Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: Set up Nightly static analysis pipeline in ADO #4589

Merged
merged 5 commits into from
Oct 30, 2020
Merged

chore: Set up Nightly static analysis pipeline in ADO #4589

merged 5 commits into from
Oct 30, 2020

Conversation

tonyanziano
Copy link
Contributor

[skip ci]

Description

This adds a new nightly pipeline that runs at midnight that uses CodeQL to analyze our code and upload it to the internal Microsoft LGTM service to assess security vulnerabilites.

This is related to this work item.

#minor

@coveralls
Copy link

coveralls commented Oct 29, 2020
edited
Loading

Coverage Status

Coverage remained the same at 55.086% when pulling 870dda9 on toanzian/lgtm into 8063ade on main.

@cwhitten cwhitten merged commit a0fd9db into main Oct 30, 2020
@cwhitten cwhitten deleted the toanzian/lgtm branch October 30, 2020 02:58
alanlong9278 added a commit to alanlong9278/BotFramework-Composer that referenced this pull request Nov 5, 2020
@alanlong9278
Merge branch 'settingsPage' into julong/publish-page
adc3543 
* settingsPage: (110 commits)
  code style
  update qna end point key after update qna subscription key
  handle comments
  handle comments
  chore: remove orchestrator (microsoft#4602)
  feat: taking control recognizer generation enhancements (microsoft#4549)
  chore: Set up Nightly static analysis pipeline in ADO (microsoft#4589)
  feature: show multi-skill project with correct link behavior (microsoft#4466)
  doc: guidelines/help-contents (microsoft#4354)
  Functions runtime: Revert to netcore3.0 for functions and make code more robust to functions variations (microsoft#4570)
  feat: Disable Connect to Skill menu action inside skill (microsoft#4557)
  fix (microsoft#4591)
  fix: Adds validation for form dialogs propery name (microsoft#4574)
  fix: update archive version in extensions/vacore (microsoft#4571)
  fix: e2e test (microsoft#4581)
  perf: avoid redraw when Project Tree selected item not changed (microsoft#4564)
  fix: security analysis failure due to bl package version (microsoft#4580)
  fix publish ut timeout (microsoft#4578)
  fix: Can not add properties in "SetProperties" action (microsoft#4572)
  ci: remove code scanning workflow (microsoft#4569)
  ...
@cwhitten cwhitten mentioned this pull request Nov 13, 2020
Merged
lei9444 pushed a commit to lei9444/BotFramework-Composer-1 that referenced this pull request Jun 15, 2021
@tonyanziano
chore: Set up Nightly static analysis pipeline in ADO (microsoft#4589)
667ffef 
* Set up CI with Azure Pipelines

[skip ci]

* Update azure-pipelines-static-analysis.yml for Azure Pipelines
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cwhitten cwhitten cwhitten approved these changes

@a-b-r-o-w-n a-b-r-o-w-n Awaiting requested review from a-b-r-o-w-n

@boydc2014 boydc2014 Awaiting requested review from boydc2014

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tonyanziano @coveralls @cwhitten