Skip to content

[WIP] codeql workflow #4929

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
bowenliang123 wants to merge 1 commit into from
Closed

[WIP] codeql workflow #4929

bowenliang123 wants to merge 1 commit into from

Conversation

@bowenliang123
Copy link
Contributor

@bowenliang123 bowenliang123 commented Jun 6, 2023
edited
Loading

Why are the changes needed?

How was this patch tested?

  • Add some test cases that check the changes thoroughly including negative and positive cases if possible

  • Add screenshots for manual tests if appropriate

  • Run test locally before make a pull request

@github-actions github-actions bot added kind:infra license, community building, project builds, asf infra related, etc. module:rest-client labels Jun 6, 2023
@codecov-commenter
Copy link

codecov-commenter commented Jun 9, 2023
edited
Loading

Codecov Report

Merging #4929 (979c99f) into master (5f98539) will not change coverage.
The diff coverage is 0.00%.

@@          Coverage Diff           @@
##           master   #4929   +/-   ##
======================================
  Coverage    0.00%   0.00%           
======================================
  Files         563     563           
  Lines       30891   30893    +2     
  Branches     4030    4030           
======================================
- Misses      30891   30893    +2
Impacted Files Coverage Δ
.../java/org/apache/kyuubi/jdbc/KyuubiHiveDriver.java 0.00% <ø> (ø)
.../java/org/apache/kyuubi/client/RestClientConf.java 0.00% <0.00%> (ø)

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@bowenliang123
Copy link
Contributor Author

bowenliang123 commented Jun 9, 2023
edited
Loading

Discovered risks on this PR branch can be found at https://github.com/apache/kyuubi/security/code-scanning?query=pr%3A4929+tool%3ACodeQL+is%3Aopen .

image

@github-advanced-security
Copy link

github-advanced-security bot commented Jun 16, 2023

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@bowenliang123
Copy link
Contributor Author

bowenliang123 commented Jul 4, 2023
edited
Loading

Closed this PR.
Although the codeql action scans out a list of alerts of different levels for Java and Python codes, it doesn't alert the violations in newly added vulnerable Java code in this PR.

@bowenliang123 bowenliang123 deleted the codeql branch July 4, 2023 01:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

kind:infra license, community building, project builds, asf infra related, etc. module:ctl module:hive module:rest-client

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bowenliang123 @codecov-commenter