kibana

github-mirrors/kibana

Fork 0

mirror of https://github.com/elastic/kibana.git synced 2025-04-23 09:19:04 -04:00

Commit graph

Author	SHA1	Message	Date
Thomas Watson	da89dde7ac	[codeql] Do not run GitHub CodeQL Action on forks (#150974 ) It turned out that the CodeQL action also runs on forks which generate a lot of noise in the form of security e-mails to the owners of those forks.	2023-02-14 08:44:11 +01:00
Thomas Watson	4f37604524	Enable GitHub Code Scanning on the 7.17 branch (#150035 )	2023-02-01 17:00:50 +01:00
Thomas Watson	2b276a9dca	Enable GitHub Code Scanning (#148318 ) This enables [GitHub Code Scanning][1] to run on the `main` branch once a day. The result of the scans can be found under [Security > Code scanning][2]. Running the code scanner takes about two hours, so it's not feasible to run for every PR, and for now I think it's too much to run on every pushed commit to `main` as well. However, this can always be enabled later as needed. The scan is configured to ignore test files and dev-dependency packages hosted inside the Kibana repo. If these were included in the scan, it would take three hours instead of two and the report would include more noise taking focus away from the important findings affecting production. [1]: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning [2]: https://github.com/elastic/kibana/security/code-scanning	2023-01-27 04:03:16 -05:00

Author

SHA1

Message

Date

Thomas Watson

da89dde7ac

[codeql] Do not run GitHub CodeQL Action on forks (#150974 )

It turned out that the CodeQL action also runs on forks which generate a
lot of noise in the form of security e-mails to the owners of those
forks.

2023-02-14 08:44:11 +01:00

Thomas Watson

4f37604524

Enable GitHub Code Scanning on the 7.17 branch (#150035 )

2023-02-01 17:00:50 +01:00

Thomas Watson

2b276a9dca

Enable GitHub Code Scanning (#148318 )

This enables [GitHub Code Scanning][1] to run on the `main` branch once a day.
The result of the scans can be found under [Security > Code scanning][2].

Running the code scanner takes about two hours, so it's not feasible to
run for every PR, and for now I think it's too much to run on every
pushed commit to `main` as well. However, this can always be enabled
later as needed.

The scan is configured to ignore test files and dev-dependency packages
hosted inside the Kibana repo. If these were included in the scan, it
would take three hours instead of two and the report would include more
noise taking focus away from the important findings affecting
production.

[1]: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning
[2]: https://github.com/elastic/kibana/security/code-scanning

2023-01-27 04:03:16 -05:00

3 commits