Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ci: Add CodeQL analysis workflow for enhanced security scanning #265

Merged
merged 10 commits into from
Dec 23, 2024
Merged

ci: Add CodeQL analysis workflow for enhanced security scanning #265

merged 10 commits into from
Dec 23, 2024
+138 −6

Conversation

gto90
Copy link
Member

@gto90 gto90 commented Dec 22, 2024

Purpose

This PR adds a GitHub Actions workflow for CodeQL Advanced Security scanning to analyze our codebase for security vulnerabilities. The workflow:

  • Analyzes C++, Java-Kotlin, Python, and JavaScript code
  • Runs on push/PR to develop/master branches and weekly schedule
  • Uses manual build mode for C++ to ensure proper dependency installation
  • Uses appropriate build modes for other languages
  • Includes security-extended and security-and-quality query suites

The workflow helps identify potential security issues early in the development process through automated code scanning.

Testing done:

  • Verified C++ manual build steps match existing build process
  • Confirmed workflow triggers on PRs and pushes
  • Tested manual workflow dispatch
  • Validated CodeQL initialization and analysis steps

gto90 and others added 3 commits December 22, 2024 09:34
@gto90
ci: Add CodeQL analysis workflow for enhanced security scanning
65e9ed4 
## Purpose

This PR adds a GitHub Actions workflow for CodeQL Advanced Security scanning to analyze our codebase for security vulnerabilities. The workflow:

- Analyzes C++, Java-Kotlin, Python, and JavaScript code
- Runs on push/PR to develop/master branches and weekly schedule
- Uses manual build mode for C++ to ensure proper dependency installation
- Uses appropriate build modes for other languages
- Includes security-extended and security-and-quality query suites

The workflow helps identify potential security issues early in the development process through automated code scanning.

## Testing done:
- Verified C++ manual build steps match existing build process
- Confirmed workflow triggers on PRs and pushes
- Tested manual workflow dispatch
- Validated CodeQL initialization and analysis steps
@gto90
fix: Refactor CodeQL workflow for improved readability and add suppor…
24c748d 
…t for JavaScript/TypeScript analysis
@gto90
ci: Update CodeQL workflow schedule to run weekly on Sundays
a317cb5
@gto90 gto90 added the enhancement New feature or request label Dec 22, 2024
@gto90 gto90 self-assigned this Dec 22, 2024
JaredTate
JaredTate approved these changes Dec 23, 2024
View reviewed changes
Copy link

@JaredTate JaredTate left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cACK. Looks like a great addition. Thank you for working on this.

ycagel
ycagel approved these changes Dec 23, 2024
View reviewed changes
Copy link
Member

@ycagel ycagel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cACK. Great work @gto90!

@ycagel ycagel merged commit 21698e7 into develop Dec 23, 2024
7 checks passed
@gto90 gto90 deleted the feature/ci-enabled-codeql-advanced-configuration branch December 23, 2024 17:21
gto90 pushed a commit that referenced this pull request Jan 13, 2025
@fgabelmannjr
Revert "Merge pull request #265 from DigiByte-Core/feature/ci-enabled…
61be75a 
…-codeql-advanced-configuration"

This reverts commit 21698e7, reversing
changes made to bc393ec.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ycagel ycagel ycagel approved these changes

@JaredTate JaredTate JaredTate approved these changes

@digicontributer digicontributer Awaiting requested review from digicontributer

@SmartArray SmartArray Awaiting requested review from SmartArray

Assignees

@gto90 gto90

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@gto90 @JaredTate @ycagel