You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@roller.apache.org by Aditya Sharma <ad...@apache.org> on 2021/01/04 15:06:25 UTC

Re: Enable CodeQL scanning for the Roller repositories

Thanks Michael! This is done.

Thanks and Regards,
Aditya Sharma

On Fri, 2 Oct 2020 at 19:16, Michael Bien <mb...@gmail.com> wrote:

> this can't hurt
>
> +1 from me
>
> -michael
>
> On 02.10.20 15:11, Aditya Sharma wrote:
> > Hi team,
> >
> > I think we can enable the code scanning security feature for all the
> Roller
> > repositories available with GitHub that helps identifying security
> > vulnerabilities using CodeQL.
> >
> > https://github.com/apache/roller/security/code-scanning
> > https://securitylab.github.com/tools/codeql
> >
> > Citation from
> >
> https://www.infoworld.com/article/3453742/github-makes-codeql-free-for-research-and-open-source.html
> > :
> > *"CodeQL, a semantic code analysis engine and query tool for finding
> > security vulnerabilities across a codebase, has been made available for
> > free by GitHub for anyone to use in research or to analyze open source
> > code."*
> >
> > If no one is against it, I will move ahead with it.
> >
> > Thanks and Regards,
> > Aditya Sharma
> >
>
>