Skip to content

ci: add codeql workflow#1699

Merged
meteorlxy merged 5 commits into
mainfrom
codeql
May 8, 2026
Merged

ci: add codeql workflow#1699
meteorlxy merged 5 commits into
mainfrom
codeql

Conversation

@Mister-Hope
Copy link
Copy Markdown
Member

@Mister-Hope Mister-Hope commented May 8, 2026

No description provided.

Copilot AI review requested due to automatic review settings May 8, 2026 03:18
@github-advanced-security
Copy link
Copy Markdown

github-advanced-security AI commented May 8, 2026

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

@coveralls
Copy link
Copy Markdown

coveralls commented May 8, 2026
edited
Loading

Coverage Report for CI Build 25540770561

Coverage remained the same at 73.756%

Details

  • Coverage remained the same as the base build.
  • Patch coverage: No coverable lines changed in this PR.
  • No coverage regressions found.

Uncovered Changes

No uncovered changes found.

Coverage Regressions

No coverage regressions found.

Coverage Stats

Coverage Status
Relevant Lines: 1034
Covered Lines: 760
Line Coverage: 73.5%
Relevant Branches: 513
Covered Branches: 381
Branch Coverage: 74.27%
Branches in Coverage %: Yes
Coverage Strength: 44.63 hits per line
💛 - Coveralls

Copilot AI reviewed May 8, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a GitHub Actions workflow to run GitHub CodeQL “Advanced” analysis on pushes, PRs, and a weekly schedule, covering both GitHub Actions and JavaScript/TypeScript code in this repository.

Changes:

  • Introduces a new .github/workflows/codeql.yml workflow triggered on push, pull_request, and a weekly cron.
  • Configures a matrix to analyze actions and javascript-typescript with build-mode: none.
  • Uploads CodeQL results via github/codeql-action/analyze.
Comments suppressed due to low confidence (1)

.github/workflows/codeql.yml:45

  • github/codeql-action/init@v4 and github/codeql-action/analyze@v4 are newer than the versions used in most CodeQL examples and may not exist/resolve. If you’re not intentionally targeting a new major, consider pinning to an established major version (and keep init/analyze on the same major).
        uses: github/codeql-action/analyze@v4
        with:
          category: '/language:${{matrix.language}}'

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@meteorlxy meteorlxy changed the title ci: add codeql ci: add codeql workflow May 8, 2026
@meteorlxy meteorlxy merged commit 281703e into main May 8, 2026
17 checks passed
@meteorlxy meteorlxy deleted the codeql branch May 8, 2026 06:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@meteorlxy meteorlxy meteorlxy approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@Mister-Hope @github-advanced-security @coveralls @meteorlxy