New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
workflows: Add Code Scanning action, fix up failures #13149
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning - I just joined the Code Scanning team at work and I figured I'd test out the actual product in the real world by seeing what things it points out for Homebrew, a reasonably large Ruby project. - This adds a config file to exclude `Library/Homebrew/vendor` as we can't fix problems within gems. :-)
> This regular expression has an unescaped '.' before 'apache.org/dyn/closer', so it might match more hosts than expected.
> This regular expression has an unrestricted wildcard '.*' which may cause 'googlecode\.com/files' to be matched anywhere in the URL, outside the hostname.
> This regular expression has an unrestricted wildcard '.+?' which may cause 'googlecode\.com/svn' to be matched anywhere in the URL, outside the hostname.
Review period will end on 2022-04-18 at 15:46:57 UTC. |
BrewTestBot
added
the
waiting for feedback
Merging is blocked until sufficient time has passed for review
label
Apr 15, 2022
MikeMcQuaid
reviewed
Apr 15, 2022
- These were the defaults generated when I clicked the "enable Code Scanning" button on GitHub, but... - Since we only have Ruby in this repo, we don't need a matrix, we can just specify `languages: ruby`. - And this repo gets enough usage that the schedule is not very useful - who would look at the scheduled run vs. it running every day on PRs?
BrewTestBot
added
waiting for feedback
Merging is blocked until sufficient time has passed for review
and removed
waiting for feedback
Merging is blocked until sufficient time has passed for review
labels
Apr 15, 2022
BrewTestBot
added
waiting for feedback
Merging is blocked until sufficient time has passed for review
and removed
waiting for feedback
Merging is blocked until sufficient time has passed for review
labels
Apr 17, 2022
MikeMcQuaid
reviewed
Apr 18, 2022
BrewTestBot
added
waiting for feedback
Merging is blocked until sufficient time has passed for review
and removed
waiting for feedback
Merging is blocked until sufficient time has passed for review
labels
Apr 18, 2022
MikeMcQuaid
approved these changes
Apr 18, 2022
Co-authored-by: Mike McQuaid <mike@mikemcquaid.com>
issyl0
force-pushed
the
add-code-scanning-workflow
branch
from
April 18, 2022 14:17
7221865
to
6dd6758
Compare
MikeMcQuaid
approved these changes
Apr 18, 2022
BrewTestBot
added
waiting for feedback
Merging is blocked until sufficient time has passed for review
and removed
waiting for feedback
Merging is blocked until sufficient time has passed for review
labels
Apr 18, 2022
Review period ended. |
BrewTestBot
approved these changes
Apr 18, 2022
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
brew style
with your changes locally?brew typecheck
with your changes locally?brew tests
with your changes locally?Library/Homebrew/vendor
as we can't fix problems within gems. :-)