Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Migrate to CodeQL #221

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

Migrate to CodeQL #221

wants to merge 5 commits into from

Conversation

yutafujiiPP
Copy link
Contributor

@yutafujiiPP yutafujiiPP commented Mar 31, 2023
edited
Loading

According to the article, we should migrate from LTGM.com to CodeQL.
https://github.blog/2022-08-15-the-next-step-for-lgtm-com-github-code-scanning/

therefore come to announce the plan for the gradual deprecation of LGTM.com. We will do our best to help migrate repositories that actively use LGTM.com to flag potential security issues in their pull requests. For those repositories, we will create pull requests that add a GitHub Actions workflow that runs code scanning.

The PR was actually created by them, but we can't merge due to weird PR check status. Anyways, as we already have a Github Action for CI checks, let's add CodeQR to it.

Example of the result of this change:
https://github.com/paypay/paypayopa-sdk-java/actions/runs/4572688018

All Submissions:

  • Have you followed the guidelines in our Contributing document?
  • Have you read and signed the automated Contributor's License Agreement?
  • Have you checked to ensure there aren't other open Pull Requests for the same update/change?

New Feature Submissions:

  1. Does your submission pass tests?
  2. Have you lint your code locally prior to submission?

Changes to Core Features:

  • Have you added an explanation of what your changes do and why you'd like us to include them?
  • Have you written new tests for your core changes, as applicable?
  • Have you successfully ran tests with your changes locally?

@github-advanced-security
Copy link

You have successfully added a new CodeQL configuration .github/workflows/build-ci.yml:code-ql. As part of the setup process, we have scanned this repository and found 1 existing alert. Please check the repository Security tab to see all alerts.

@blackduck-copilot
Copy link

Black Duck Security Report

Merging #221 into master will not change security risk.

Added Components

Clean: 21

Removed Components

Clean: 9

Click here to see full report

@codeclimate
Copy link

codeclimate bot commented Mar 31, 2023
edited
Loading

Code Climate has analyzed commit f48a8e9 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (5% is the threshold).

This pull request will bring the total coverage in the repository to 86.4% (0.0% change).

View more on Code Climate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hommah hommah hommah approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yutafujiiPP @hommah