CodeQL
Regina Obe
lr at pcorp.us
Thu Feb 8 13:11:54 PST 2024
No issues from me
From: Paul Ramsey <pramsey at cleverelephant.ca>
Sent: Thursday, February 8, 2024 3:55 PM
To: PostGIS Development Discussion <postgis-devel at lists.osgeo.org>
Subject: CodeQL
Anyone have any objections to adding a static scanner to our GHA?
https://github.com/postgis/postgis/pull/759
We already have so many other bots I think it’s probably a good addition that makes things incrementally no worse, and we earn a few security points for it.
If it ends up too noisy with false positives (like codecov!) we can always just turn it off again.
P.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/postgis-devel/attachments/20240208/a840cb36/attachment.htm>
More information about the postgis-devel
mailing list