Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setup Code Scanning? #189

Open
Sebanisu opened this issue Jul 11, 2021 · 0 comments
Open

Setup Code Scanning? #189

Sebanisu opened this issue Jul 11, 2021 · 0 comments
Labels
enhancement New feature or request

Comments

@Sebanisu
Copy link
Collaborator

Article

https://devblogs.microsoft.com/cppblog/code-scanning-with-github-actions/

Link to enable.

https://github.com/MaKiPL/OpenVIII-monogame/new/master?filename=.github%2Fworkflows%2Fcodeql-analysis.yml&workflow_template=codeql&code_scanning

Reason

This basically builds and scans the code for known security issues. You get a green check mark if it succeeds to build and finds no issues.
It emails you if build fails.

Example of my codeql-analysis.yml for CleanPNG

You'd need to setup the build script as autobuild won't work as our project is setup. It'd be similar to how CleanPNG is setup
https://github.com/Sebanisu/CleanPNG/blob/master/.github/workflows/codeql-analysis.yml
But you'd need to pass arguments to msbuild to tell it what to build as DirectX or windows only code shouldn't compile on linux. Default no arguments seems to build everything in sln.

I can set it up but it'd email you, each time I fail to do it correctly :P
@Sebanisu Sebanisu added the enhancement New feature or request label Jul 11, 2021
@Sebanisu Sebanisu mentioned this issue Nov 4, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Sebanisu