workflows: add scorecard and codeql #1597
Conversation
|
CodeQL and scorecard, and scorecard badge tested on my private project. Dependabot badge didn't function in the private project, but copied the link from a functioning project. |
Codecov Report
@@ Coverage Diff @@
## main #1597 +/- ##
=======================================
Coverage 51.69% 51.69%
=======================================
Files 42 42
Lines 4869 4869
=======================================
Hits 2517 2517
Misses 2206 2206
Partials 146 146 📣 Codecov offers a browser extension for seamless coverage viewing on GitHub. Try it in Chrome or Firefox today! |
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
|
Hold this. I'll rewrite the structure so that it is more inline with the overall file structure. |
tkatila
force-pushed
the
workflow/scorecard-codeql
branch
from
89f8f26 to
ab4ca9b
Compare
Also add scorecard badge and fix CI/Devel badge Signed-off-by: Tuomas Katila <tuomas.katila@intel.com>
tkatila
force-pushed
the
workflow/scorecard-codeql
branch
from
ab4ca9b to
48a96cf
Compare
I couldn't find instructions for it. And it seems it might be broken at the moment: dependabot/dependabot-core#1912 |
Tweak token permissions and add scorecard badge.