Skip to content

Create codeql.yml#1

Merged
Android-studio61 merged 1 commit into
mainfrom
Android-studio61-patch-1
May 8, 2026
Merged

Create codeql.yml#1
Android-studio61 merged 1 commit into
mainfrom
Android-studio61-patch-1

Conversation

@Android-studio61

@Android-studio61 Android-studio61 commented May 8, 2026
edited by coderabbitai Bot
Loading

Copy link
Copy Markdown
Owner

Summary by cubic

Add CodeQL scanning via a new GitHub Actions workflow to surface security issues on push, PRs to main, and a weekly schedule. Starts with actions analysis and is ready to expand to more languages.

  • New Features
    • Adds .github/workflows/codeql.yml using github/codeql-action v4 (init and analyze).
    • Triggers on push/PR to main and weekly cron.
    • Matrix set up for multiple languages; currently enables actions with build-mode: none.
    • Uses macos-latest only for Swift; otherwise ubuntu-latest.
    • Sets least-privilege permissions (security-events: write, packages: read, actions/contents: read).
    • Includes a placeholder step for manual build if needed later.

Written for commit 9a73426. Summary will update on new commits.

Summary by CodeRabbit

  • Chores
    • Added automated security scanning to the development pipeline via GitHub Actions, running on code changes to main, pull requests, and weekly schedules.

@cr-gpt

cr-gpt Bot commented May 8, 2026

Copy link
Copy Markdown

Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information

@gemini-code-assist

gemini-code-assist Bot commented May 8, 2026

Copy link
Copy Markdown

Note

Gemini is unable to generate a review for this pull request due to the file types involved not being currently supported.

@coderabbitai

coderabbitai Bot commented May 8, 2026
edited
Loading

Copy link
Copy Markdown

Review Change Stack

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 5eacbaf2-e286-4fbe-8b8b-23b0f129abc5

📥 Commits

Reviewing files that changed from the base of the PR and between caa8208 and 9a73426.

📒 Files selected for processing (1)
  • .github/workflows/codeql.yml

Disabled knowledge base sources:

  • Linear integration is disabled

You can enable these sources in your CodeRabbit configuration.

📝 Walkthrough

Walkthrough

This pull request introduces a new GitHub Actions workflow file that automates CodeQL static analysis scanning. The workflow triggers on main branch pushes, pull requests targeting main, and runs weekly. It configures per-language runner selection, initializes CodeQL, and executes security scanning with language-specific categorization.

Changes

CodeQL Advanced Workflow Setup

Layer / File(s) Summary
Workflow Triggers and Metadata
.github/workflows/codeql.yml		 Workflow named "CodeQL Advanced" runs on pushes to main, pull requests targeting main, and weekly at 3 AM UTC.
Job Configuration and Permissions
.github/workflows/codeql.yml		 Job analyze selects runners by language (macOS for Swift, Ubuntu otherwise), sets required permissions for security scanning and contents access, and defines language matrix with actions: build-mode: none.
Repository Setup and CodeQL Initialization
.github/workflows/codeql.yml		 Workflow steps check out the repository and initialize CodeQL using github/codeql-action/init@v4, with conditional exit if matrix includes manual build-mode.
CodeQL Analysis and Reporting
.github/workflows/codeql.yml		 Analysis step runs github/codeql-action/analyze@v4 with a category derived from the matrix language variable.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~5 minutes

Poem

🐰 A workflow so neat, with triggers so keen,
CodeQL scans with logic clean,
On pushes and PRs, it runs with grace,
Security scanning finds every trace! 🔍

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch Android-studio61-patch-1

Comment @coderabbitai help to get the list of available commands and usage tips.

@Android-studio61 Android-studio61 merged commit 4612827 into main May 8, 2026
3 of 6 checks passed
Android-studio61
Android-studio61 commented May 8, 2026
View reviewed changes

@Android-studio61 Android-studio61 left a comment

Copy link
Copy Markdown
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Android-studio61