Skip to content

Enable CodeQL scanning#695

Merged
tekton-robot merged 2 commits intomainfrom
wlynch-codeql
Mar 21, 2023
Merged

Enable CodeQL scanning#695
tekton-robot merged 2 commits intomainfrom
wlynch-codeql

Conversation

@wlynch
Copy link
Member

@wlynch wlynch commented Jan 29, 2023

Changes

Submitter Checklist

As the author of this PR, please check off the items in this checklist:

  • Has Docs included if any changes are user facing
  • Has Tests included if any functionality added or changed
  • Follows the commit message standard
  • Meets the Tekton contributor standards (including
    functionality, content, code)
  • Release notes block below has been updated with any user facing changes (API changes, bug fixes, changes requiring upgrade notices or deprecation warnings)
  • Release notes contains the string "action required" if the change requires additional action from users switching to the new release

Release Notes

NONE

@tekton-robot tekton-robot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Jan 29, 2023
lcarva
lcarva reviewed Jan 30, 2023
View reviewed changes
Copy link
Contributor

@lcarva lcarva left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see this check detected two failures under third_party. Should we configure it to ignore that path?

@tekton-robot tekton-robot added size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Feb 13, 2023
@wlynch
Copy link
Member Author

wlynch commented Feb 13, 2023

I see this check detected two failures under third_party. Should we configure it to ignore that path?

There didn't seem to be an easy way to ignore the path for Go :(

Looking at this directory though, it seems very stale since we don't have any automation ensuring this stays up to date. AFAICT the top level licenses and source code (for things like MPL) are already included vendor, so I don't see a good reason to keep this around - removed!

@wlynch
Copy link
Member Author

wlynch commented Feb 13, 2023

/hold We need to tweak how we're handling licenses for publishing. This will need a bit more work. >_>

@tekton-robot tekton-robot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 13, 2023
@wlynch
Copy link
Member Author

wlynch commented Feb 13, 2023

jk we tar up the entire vendor folder as part of releases - we're good to go!

/hold cancel

@tekton-robot tekton-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 13, 2023
lcarva
lcarva approved these changes Mar 7, 2023
View reviewed changes
Copy link
Contributor

@lcarva lcarva left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@tekton-robot tekton-robot added lgtm Indicates that a PR is ready to be merged. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Mar 7, 2023
@tekton-robot tekton-robot removed the lgtm Indicates that a PR is ready to be merged. label Mar 21, 2023
wlynch and others added 2 commits March 21, 2023 09:59
@wlynch
Copy link
Member Author

wlynch commented Mar 21, 2023

@lcarva rebased to fix the test failures. needs another lgtm! 🙏

lcarva
lcarva approved these changes Mar 21, 2023
View reviewed changes
Copy link
Contributor

@lcarva lcarva left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

-88,828 loc, very nice!

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Mar 21, 2023
@tekton-robot
Copy link

tekton-robot commented Mar 21, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: lcarva

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot merged commit eb7cc9f into main Mar 21, 2023
@wlynch wlynch mentioned this pull request Mar 21, 2023
Closed
@dibyom dibyom deleted the wlynch-codeql branch March 21, 2023 17:09
@dibyom dibyom restored the wlynch-codeql branch March 21, 2023 17:10
@wlynch wlynch mentioned this pull request May 4, 2023
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lcarva lcarva lcarva approved these changes

@chuangw6 chuangw6 Awaiting requested review from chuangw6

@priyawadhwa priyawadhwa Awaiting requested review from priyawadhwa

Assignees

@lcarva lcarva

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@wlynch @tekton-robot @lcarva