From: "Ni, Ray" <ray.ni@intel.com>
To: "mikuback@linux.microsoft.com" <mikuback@linux.microsoft.com>
Cc: "Kinney, Michael D" <michael.d.kinney@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Subject: Re: [edk2-devel] [RFC] Adoption of CodeQL in edk2
Date: Fri, 30 Sep 2022 02:53:52 +0000 [thread overview]
Message-ID: <MWHPR11MB16314143A15E711C80784B218C569@MWHPR11MB1631.namprd11.prod.outlook.com> (raw)
In-Reply-To: <CO1PR11MB4929EB9BEADCF000CCC0FEF0D2569@CO1PR11MB4929.namprd11.prod.outlook.com>
[-- Attachment #1: Type: text/plain, Size: 1621 bytes --]
Multiplication result converted to larger type · Code scanning alert #66 · tianocore/edk2 (github.com)<https://github.com/tianocore/edk2/security/code-scanning/66>
Michael, I do not think above issue is a real issue. Will them be required to fix before enabling te CodeQL?
From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Michael D Kinney
Sent: Friday, September 30, 2022 9:03 AM
To: devel@edk2.groups.io; mikuback@linux.microsoft.com; Kinney, Michael D <michael.d.kinney@intel.com>
Subject: Re: [edk2-devel] [RFC] Adoption of CodeQL in edk2
I just want to reiterate. If there are no concerns or objections raised by Oct 4, then the
CodeQL static analysis will be phased into use in the edk2 repo and there will be code
changes made to address the issues identified by COdeQL and all future code changes
after a CodeQL check is enabled will be blocked until the CodeQL CI checks pass.
This will impact all future code changes and all developers will have to learn how to
interpret CodeQL reports and fix issues.
Thanks,
Mike
From: devel@edk2.groups.io<mailto:devel@edk2.groups.io> <devel@edk2.groups.io<mailto:devel@edk2.groups.io>> On Behalf Of Michael Kubacki
Sent: Thursday, September 29, 2022 5:05 PM
To: Michael Kubacki <mikuback@linux.microsoft.com<mailto:mikuback@linux.microsoft.com>>; devel@edk2.groups.io<mailto:devel@edk2.groups.io>
Subject: Re: [edk2-devel] [RFC] Adoption of CodeQL in edk2
If there's any further feedback on this RFC, please respond by Tuesday, October 4th. We plan to start implementing the changes later in the week.
Thanks,
Michael
[-- Attachment #2: Type: text/html, Size: 4793 bytes --]
next prev parent reply other threads:[~2022-09-30 2:53 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-23 22:18 [RFC] Adoption of CodeQL in edk2 Michael Kubacki
2022-09-30 0:05 ` [edk2-devel] " Michael Kubacki
2022-09-30 1:02 ` Michael D Kinney
2022-09-30 2:53 ` Ni, Ray [this message]
2022-10-03 14:19 ` Michael Kubacki
2022-09-30 6:33 ` 回复: " gaoliming
2022-10-03 14:29 ` Michael Kubacki
2022-10-08 1:26 ` 回复: " gaoliming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=MWHPR11MB16314143A15E711C80784B218C569@MWHPR11MB1631.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox