Skip to content

Feasibility and DR: use of CodeQL for VS Code #5180

New issue
New issue
Closed
Closed
Feasibility and DR: use of CodeQL for VS Code#5180
Assignees
kiran98118
Labels
Complexity: MediumFeature: Code Alertsready for dev leadIssues that tech leads or merge team members need to follow up onrole: back end/devOpsTasks for back-end developerssize: 1ptCan be done in 4-6 hours
Milestone
08. Team workflow
@roslynwythe

Description

@roslynwythe
roslynwythe
opened on Aug 10, 2023

Overview

We should consider whether to adopt the policy that developers should install the "CodeQL for VS Code" extension. Currently the default branch of the repository is scanned weekly and the changed files in each Pull Request are scanned, however there are advantages to recieving alerts prior to initiating the Pull Request process.

Action Items

  • Become familiar with the repository level CodeQL scanning implemented in codeql-implementation #4886
  • Consider whether HfLA developers should install the CodeQL for VS Code extension.
  • We are currently in the process of moving the old wiki to the new website-wiki repo, so we will not be making any changes or additions to the old wiki at this time. Thus, we will be adding wiki content through a different process now. Read How to Contribute to the Wiki
  • Following the instruction in How to Contribute to the Wiki, write a draft DR with your recommendation in a comment in this issue.
  • Move this issue to Questions/In Review and add the ready for dev lead label.

Resources/Instructions

Metadata

Metadata

Assignees

Labels

Complexity: MediumFeature: Code Alertsready for dev leadIssues that tech leads or merge team members need to follow up onrole: back end/devOpsTasks for back-end developerssize: 1ptCan be done in 4-6 hours

Type

No type

Projects

P: HfLA Website: Project Board

Status

Done

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions