ladybird/.github/workflows
Brian Gianforcaro f0bf723424 Meta: Enable CodeQL static analysis for Serenity
CodeQL is a static analysis technology that was purchased by GitHub
and has been tightly integrated into the platform. It's different
from most other static analysis solutions because it's based on a
database built from your codebase, and then language specific rules
can be executed against that database. The rules are fully user
extensible, and are written in a datalog/query language.

The default cpp language rules coming from CodeQL will probably find
some issues, the ability to easily write custom rules/queries will
lend it self nicely to allowing us to validate Serenity specific
semantics are followed throughout the code.

References:
- https://www.youtube.com/watch?v=AMzGorD28Ks
- https://securitylab.github.com/tools/codeql
2020-11-26 09:48:21 +01:00
..
cmake.yml Meta: Enable CodeQL static analysis for Serenity 2020-11-26 09:48:21 +01:00