Actually sorry, that's just the dependabot alerts, but we should set
these up as well. To enable code scanning, you can see how it was done
for CXF here:
https://github.com/apache/cxf/tree/master/.github
Colm.
On Thu, Dec 9, 2021 at 3:56 PM Colm O hEigeartaigh wrote:
>
> We can enable GitHub co
We can enable GitHub code scanning just by filing an INFRA ticket,
e.g. https://issues.apache.org/jira/browse/INFRA-22348
Colm.
On Wed, Dec 8, 2021 at 11:55 AM Otavio Rodolfo Piske
wrote:
>
> BTW, it seems that Apache has a SonarCloud account [1] [2].
> SonarCloud/SonarQube is not listed there,
