Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: add clippy results to GitHub code scans #9318

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Commits on Oct 2, 2024

  1. ci: add clippy results to GitHub code scans

    In the past, we've overlooked clippy warnings that get lost in the CI
    build logs. This change would collect all of those warnings, put them in
    [SARIF] form, and list them in GitHub's code scanning view. I recently
    added this to `ittapi` and it looks like this: [Code Scanning]. This
    means warnings and errors will show up on the security tab as a
    notification; the UI allows one to dismiss the warnings. There might be
    some integration with PRs but I haven't experimented with that.
    
    I configured this to also run periodically (every Tuesday night); we can
    remove that if we only want commits to `main`, e.g. If we do adopt this,
    we should think about what to do with the `clippy` job in
    `main.yml`--does it stay or go?
    
    [SARIF]: https://sarifweb.azurewebsites.net
    [Code Scanning]: https://github.com/intel/ittapi/security/code-scanning?query=branch%3Amaster+
    abrown committed Oct 2, 2024
    Configuration menu
    Copy the full SHA
    42dbcfc View commit details
    Browse the repository at this point in the history
  2. Configuration menu
    Copy the full SHA
    671f0cc View commit details
    Browse the repository at this point in the history