Skip to content

chore: Add CodeQL analysis workflow configuration#35

Merged
zouguangxian merged 1 commit intomainfrom
gx/enable-advanced-codeql
Mar 6, 2026
Merged

chore: Add CodeQL analysis workflow configuration#35
zouguangxian merged 1 commit intomainfrom
gx/enable-advanced-codeql

Conversation

@zouguangxian
Copy link
Collaborator

@zouguangxian zouguangxian commented Mar 6, 2026

No description provided.

@cursor
Copy link

cursor bot commented Mar 6, 2026
edited
Loading

PR Summary

Low Risk
Low risk: adds a new CI security scanning workflow without changing application/runtime code; main impact is additional GitHub Actions minutes and potential new code-scanning alerts.

Overview
Adds CodeQL code scanning via GitHub Actions. A new .github/workflows/codeql.yml workflow runs on pushes and PRs to main plus a weekly schedule, analyzing actions and rust with github/codeql-action and uploading results to GitHub Security tab.

Written by Cursor Bugbot for commit 0074bd0. This will update automatically on new commits. Configure here.

@socket-security
Copy link

socket-security bot commented Mar 6, 2026

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff Package Supply Chain
Security		 Vulnerability Quality Maintenance License
Addedgithub/​actions/​checkout@​34e114876b0b11c390a56381ad16ebd13914f8d5100100100100100

View full report

cursor[bot]
cursor bot reviewed Mar 6, 2026
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.

@zouguangxian zouguangxian merged commit 0f42855 into main Mar 6, 2026
16 checks passed
@zouguangxian zouguangxian deleted the gx/enable-advanced-codeql branch March 6, 2026 18:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@shankars99 shankars99 shankars99 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@zouguangxian @shankars99