sentry-native
sentry-native copied to clipboard
getsentry
Setup CodeQL
Sets up CodeQL to run on pull requests targeting master, merges to master, and weekly.
Another NOTE: we don’t depend really depend on "external dependencies", so it might not be necessary to run this on a weekly cadance.
a couple of things I noticed:
- we need recursive submodules on checkout, as we need to pull in breakpad/crashpad
- please take a look at our normal CI job to install the required system dependencies (curl, etc)
Otherwise it does look like this autobuild tool tried to invoke our cmake build system, which is great, I wonder how far it can get on its own.
Either way, we do have a couple of compile-time options, not sure which permutations of those we need to build/test. At least we should use breakpad/crashpad/inproc.
Thanks for the feedback! I'll go through the build docs and adjust the build step as necessary. 😄
Another NOTE: we don’t depend really depend on "external dependencies", so it might not be necessary to run this on a weekly cadance.
For here, the weekly cadence is more so used as a way to scan with updated-detections/rules on risky code patterns that may have been published after our last merge.
This issue has gone three weeks without activity. In another week, I will close it.
But! If you comment or otherwise update it, I will reset the clock, and if you remove the label Waiting for: Community, I will leave it alone ... forever!
"A weed is but an unloved flower." ― Ella Wheeler Wilcox 🥀
![getsantry[bot] avatar](https://avatars.githubusercontent.com/in/66573?v=4 "Published by a pub.dev verified publisher"){kind=small}