ci: Allowlist extra endpoints for Dependency Review and CodeQL actions#756
Conversation
Pr0methean
commented
Mar 29, 2026
Pr0methean
commented
- The PR title must conform to Conventional Commits and start with one of the types specified by the Angular convention.
|
Note Gemini is unable to generate a review for this pull request due to the file types involved not being currently supported. |
![amazon-q-developer[bot]](https://avatars.githubusercontent.com/in/1220912?s=60&v=4){kind=small}
There was a problem hiding this comment.
This PR adds necessary endpoint allowlists for Dependency Review and CodeQL actions, which is a good security practice. However, there are critical configuration errors that will cause the workflows to fail.
Critical Issues Found:
- Missing port numbers on newly added endpoints in both workflow files
- The Harden Runner action requires consistent port specification (
:443) for all HTTPS endpoints
Required Changes:
All three newly added endpoints need :443 port numbers appended to match the existing endpoint format and ensure the workflows function correctly.
You can now have the agent implement changes and create commits directly on your pull request's source branch. Simply comment with /q followed by your request in natural language to ask the agent to make changes.
Co-authored-by: amazon-q-developer[bot] <208079219+amazon-q-developer[bot]@users.noreply.github.com> Signed-off-by: Chris Hennick <4961925+Pr0methean@users.noreply.github.com>
Co-authored-by: amazon-q-developer[bot] <208079219+amazon-q-developer[bot]@users.noreply.github.com> Signed-off-by: Chris Hennick <4961925+Pr0methean@users.noreply.github.com>
1 participant
