Skip to content

Add CodeQL workflow for vulnerability scanning#159

Merged
thelovekesh merged 7 commits intotrywpm:mainfrom
AmarYasser1:add-codeql-workflow
Jan 22, 2026
Merged

Add CodeQL workflow for vulnerability scanning#159
thelovekesh merged 7 commits intotrywpm:mainfrom
AmarYasser1:add-codeql-workflow

Conversation

@AmarYasser1
Copy link
Contributor

@AmarYasser1 AmarYasser1 commented Jan 22, 2026

This PR adds a GitHub Actions CodeQL workflow to automatically
scan the CLI codebase for known security vulnerabilities
on push and pull requests.

  • Uses the official GitHub CodeQL action
  • Scans Go code based on the version in go.mod
  • Includes concurrency handling to prevent multiple runs

Closes #158

@gemini-code-assist
Copy link

gemini-code-assist bot commented Jan 22, 2026

Note

Gemini is unable to generate a summary for this pull request due to the file types involved not being currently supported.

thelovekesh
thelovekesh reviewed Jan 22, 2026
View reviewed changes
Copy link
Collaborator

@thelovekesh thelovekesh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

need to fix few things, rest looks good.

@github-advanced-security
Copy link

github-advanced-security bot commented Jan 22, 2026

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

thelovekesh
thelovekesh reviewed Jan 22, 2026
View reviewed changes
@thelovekesh
Copy link
Collaborator

thelovekesh commented Jan 22, 2026

just there. 2 more comment to address and we are good.

thelovekesh
thelovekesh reviewed Jan 22, 2026
View reviewed changes
thelovekesh
thelovekesh reviewed Jan 22, 2026
View reviewed changes
thelovekesh
thelovekesh reviewed Jan 22, 2026
View reviewed changes
@thelovekesh thelovekesh merged commit 5ae18d0 into trywpm:main Jan 22, 2026
@thelovekesh
Copy link
Collaborator

thelovekesh commented Jan 22, 2026

thanks @AmarYasser1. pr is merged 🎉

@AmarYasser1
Copy link
Contributor Author

AmarYasser1 commented Jan 22, 2026

@thelovekesh Thanks a lot! Happy to contribute.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thelovekesh thelovekesh thelovekesh left review comments

Assignees

No one assigned

Labels

infrastructure

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add CodeQL

2 participants

@AmarYasser1 @thelovekesh