Skip to content

ci(security): add CodeQL static analysis#89

Closed
P4suta wants to merge 1 commit into
mainfrom
ci/codeql
Closed

ci(security): add CodeQL static analysis#89
P4suta wants to merge 1 commit into
mainfrom
ci/codeql

Conversation

@P4suta

@P4suta P4suta commented Jun 17, 2026

Copy link
Copy Markdown
Owner

What

Add a CodeQL workflow (languages: rust, build-mode: none, PR + push + weekly schedule).

Why

Completes ecosystem tooling-hygiene parity: aozora-proof already shipped CodeQL; this adds it to afm alongside aozora (#97) and aozora-tools (#24). Actions are SHA-pinned (# v…) per this repo's convention; Dependabot's github-actions ecosystem keeps them current.

🤖 Generated with Claude Code

@P4suta @claude
ci(security): add CodeQL static analysis (rust, build-mode none)
7ed3c3b 
Completes CodeQL parity across the ecosystem (aozora-proof already had it;
aozora #97 and aozora-tools #24 add it too). PR + push + weekly schedule,
scanning Rust with build-mode none. Actions SHA-pinned per this repo's
convention; Dependabot keeps them fresh.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@P4suta P4suta enabled auto-merge (squash) June 17, 2026 04:20
@P4suta

P4suta commented Jun 17, 2026

Copy link
Copy Markdown
Owner Author

Closing: afm already has CodeQL via GitHub default code-scanning setup (default-setup=configured). An advanced workflow conflicts with default setup and fails — redundant. No change needed.

@P4suta P4suta closed this Jun 17, 2026
auto-merge was automatically disabled June 17, 2026 04:23

Pull request was closed

@P4suta P4suta deleted the ci/codeql branch June 17, 2026 04:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@P4suta