Scan for security vulnerabilities with GitHub CodeQL #645
Assignees
Labels
🧽 chore
Administrative task: documentation, build, test, release, git, etc.
Milestone
Comments
rgoldberg
added
the
🧽 chore
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Nov 21, 2024
Scan for security vulnerabilities with GitHub CodeQL by adding `codeql.yml` workflow. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Nov 21, 2024
Use `runs-on: macos-15`. Don't analyze `ruby` or `c-cpp`. Perform `security-and-quality` queries. Remove parentheses from job name. Remove unnecessary settings. Remove unnecessary comments. Fix lint spacing violations. Use double quotes instead of single quotes. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Nov 21, 2024
Other cleanup from the release improvements PR to ensure that this workflow doesn't cause any other issues for this PR. Resolve mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 1, 2024
Scan for security vulnerabilities with GitHub CodeQL by adding `codeql.yml` workflow. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 1, 2024
Use `runs-on: macos-15`. Don't analyze `ruby` or `c-cpp`. Perform `security-and-quality` queries. Remove parentheses from job name. Remove unnecessary settings. Remove unnecessary comments. Fix lint spacing violations. Use double quotes instead of single quotes. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 1, 2024
Other cleanup from the release improvements PR to ensure that this workflow doesn't cause any other issues for this PR. Resolve mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 2, 2024
Scan for security vulnerabilities with GitHub CodeQL by adding `codeql.yml` workflow. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 2, 2024
Use `runs-on: macos-15`. Don't analyze `ruby` or `c-cpp`. Perform `security-and-quality` queries. Remove parentheses from job name. Remove unnecessary settings. Remove unnecessary comments. Fix lint spacing violations. Use double quotes instead of single quotes. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 2, 2024
Other cleanup from the release improvements PR to ensure that this workflow doesn't cause any other issues for this PR. Resolve mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 27, 2024
Scan for security vulnerabilities with GitHub CodeQL by adding `codeql.yml` workflow. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 27, 2024
Use `runs-on: macos-15`. Don't analyze `ruby` or `c-cpp`. Perform `security-and-quality` queries. Remove parentheses from job name. Remove unnecessary settings. Remove unnecessary comments. Fix lint spacing violations. Use double quotes instead of single quotes. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 27, 2024
Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 27, 2024
Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 30, 2024
Scan for security vulnerabilities with GitHub CodeQL by adding `codeql.yml` workflow. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 30, 2024
Use `runs-on: macos-15`. Don't analyze `ruby` or `c-cpp`. Perform `security-and-quality` queries. Remove parentheses from job name. Remove unnecessary settings. Remove unnecessary comments. Fix lint spacing violations. Use double quotes instead of single quotes. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 30, 2024
Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 30, 2024
Scan for security vulnerabilities with GitHub CodeQL by adding `codeql.yml` workflow. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 30, 2024
Use `runs-on: macos-15`. Don't analyze `ruby` or `c-cpp`. Perform `security-and-quality` queries. Remove parentheses from job name. Remove unnecessary settings. Remove unnecessary comments. Fix lint spacing violations. Use double quotes instead of single quotes. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 30, 2024
Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 31, 2024
Scan for security vulnerabilities with GitHub CodeQL by adding `codeql.yml` workflow. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 31, 2024
Use `runs-on: macos-15`. Don't analyze `ruby` or `c-cpp`. Perform `security-and-quality` queries. Remove parentheses from job name. Remove unnecessary settings. Remove unnecessary comments. Fix lint spacing violations. Use double quotes instead of single quotes. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 31, 2024
Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 31, 2024
Scan for security vulnerabilities with GitHub CodeQL by adding `codeql.yml` workflow. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
rgoldberg
added a commit
to rgoldberg/mas
that referenced
this issue
Dec 31, 2024
Allow manual runs. Run on all pushes & pull requests. Use `runs-on: macos-15`. Analyze GitHub workflows. Don't analyze `ruby` or `c-cpp`. Perform `security-and-quality` queries. Remove parentheses from job name. Remove unnecessary settings. Remove unnecessary comments. Remove unnecessary quotes. Fix lint spacing violations. Use double quotes instead of single quotes. Partial mas-cli#645 Signed-off-by: Ross Goldberg <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Scan for security vulnerabilities with GitHub CodeQL by adding
.github/workflows/codeql.ymlworkflow.Use CodeQL for as much as possible:
swiftactions(GitHub Workflows)Package.resolved,.swift-format)Also ensure dependabot is setup properly:
https://docs.github.com/en/code-security/getting-started/dependabot-quickstart-guide
The text was updated successfully, but these errors were encountered: