CodeQL Security Hotfix

[Wikid82]

No description provided.

[Copilot]

Pull request overview

This PR addresses a security concern by pinning the peter-evans/find-comment GitHub Action to a specific commit hash instead of using a version tag alone. This follows security best practices for supply chain verification by preventing potential tag manipulation attacks.

Changes:

• Updated the peter-evans/find-comment action reference to use a commit SHA alongside the version tag

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[codecov]

Codecov Report

❌ Patch coverage is 93.33333% with 1 line in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
...nternal/api/handlers/system_permissions_handler.go	93.33%	0 Missing and 1 partial ⚠️

📢 Thoughts on this report? Let us know!

[github-actions]

⚠️ Supply Chain Verification Results

⚠️ WARNING

📦 SBOM Summary

• Components: 1674

🔍 Vulnerability Scan

Severity	Count
🔴 Critical	0
🟠 High	1
🟡 Medium	9
🟢 Low	1
Total	11

📎 Artifacts

• SBOM (CycloneDX JSON) and Grype results available in workflow artifacts

---

_{Generated by Supply Chain Verification workflow • View Details}