Enrico, The Muse App requires two main abilities. First is events, such as notification when pull requests are opened or updated. Second is permission to post comments (which is always possible for humans but more tightly controlled when the poster authenticates as a github application). The repository being public has allowed us to run the app and observe ErrorProne, Infer, and FindSecBugs all run out of the box and without custom configuration.
Cheers, Tom On Wed, Sep 23, 2020 at 6:35 AM Enrico Olivelli <eolive...@gmail.com> wrote: > Il Mer 23 Set 2020, 00:44 Tom DuBuisson <to...@muse.dev> ha scritto: > > > Zookeeper Developers, > > > > > > > > As part of our sponsorship of ApacheCon, our company MuseDev is doing a > Bug > > Bash for select Apache projects. We'll bring members of the ApacheCon > > community together to find and fix a range of security and performance > bugs > > during the conference, and gameify the experience with teams, a > > leaderboard, and prizes. The bash is open to everyone whether attending > the > > conference or not, and our whole dev team will also be participating to > > help fix as many bugs as we can. > > > > > > > > We're seeding the bug list with results from Muse, our code analysis > > platform, which runs as a Github App and comments on possible bugs as > part > > of the pull request workflow. Here's an example of what it looks like: > > > > https://github.com/curl/curl/pull/5971#discussion_r490252196 > > <https://github.com/curl/curl/pull/5971> > > > > > > > > We explored a number of Apache projects and are reaching out because our > > analysis through Muse found some interesting bugs that could be fixed > > during the Bash. > > > > > > > > We're writing to see if you'd be interested in having your project > included > > in the Bash. Everything is set up on our end, and if you're interested, > we > > would need you to say yes on this listserv, and we’ll work with the > Apache > > Infrastructure team to grant Muse access to your Github mirror. > > > It is a public repo, which kind of access does it need? > > Enrico > > > We'll then > > make sure it's all set-up and ready for the Bash. And of course, everyone > > on the project is most welcome to join the Bash and help us smash some > > bugs. > > > > > > -Tom > > >
