sora2-network icon indicating copy to clipboard operation
sora2-network copied to clipboard

Published 20 hours ago verified publisher icon sora-xor

[Tech]: suggestion to use GH Code Scanning for Clippy

Open Alexey-N-Chernyshov opened this issue 10 months ago • 0 comments

Problem statement

We can enhance work with cargo clippy if we use Github Code Scanning. It automates tracking of all findings and we can configure all the rules

Description

Use cargo clippy sarif addon to generate SARIF report with all findings and submit the report to GH Code Scanning. Then developers could see all the findings in Security tab. We can configure all the rules with branch and merge in GH. The approach mentioned above can be run in parallel with the current Jenkins workflow. More about GH Code Scanning.

Definition of Done

  1. GH action for cargo clippy and sarif upload in .github/worlflows/.
  2. GH Code Scanning is configured.

Requirements

No response

Alexey-N-Chernyshov avatar Oct 16 '23 11:10 Alexey-N-Chernyshov