Skip to content

Add codeql to scan codes#11836

Merged
kezhenxu94 merged 2 commits intodevfrom
codeql
Sep 11, 2022
Merged

Add codeql to scan codes#11836
kezhenxu94 merged 2 commits intodevfrom
codeql

Conversation

@kezhenxu94
Copy link
Member

@kezhenxu94 kezhenxu94 commented Sep 7, 2022

No description provided.

@kezhenxu94 kezhenxu94 requested a review from SbloodyS as a code owner September 7, 2022 12:10
@codecov-commenter
Copy link

codecov-commenter commented Sep 7, 2022
edited
Loading

Codecov Report

Merging #11836 (8aca255) into dev (d0d481d) will decrease coverage by 0.98%.
The diff coverage is n/a.

@@             Coverage Diff              @@
##                dev   #11836      +/-   ##
============================================
- Coverage     39.60%   38.62%   -0.99%     
+ Complexity     4692     4035     -657     
============================================
  Files          1014      992      -22     
  Lines         37936    36547    -1389     
  Branches       4244     4258      +14     
============================================
- Hits          15026    14115     -911     
+ Misses        21303    20808     -495     
- Partials       1607     1624      +17
Impacted Files Coverage Δ
...ache/dolphinscheduler/dao/entity/K8sNamespace.java 18.18% <0.00%> (-57.23%) ⬇️
...a/org/apache/dolphinscheduler/dao/entity/User.java 18.18% <0.00%> (-55.96%) ⬇️
...e/dolphinscheduler/dao/entity/AlertSendStatus.java 0.00% <0.00%> (-55.89%) ⬇️
...apache/dolphinscheduler/dao/entity/DataSource.java 18.18% <0.00%> (-54.99%) ⬇️
...lphinscheduler/dao/entity/ProcessTaskRelation.java 8.00% <0.00%> (-54.50%) ⬇️
...g/apache/dolphinscheduler/dao/entity/Resource.java 0.00% <0.00%> (-48.24%) ⬇️
...he/dolphinscheduler/dao/entity/TaskGroupQueue.java 20.00% <0.00%> (-46.04%) ⬇️
...apache/dolphinscheduler/dao/entity/AlertGroup.java 4.00% <0.00%> (-44.94%) ⬇️
...olphinscheduler/dao/entity/ProcessInstanceMap.java 0.00% <0.00%> (-41.94%) ⬇️
...scheduler/api/dto/resources/ResourceComponent.java 31.25% <0.00%> (-41.48%) ⬇️
... and 82 more

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@SbloodyS SbloodyS added this to the 3.1.0 milestone Sep 8, 2022
@caishunfeng
Copy link
Contributor

caishunfeng commented Sep 8, 2022

Great 👍

@sonarqubecloud
Copy link

sonarqubecloud bot commented Sep 9, 2022

SonarCloud Quality Gate failed.    Quality Gate failed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 38 Code Smells

20.6% 20.6% Coverage
8.7% 8.7% Duplication

caishunfeng
caishunfeng approved these changes Sep 11, 2022
View reviewed changes
Copy link
Contributor

@caishunfeng caishunfeng left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@kezhenxu94
Copy link
Member Author

kezhenxu94 commented Sep 11, 2022

We should pay more attention to future PRs that breaks the CodeQL analysis, it indeed unveils some possible vulnerabilities of the codes

@kezhenxu94 kezhenxu94 merged commit c3a8dd5 into dev Sep 11, 2022
@kezhenxu94 kezhenxu94 deleted the codeql branch September 11, 2022 07:31
@caishunfeng caishunfeng removed this from the 3.1.0 milestone Sep 19, 2022
xdu-chenrj pushed a commit to xdu-chenrj/dolphinscheduler that referenced this pull request Oct 13, 2022
@kezhenxu94 @xdu-chenrj
Add codeql to scan codes (apache#11836)
22120ac
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@caishunfeng caishunfeng caishunfeng approved these changes

@SbloodyS SbloodyS Awaiting requested review from SbloodyS SbloodyS is a code owner

Assignees

@kezhenxu94 kezhenxu94

Labels

CI&CD

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@kezhenxu94 @codecov-commenter @caishunfeng @SbloodyS