explanation

ScilifelabDataCentre · Jan 9, 2023 · b13bb26 · b13bb26
1 parent d24d2cd
commit b13bb26
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 0 deletions.
diff --git a/.github/workflows/codeql-cli.yml b/.github/workflows/codeql-cli.yml
@@ -1,3 +1,13 @@
+# CodeQL analysis:
+# CodeQL is the analysis engine used by developers to automate security checks,
+# and by security researchers to perform variant analysis.
+# In CodeQL, code is treated like data. Security vulnerabilities, bugs,
+# and other errors are modeled as queries that can be executed against databases
+# extracted from code. You can run the standard CodeQL queries, written by GitHub
+# researchers and community contributors, or write your own to use in custom analyses.
+# Queries that find potential bugs highlight the result directly in the source file.
+# https://codeql.github.com/docs/codeql-overview/about-codeql/
+# ----------------------------------------------------------------------------
 # For most projects, this workflow file will not need changing; you simply need
 # to commit it to your repository.
 #

diff --git a/.github/workflows/trivy-cli.yml b/.github/workflows/trivy-cli.yml
@@ -1,3 +1,8 @@
+# Trivy:
+# Trivy (pronunciation) is a comprehensive and versatile security scanner.
+# Trivy has scanners that look for security issues, and targets where it can find those issues.
+# https://github.com/aquasecurity/trivy
+# ---------------------------------
 name: Trivy
 on:
   push: