Tried it out on a plugin I maintain. Seems to work. I suppose any results would appear in `/security/code-scanning` to repo admins only? Will the *Checks* tab of a PR or trunk commit always be green so long as scanning completed, even if there are violations?
The scan should pass `-ntp` to Maven builds—noisy. It is a bit slower than I expected too, though I suppose it does not matter much (still finishes before the Jenkins build). Nice work! -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CANfRfr1NowQFTiFsn6q0X9fXRZ1bFDBJjMP_d707XO4PRtXGRQ%40mail.gmail.com.
