this is merged I'll go ahead and disable LGTM integration for this repo completely, PTAL.
/cc @keszybz, @behrmann
behrmann
commented
2 years ago @mrc0mmand Sorry, missed this one among the mkosi stuff, unused to being called here. :) I think this is fine to merge, since the messages stay on the security tab and compared to mkosi there's definitely interesting stuff there.
mrc0mmand
commented
2 years ago @mrc0mmand Sorry, missed this one among the mkosi stuff, unused to being called here. :)
No worried, I completely understand, given the traffic here :-)
I think this is fine to merge, since the messages stay on the security tab and compared to mkosi there's definitely interesting stuff there.
Indeed, I'll go ahead and merge this, so I can finish the LGTM-related cleanup, I just didn't want to do that "silently" without no other eyes on it.
As LGTM is going to be shut down by EOY[0], let's move the code scanning to CodeQL as recommended. Thanks to GH integration the results from such scans will be shown both in the respective PR and in the Security -> Code Scanning tab[1].
[0] https://github.blog/2022-08-15-the-next-step-for-lgtm-com-github-code-scanning/ [1] https://github.com/systemd/python-systemd/security/code-scanning