Feature request
To improve add-ons security, the source code should be analized using automated tools to detect vulnerabilities, as @Adriani90 suggested in this discussion about security for add-ons.
Suggestions
Existing GitHub Actions to use CodeQl maybe used, unzipping the add-on source code after creating the pull request when an add-on is submitted.
This requires that add-ons include the source code in the binary file.
The CodeQl action shouldn't be configured just for Python, since add-ons may include other languages, like Rust, used by @LeonarddeR in RD Access, or readFeeds, used by me in readFeeds, just to point out some examples.
Feature request
To improve add-ons security, the source code should be analized using automated tools to detect vulnerabilities, as @Adriani90 suggested in this discussion about security for add-ons.
Suggestions
Existing GitHub Actions to use CodeQl maybe used, unzipping the add-on source code after creating the pull request when an add-on is submitted.
This requires that add-ons include the source code in the binary file.
The CodeQl action shouldn't be configured just for Python, since add-ons may include other languages, like Rust, used by @LeonarddeR in RD Access, or readFeeds, used by me in readFeeds, just to point out some examples.