Skip to content

ci: add CodeQL analysis workflow configuration #834

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
fadi-george merged 4 commits into from
Dec 22, 2025
Merged

ci: add CodeQL analysis workflow configuration #834

fadi-george merged 4 commits into from
Dec 22, 2025

Conversation

@fadi-george
Copy link
Collaborator

@fadi-george fadi-george commented Dec 22, 2025
edited by niels-s
Loading

Description

One Line Summary

  • adds code quality workflow action

Details

  • adds code quality workflow action

Motivation

  • want to update the sdk repos to have dependabot, secret scanning, and code quality checks

Affected code checklist

  • Notifications
    • Display
    • Open
    • Push Processing
    • Confirm Deliveries
  • Outcomes
  • Sessions
  • In-App Messaging
  • REST API requests
  • Public API changes

Checklist

Overview

  • I have filled out all REQUIRED sections above
  • PR does one thing
    • If it is hard to explain how any codes changes are related to each other then it most likely needs to be more than one PR
  • Any Public API changes are explained in the PR details and conform to existing APIs

Testing

  • I have included test coverage for these changes, or explained why they are not needed
  • All automated tests pass, or I explained why that is not possible
  • I have personally tested this on my device, or explained why that is not possible

Final pass

  • Code is as readable as possible.
    • Simplify with less code, followed by splitting up code into well named functions and variables, followed by adding comments to the code.
  • I have reviewed this PR myself, ensuring it meets each checklist item
    • WIP (Work In Progress) is ok, but explain what is still in progress and what you would like feedback on. Start the PR title with "WIP" to indicate this.

This change is Reviewable

@github-advanced-security
Copy link

github-advanced-security bot commented Dec 22, 2025

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@fadi-george fadi-george changed the title Add CodeQL analysis workflow configuration ci: add CodeQL analysis workflow configuration Dec 22, 2025
sherwinski
sherwinski approved these changes Dec 22, 2025
View reviewed changes
.github/workflows/codeql.yml Outdated
Comment on lines 1 to 11
# For most projects, this workflow file will not need changing; you simply need
# to commit it to your repository.
#
# You may wish to alter this file to override the set of languages analyzed,
# or to provide custom queries or build logic.
#
# ******** NOTE ********
# We have attempted to detect the languages in your repository. Please check
# the `language` matrix defined below to confirm you have the correct set of
# supported CodeQL languages.
#
Copy link
Contributor

@sherwinski sherwinski Dec 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: remove these extra comments

Copy link
Collaborator Author

@fadi-george fadi-george Dec 22, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sherwinski removed most of the extra comments

@fadi-george fadi-george merged commit c2140ed into main Dec 22, 2025
4 checks passed
@fadi-george fadi-george deleted the fadi-george-patch-1 branch December 22, 2025 23:32
fadi-george added a commit that referenced this pull request Dec 23, 2025
@fadi-george
ci: add CodeQL analysis workflow configuration (#834)
d8d2cb4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sherwinski sherwinski sherwinski approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@fadi-george @sherwinski