Fix code issues found with automated code scanning
juarezr opened this issue · comments
Problem description
- I have enabled some code quality and code security scanning tools in the repository CI/CD actions.
- After running they found multiple issues and nitpicks about the code.
- As these checks aren't impeditive to PR workflow, It's possible to tackle the results:
- As needed
- as we have volunteers willing to work on it
For tackling this we must decide on one or more strategies like:
- Fixing each of the code issues found by the tools
- Configuring each tool according to the needs of the project
- Defining code quality rules that suit the scanning like:
- Code formatting
- Review rules
- Issue resolution rules
- Disabling some scanning and checks
Code scanning tools and results example
Full results are in the Security section of this repository.
CodeQL No new or fixed alerts
Code scanning results / Bandit (reported by Codacy) Successful in 1m — 206 new alerts, 196 fixes
Code scanning results / Checkov (reported by Codacy) Successful in 1m — 2 new alerts
Code scanning results / CodeQL Successful in 3s — No new or fixed alerts
Code scanning results / Jacksonlinter (reported by Codacy) Successful in 1m — 2 new alerts, 2 fixes
Code scanning results / Prospector (reported by Codacy) Successful in 1m — 1,909 new alerts, 1,352 fixes
Code scanning results / Pylint (reported by Codacy) Successful in 1m — 4,259 new alerts, 4,254 fixes
Code scanning results / Pylintpython3 (reported by Codacy) Successful in 1m — 3,765 new alerts, 3,793 fixes
Code scanning results / Remark-lint (reported by Codacy) Successful in 1m — 16 new alerts
Code scanning results / Spectral (reported by Codacy)