Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Lint] Wrap-up lint adding #127

Closed
titaiwangms opened this issue Sep 22, 2022 · 0 comments · Fixed by #132
Closed

[Lint] Wrap-up lint adding #127

titaiwangms opened this issue Sep 22, 2022 · 0 comments · Fixed by #132
Assignees
@titaiwangms

Comments

@titaiwangms
Copy link
Contributor

titaiwangms commented Sep 22, 2022
edited
Loading

  1. Permission of thrid-party Github action checkers

Suggested by Justin:
>We should consider limiting the github token's permission for this job:
>https://docs.github.com/en/actions/security-guides/automatic-token-authentication#example-1-passing-the-github_token-as-an-input
>https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

  1. Add .bat version of auto-formatter
  2. Silent GitHub Code Scanning / CodeQL for now
@titaiwangms titaiwangms mentioned this issue Sep 22, 2022
Merged
@titaiwangms titaiwangms changed the title limit the permission of CI third-party check [Lint] Wrap-up lint adding Sep 23, 2022
@titaiwangms titaiwangms self-assigned this Sep 23, 2022
@titaiwangms titaiwangms mentioned this issue Sep 26, 2022
Merged
titaiwangms added a commit that referenced this issue Sep 28, 2022
@titaiwangms @justinchuby
[Lint] Add bat version and lint CI permission (#132)
05778ce 
1. Add bat version linter for Windows user
2. Add permission setting for third-party actions in lint.yaml to limit
their access
3. Did some research and discussed with @justinchuby, CodeQL **only
hints on the modified file in a PR**, and the error/warning/note are all
informative, and aligned with pylint/mypy which are included in out
lint, so I suggest we can have it for a while, and see how it goes.
(However, disable one or few rules that we don't need in CodeQL seems
doable in the next release:
github/codeql#7937)

fixes #127

Co-authored-by: Justin Chu <justinchuby@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@titaiwangms titaiwangms

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Lint] Add bat version and lint CI permission
1 participant
@titaiwangms