Skip to content

Add CodeQL security analysis for TypeScript #417

Closed
#488
Closed
Add CodeQL security analysis for TypeScript#417
#488
Labels
Stellar WaveIssues in the Stellar wave programdevopsCI/CD, Docker, infrasecurityAuth, JWT, signing
@ritik4ever

Description

@ritik4ever
ritik4ever
opened on May 26, 2026

Problem

No static security analysis exists on the codebase.

Scope

Add a GitHub Actions CodeQL workflow for TypeScript scanning.

Acceptance criteria

  • Scans javascript language on push to main and PRs
  • Alerts in Security tab
  • No high/critical alerts on baseline scan
  • Documented in SECURITY.md

Complexity: Easy · 75 points

Metadata

Metadata

Assignees

No one assigned

    Labels

    Stellar WaveIssues in the Stellar wave programdevopsCI/CD, Docker, infrasecurityAuth, JWT, signing

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions