Open
Description
Proposal
We are already using go linters and also CodeQL for detecting code smells and potential code vulnerabilities. Semgrep is another interesting tool that can help us with this job as it has some interesting rules that we can extend.
- Introduce analyser https://github.com/kedacore/keda/blob/main/.github/workflows/static-analysis.yml#L55 🤞
- Update docs https://github.com/kedacore/keda/blob/main/SECURITY.md?plain=1#L25
- Fix alerts
Use-Case
No response
Anything else?
No response
Metadata
Metadata
Assignees
Type
Projects
Status
To Do