umoci Create codeql-analysis.yml

Add CodeQL scanning for umoci to try it out!

Signed-off-by: Chris Aniszczyk [email protected]

Jun 25 '20 19:06 caniszczyk

You need to add a Signed-off-by: line to your commit(s) which indicates that you attest the Developer Certificate of Origin a statement about your contributions that you must read before signing (don't worry, it's quite short and easy-to-read). You can add it to your commits with git commit --amend -s, and then doing a git push --force.

NOTE: This is a saved reply. Sorry if it reads as a cookie-cutter response, it was written so that newcomers understand what a "DCO" is and make the process for contributing a little less scary.

Jun 25 '20 22:06 cyphar

ah jfc, I will fix that

On Thu, Jun 25, 2020 at 5:07 PM Aleksa Sarai [email protected] wrote:

You need to add a Signed-off-by: line to your commit(s) which indicates that you attest the Developer Certificate of Origin https://developercertificate.org/ a statement about your contributions that you must read before signing (don't worry, it's quite short and easy-to-read). You can add it to your commits with git commit --amend -s, and then doing a git push --force.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/opencontainers/umoci/pull/333#issuecomment-649841823, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAPSIM2LKS5UKF57RQI7E3RYPDBZANCNFSM4OIVDN6Q .

-- Cheers,

Chris Aniszczyk http://aniszczyk.org +1 512 961 6719

Jun 25 '20 22:06 caniszczyk

@cyphar this is what I get from using the github ui to add code scanning tools to the build

Jun 25 '20 22:06 caniszczyk

LGTM.

Jun 26 '20 09:06 cyphar