Skip to content

Comments

Add CodeQL and lint workflows#3

Open
Suhaibinator wants to merge 5 commits intomainfrom
codex/enhance-github-actions-with-new-checks
Open

Add CodeQL and lint workflows#3
Suhaibinator wants to merge 5 commits intomainfrom
codex/enhance-github-actions-with-new-checks

Conversation

@Suhaibinator
Copy link
Owner

Summary

  • add golangci-lint workflow
  • add CodeQL code scanning workflow
  • show new workflow badges in the README

Testing

  • go test ./...

Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR integrates automated linting and security scanning into the CI pipeline and surfaces their status in the README.

  • Adds a lint.yaml workflow for running golangci-lint on pushes and PRs.
  • Adds a codeql.yml workflow for scheduled and PR-triggered CodeQL analysis.
  • Updates README.md with badges for the new workflows.

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

File Description
README.md Added Lint and CodeQL workflow badges and an extra blank line.
.github/workflows/lint.yaml Introduced a GitHub Actions workflow to run golangci-lint.
.github/workflows/codeql.yml Introduced a GitHub Actions CodeQL analysis workflow.

- name: Run golangci-lint
uses: golangci/golangci-lint-action@v3
with:
version: latest
Copy link

Copilot AI May 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nitpick] Pin the golangci-lint action to a specific release (e.g., v1.52.2) instead of using latest to avoid unexpected breaks when new versions are published.

Suggested change
version: latest
version: v1.52.2

Copilot uses AI. Check for mistakes.
golangci:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
Copy link

Copilot AI May 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider adding a cache step (using actions/cache) for the golangci-lint cache directory to speed up repeated runs of the lint workflow.

Copilot uses AI. Check for mistakes.
@@ -0,0 +1,33 @@
name: CodeQL
Copy link

Copilot AI May 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nitpick] The workflow file extensions are inconsistent (.yaml vs .yml). Standardizing on one extension can improve clarity and maintainability.

Copilot uses AI. Check for mistakes.
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@copilot open a new pull request to apply changes based on this feedback

…n permissions

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
Signed-off-by: Suhaibinator <42899065+Suhaibinator@users.noreply.github.com>
@Suhaibinator Suhaibinator requested a review from Copilot May 19, 2025 06:05
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds new CI workflows for CodeQL analysis and linting, along with updating the README to display new workflow badges.

  • Added golangci-lint workflow for Go linting
  • Added CodeQL workflow for code scanning and security analysis
  • Updated README with new badges indicating the status of these workflows

Reviewed Changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
README.md Added badges for lint and CodeQL workflows
.github/workflows/lint.yaml Created YAML workflow for golangci-lint execution
.github/workflows/codeql.yml Defined CodeQL workflow for code scanning and analysis

Copy link
Contributor

Copilot AI commented Nov 25, 2025

@Suhaibinator I've opened a new pull request, #6, to work on those changes. Once the pull request is ready, I'll request review from you.

Copilot AI and others added 2 commits November 25, 2025 10:02
Co-authored-by: Suhaibinator <42899065+Suhaibinator@users.noreply.github.com>
Standardize workflow file extensions to .yaml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants