Add CodeQL workflow for GitHub code scanning #350
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![lgtm-com[bot]](https://avatars.githubusercontent.com/in/17324?s=60&v=4){kind=small}
|
'This PR has been flagged as stale due to no activity for over 60 |
|
@arvidn thoughts? |
emlowe
approved these changes
Jun 15, 2023
wallentx
added a commit
that referenced
this pull request
Jun 20, 2023
* correct wheel matrix arch -> arm (#393) * Add in some small test cases (#394) * Add in some small test cases * minor update * test fixes * small test addition * Significantly speedup javascript bindings tasks by skipping libbls tests and benchmarks (#372) * Streamline the processes of building libbls, testing it, and creating the blspy wheels (#367) * Speedup the process of creating wheels by skipping the compiling and linking of libbls' tests and benchmarks. * We no longer need Windows-specific CMake version checking in setup.py. * We no longer need Windows-specific architecture flag passing in setup.py. * We no longer treat Windows in a special way w.r.t. compiling and linking in setup.py. * We no longer need Windows-specific preparations before starting the process of creating wheels. * We no longer need Windows-specific repairs after wheels creation. * We no longer need the relic_ietf_64 repository and its related tasks. Dedicated to @wjblanke * [Snyk] Upgrade karma-firefox-launcher from 1.3.0 to 2.1.2 (#382) Snyk has created this PR to upgrade karma-firefox-launcher from 1.3.0 to 2.1.2. See this package in npm: https://www.npmjs.com/package/karma-firefox-launcher See this project in Snyk: https://app.snyk.io/org/chia-network/project/e887fc45-cae4-47fc-931a-813664d517cd?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * Add CodeQL workflow for GitHub code scanning (#350) Co-authored-by: LGTM Migrator <[email protected]> * [Snyk] Upgrade typescript from 3.9.7 to 5.0.4 (#376) Snyk has created this PR to upgrade typescript from 3.9.7 to 5.0.4. See this package in npm: https://www.npmjs.com/package/typescript See this project in Snyk: https://app.snyk.io/org/chia-network/project/e887fc45-cae4-47fc-931a-813664d517cd?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * [Snyk] Upgrade @types/node from 11.15.18 to 20.1.5 (#377) Snyk has created this PR to upgrade @types/node from 11.15.18 to 20.1.5. See this package in npm: https://www.npmjs.com/package/@types/node See this project in Snyk: https://app.snyk.io/org/chia-network/project/e887fc45-cae4-47fc-931a-813664d517cd?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * [Snyk] Upgrade mime from 1.4.1 to 3.0.0 (#378) Snyk has created this PR to upgrade mime from 1.4.1 to 3.0.0. See this package in npm: https://www.npmjs.com/package/mime See this project in Snyk: https://app.snyk.io/org/chia-network/project/e887fc45-cae4-47fc-931a-813664d517cd?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> * [Snyk] Upgrade karma from 6.3.16 to 6.4.2 (#381) Snyk has created this PR to upgrade karma from 6.3.16 to 6.4.2. See this package in npm: https://www.npmjs.com/package/karma See this project in Snyk: https://app.snyk.io/org/chia-network/project/e887fc45-cae4-47fc-931a-813664d517cd?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> Co-authored-by: William Allen <[email protected]> * [Snyk] Upgrade webpack from 5.76.0 to 5.82.1 (#380) * fix: upgrade webpack from 5.76.0 to 5.82.1 Snyk has created this PR to upgrade webpack from 5.76.0 to 5.82.1. See this package in npm: https://www.npmjs.com/package/webpack See this project in Snyk: https://app.snyk.io/org/chia-network/project/e887fc45-cae4-47fc-931a-813664d517cd?utm_source=github&utm_medium=referral&page=upgrade-pr * Update package.json --------- Co-authored-by: snyk-bot <[email protected]> Co-authored-by: William Allen <[email protected]> * [Snyk] Upgrade @types/mocha from 5.2.7 to 10.0.1 (#379) Snyk has created this PR to upgrade @types/mocha from 5.2.7 to 10.0.1. See this package in npm: https://www.npmjs.com/package/@types/mocha See this project in Snyk: https://app.snyk.io/org/chia-network/project/e887fc45-cae4-47fc-931a-813664d517cd?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]> Co-authored-by: William Allen <[email protected]> * Update build-wheels.yml to add Windows pre processing back (#398) It looks like the windows steps are missing. * Update setup.py * integrate amine's cmake unification (#399) * pin windows blst clone * import setuptools * setuptools * revert * back to no changes * amine * remove gmp * add assembly * windows cmake * cmake syntax * avoid gcc flags on win * full name * Keeping pre-release logic and changes from known working builds --------- Co-authored-by: Kyle Altendorf <[email protected]> Co-authored-by: Amine Khaldi <[email protected]> Co-authored-by: ChiaAutomation <[email protected]> Co-authored-by: snyk-bot <[email protected]> Co-authored-by: lgtm-com[bot] <43144390+lgtm-com[bot]@users.noreply.github.com> Co-authored-by: LGTM Migrator <[email protected]> Co-authored-by: William Allen <[email protected]> Co-authored-by: Gene Hoffman <[email protected]> Co-authored-by: wjblanke <[email protected]> Co-authored-by: wallentx <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Hi
Chia-Network/bls-signatures!This is a one-off automatically generated pull request from LGTM.com 🤖. You might have heard that we’ve integrated LGTM’s underlying CodeQL analysis engine natively into GitHub. The result is GitHub code scanning!
With LGTM fully integrated into code scanning, we are focused on improving CodeQL within the native GitHub code scanning experience. In order to take advantage of current and future improvements to our analysis capabilities, we suggest you enable code scanning on your repository. Please take a look at our blog post for more information.
This pull request enables code scanning by adding an auto-generated
codeql.ymlworkflow file for GitHub Actions to your repository — take a look! We tested it before opening this pull request, so all should be working ✔️. In fact, you might already have seen some alerts appear on this pull request!Where needed and if possible, we’ve adjusted the configuration to the needs of your particular repository. But of course, you should feel free to tweak it further! Check this page for detailed documentation.
Questions? Check out the FAQ below!
FAQ
Click here to expand the FAQ section
How often will the code scanning analysis run?
By default, code scanning will trigger a scan with the CodeQL engine on the following events:
What will this cost?
Nothing! The CodeQL engine will run inside GitHub Actions, making use of your unlimited free compute minutes for public repositories.
What types of problems does CodeQL find?
The CodeQL engine that powers GitHub code scanning is the exact same engine that powers LGTM.com. The exact set of rules has been tweaked slightly, but you should see almost exactly the same types of alerts as you were used to on LGTM.com: we’ve enabled the
security-and-qualityquery suite for you.How do I upgrade my CodeQL engine?
No need! New versions of the CodeQL analysis are constantly deployed on GitHub.com; your repository will automatically benefit from the most recently released version.
The analysis doesn’t seem to be working
If you get an error in GitHub Actions that indicates that CodeQL wasn’t able to analyze your code, please follow the instructions here to debug the analysis.
How do I disable LGTM.com?
If you have LGTM’s automatic pull request analysis enabled, then you can follow these steps to disable the LGTM pull request analysis. You don’t actually need to remove your repository from LGTM.com; it will automatically be removed in the next few months as part of the deprecation of LGTM.com (more info here).
Which source code hosting platforms does code scanning support?
GitHub code scanning is deeply integrated within GitHub itself. If you’d like to scan source code that is hosted elsewhere, we suggest that you create a mirror of that code on GitHub.
How do I know this PR is legitimate?
This PR is filed by the official LGTM.com GitHub App, in line with the deprecation timeline that was announced on the official GitHub Blog. The proposed GitHub Action workflow uses the official open source GitHub CodeQL Action. If you have any other questions or concerns, please join the discussion here in the official GitHub community!
I have another question / how do I get in touch?
Please join the discussion here to ask further questions and send us suggestions!