Skip to content

Add custom workflow for CodeQL Analysis #659

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
navyakhurana wants to merge 5 commits into from
Closed

Add custom workflow for CodeQL Analysis #659

navyakhurana wants to merge 5 commits into from

Conversation

@navyakhurana
Copy link
Contributor

@navyakhurana navyakhurana commented Nov 6, 2025

Changes

  • Branch-Specific Execution
    Runs exclusively on main and dev branches for:

    • Push events
    • Pull requests targeting these branches

  • JavaScript / TypeScript & GitHub Actions Analysis
    Expands coverage to include both application code and workflow definitions.

  • Comprehensive Security Scanning
    Uses both security-extended and security-and-quality query suites for deeper vulnerability detection and maintainability insights.

  • Scheduled Analysis
    Automatically runs every Monday at 06:00 AM UTC to proactively catch new issues.

  • Optimized Build Process

    • Uses Node.js 18 with npm caching for faster builds
    • Installs dependencies using npm ci for reproducible environments
    • Utilizes CodeQL Autobuild for automatic compilation

  • Post-Action Steps Added

    • Post CodeQL Analysis: Performs completion checks and cleanup
    • Post Initialize CodeQL: Ensures database integrity and proper setup
    • Post Checkout Repository: Logs verification summary with branch, commit, and language details

  • Proper Permissions
    Configured with only the required permissions for reading code and writing security events.

Who should review your contribution? (Use @mention)

@cernus76

Checklist before submitting

  • My commits are only for the reference architecture mentioned above.
  • I have followed the folder structure in the main README

@navyakhurana navyakhurana added enhancement New feature or request ready for review This need to be reviewed labels Nov 6, 2025
@github-actions
Copy link

github-actions bot commented Nov 6, 2025

Preview website is available here.

@github-actions
Copy link

github-actions bot commented Nov 6, 2025

Preview website is available here.

1 similar comment
@github-actions
Copy link

github-actions bot commented Nov 6, 2025

Preview website is available here.

@navyakhurana navyakhurana added do not merge and removed ready for review This need to be reviewed labels Nov 6, 2025
@github-actions
Copy link

github-actions bot commented Nov 6, 2025

Preview website is available here.

1 similar comment
@github-actions
Copy link

github-actions bot commented Nov 6, 2025

Preview website is available here.

@cernus76 cernus76 deleted the codeql-workflow branch January 30, 2026 12:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jmsrpp jmsrpp Awaiting requested review from jmsrpp jmsrpp is a code owner

@cernus76 cernus76 Awaiting requested review from cernus76 cernus76 is a code owner

Assignees

No one assigned

Labels

do not merge enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@navyakhurana