github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-22 08:49:27 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/.github/codeql
History
Exact
Thomas Watson 2b276a9dca
Enable GitHub Code Scanning (#148318) 
This enables [GitHub Code Scanning][1] to run on the `main` branch once a day.
The result of the scans can be found under [Security > Code scanning][2].

Running the code scanner takes about two hours, so it's not feasible to
run for every PR, and for now I think it's too much to run on every
pushed commit to `main` as well. However, this can always be enabled
later as needed.

The scan is configured to ignore test files and dev-dependency packages
hosted inside the Kibana repo. If these were included in the scan, it
would take three hours instead of two and the report would include more
noise taking focus away from the important findings affecting
production.

[1]: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning
[2]: https://github.com/elastic/kibana/security/code-scanning
2023-01-27 04:03:16 -05:00
..
codeql-config.yml Enable GitHub Code Scanning (#148318) 2023-01-27 04:03:16 -05:00