From 55ce5e7bfae8b586feaec978b84e6a5953363de0 Mon Sep 17 00:00:00 2001
From: Legends11 <235496468+tickwarden@users.noreply.github.com>
Date: Mon, 25 May 2026 21:41:30 +0300
Subject: [PATCH] Delete .github/workflows/pr-security-scan.yml

---
 .github/workflows/pr-security-scan.yml | 92 --------------------------
 1 file changed, 92 deletions(-)
 delete mode 100644 .github/workflows/pr-security-scan.yml

diff --git a/.github/workflows/pr-security-scan.yml b/.github/workflows/pr-security-scan.yml
deleted file mode 100644
index 222843c..0000000
--- a/.github/workflows/pr-security-scan.yml
+++ /dev/null
@@ -1,92 +0,0 @@
-name: PR Security Scan
-on:
-  pull_request:
-    types: [opened, synchronize, reopened]
-permissions:
-  contents: read
-  pull-requests: write
-env:
-  FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: "true"
-jobs:
-  scan:
-    name: Scan PR for malicious patterns
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout PR branch
-        uses: actions/checkout@v6
-        with:
-          fetch-depth: 0
-
-      - name: Get changed files
-        id: changed
-        run: |
-          git fetch origin ${{ github.base_ref }} --depth=1
-          CHANGED=$(git diff --name-only origin/${{ github.base_ref }}...HEAD)
-          echo "Changed files:"
-          echo "$CHANGED"
-          echo "files<<EOF" >> $GITHUB_OUTPUT
-          echo "$CHANGED" >> $GITHUB_OUTPUT
-          echo "EOF" >> $GITHUB_OUTPUT
-
-      - name: Check if PR author is org admin
-        id: admin_check
-        uses: actions/github-script@v8
-        with:
-          script: |
-            const { data: membership } = await github.rest.orgs.getMembershipForUser({
-              org: context.repo.owner,
-              username: context.payload.pull_request.user.login,
-            }).catch(() => ({ data: { role: 'member' } }));
-            const isAdmin = membership.role === 'admin';
-            core.setOutput('is_admin', isAdmin ? 'true' : 'false');
-
-      - name: Security scan — mcfunction
-        id: mcf_scan
-        env:
-          CHANGED_FILES: ${{ steps.changed.outputs.files }}
-          PR_AUTHOR_IS_ADMIN: ${{ steps.admin_check.outputs.is_admin }}
-        run: python3 .github/scripts/pr_security_scan.py
-
-      - name: Post scan results as PR comment
-        if: always() && steps.mcf_scan.outcome != 'skipped'
-        uses: actions/github-script@v8
-        with:
-          script: |
-            const fs = require('fs');
-            const reportPath = '/tmp/scan_report.md';
-            if (!fs.existsSync(reportPath)) {
-              console.log('No issues found — skipping comment.');
-              return;
-            }
-            const body = fs.readFileSync(reportPath, 'utf8');
-            const { data: comments } = await github.rest.issues.listComments({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: context.issue.number,
-            });
-            const existing = comments.find(c =>
-              c.user.login === 'github-actions[bot]' &&
-              c.body.includes('PR Security Scan')
-            );
-            if (existing) {
-              await github.rest.issues.updateComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                comment_id: existing.id,
-                body,
-              });
-            } else {
-              await github.rest.issues.createComment({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                issue_number: context.issue.number,
-                body,
-              });
-            }
-
-      - name: Fail on CRITICAL or HIGH findings
-        if: steps.mcf_scan.outcome == 'failure'
-        run: |
-          echo "PR blocked: CRITICAL or HIGH severity findings detected."
-          echo "Review the scan report above before merging."
-          exit 1