Skip to content

Latest commit

 

History

History
39 lines (23 loc) · 2.74 KB

File metadata and controls

39 lines (23 loc) · 2.74 KB

Repository Configuration

This section guides you on how this repository was setup

Managing the automatic deletion of branches

You can have head branches automatically deleted after pull requests are merged in your repository.

See steps

Configuring Dependabot security updates

You can use Dependabot security updates or manual pull requests to easily update vulnerable dependencies.

See steps

See configuration

Code Analysis/Scanning

Integrating repository with SonarCloud

SonarCloud is a cloud-based code analysis service designed to detect coding issues in 26 different programming languages. By integrating directly with your CI pipeline or one of our supported DevOps platforms, your code is checked against an extensive set of rules that cover many attributes of code, such as maintainability, reliability, and security issues on each merge/pull request.

See steps

See workflow

See scan results

Integrating repository with CodeCov

Codecov is the all-in-one code coverage reporting solution for any test suite — giving developers actionable insights to deploy reliable code with confidence. Trusted by over 29,000 organizations.

GitHub Integration

Configuring repository for GitHub CodeQL

CodeQL is the analysis engine used by developers to automate security checks, and by security researchers to perform variant analysis.

In CodeQL, code is treated like data. Security vulnerabilities, bugs, and other errors are modeled as queries that can be executed against databases extracted from code. You can run the standard CodeQL queries, written by GitHub researchers and community contributors, or write your own to use in custom analyses. Queries that find potential bugs highlight the result directly in the source file.

See steps

See scan results