Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Added Github workflow for running security code scans through CodeQL.
The scan results will be visible under the Security tab, once a scan is complete.
I am thinking we could run the analysis job periodically (once every Sunday) on master, but can also provide ability to be triggered manually (as per current config). It takes around 3-4 hours to run since CodeQL needs a fresh build to perform the analysis.
The scan as per current config will be performed on 4 builds with gcc and clang for current and next protocol versions. This PR won't run the scan until merged (since workflow config specifies it can only run on master once merged), but a preview of the scan job can be seen here in a fork
Checklist
clang-format
v8.0.0 (viamake format
or the Visual Studio extension)