feat: add codeql workflow for typescript #94
Conversation
|
Thank you for submitting your pull request! We'll review it as soon as possible. |
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
|
Tell me, @harmeetsingh11 what exactly this workflow does. Why did you create it? |
|
@PayalKumari10 This workflow uses CodeQL, GitHub's code analysis engine, to automate security checks in a It will be triggered by every push, commit, and pull request, the workflow continuously monitors the codebase to maintain high security and quality standards. It was created to proactively identify and flag potential security issues, particularly in environments with frequent code changes, thereby preventing the introduction of vulnerabilities and ensuring a robust and secure application. |
|
Thank you for the explanation, @harmeetsingh11. This CodeQL workflow for automated security checks in our TypeScript repository sounds great. It will help us maintain high security and quality standards by continuously monitoring for vulnerabilities. |
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
|
@Yeasir0032 please add |
Issue that this pull request solves
Closes: #87
Proposed changes
Files added
.github/workflows/codeql.ymlTo run this workflow you need to enable the following permission:
Types of changes
Checklist
@Yeasir0032 Please review this PR. After merging the PR, don't forget to add
gssoc24,levellabels and assign this PR to me, otherwise my points won't be added.Thanks