Skip to content

DECISION: Code Security vs CodeQL-only ruleset #365

Description

@seonghobae

osv-scan/trivy-fs/scorecard need 'Code Security' enabled to upload SARIF, but that conflicts with the org's CodeQL-only code_scanning ruleset (past auto-merge breakage). Decide: enable Code Security + reconcile ruleset (pg-llm-batch/inkspan public=free; keyverse private=needs GHAS seats) OR make these SARIF checks non-required.


Roadmap item — CWL Project #1 (naruon Platform Roadmap). Phase Decision · Component dot-github. Spec: ContextualWisdomLab/naruon#974 (docs/planning/naruon-platform-plan.md).

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    Status
    Todo

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions