Skip to content

chore: add CodeQL Advanced security scanning workflow#535

Open
Prachig-Microsoft wants to merge 3 commits intodevfrom
psl-codequality
Open

chore: add CodeQL Advanced security scanning workflow#535
Prachig-Microsoft wants to merge 3 commits intodevfrom
psl-codequality

Conversation

@Prachig-Microsoft
Copy link
Copy Markdown

@Prachig-Microsoft Prachig-Microsoft commented Apr 10, 2026
edited
Loading

Purpose

This pull request introduces a new GitHub Actions workflow for CodeQL analysis, enabling automated security and code quality scanning for both JavaScript/TypeScript and Python code in the repository. The workflow is triggered on pushes, pull requests, and a weekly schedule, targeting relevant source and test files.

Security and Code Analysis Automation:

  • Added a .github/workflows/codeql.yml workflow that runs CodeQL analysis for javascript-typescript and python using GitHub Actions, with triggers on push, pull request, and a scheduled weekly run.
  • Configured the workflow to only analyze changes in relevant source and test file paths, optimizing performance and relevance.
  • Set up the workflow matrix to support both languages with a no-build mode, and included documentation for extending to other languages or custom build steps if needed.

Does this introduce a breaking change?

  • Yes
  • No

Golden Path Validation

  • I have tested the primary workflows (the "golden path") to ensure they function correctly without errors.

Deployment Validation

  • I have validated the deployment process successfully and all services are running as expected with this change.

What to Check

Verify that the following are valid

  • ...

Other Information

@Prachig-Microsoft Prachig-Microsoft changed the title chore : add CodeQL Advanced security scanning workflow chore: add CodeQL Advanced security scanning workflow Apr 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Avijit-Microsoft Avijit-Microsoft Awaiting requested review from Avijit-Microsoft Avijit-Microsoft is a code owner

@Roopan-Microsoft Roopan-Microsoft Awaiting requested review from Roopan-Microsoft Roopan-Microsoft is a code owner

@Prajwal-Microsoft Prajwal-Microsoft Awaiting requested review from Prajwal-Microsoft Prajwal-Microsoft is a code owner

@Vinay-Microsoft Vinay-Microsoft Awaiting requested review from Vinay-Microsoft Vinay-Microsoft is a code owner

@aniaroramsft aniaroramsft Awaiting requested review from aniaroramsft aniaroramsft is a code owner

@toherman-msft toherman-msft Awaiting requested review from toherman-msft toherman-msft is a code owner

@nchandhi nchandhi Awaiting requested review from nchandhi nchandhi is a code owner

@dgp10801 dgp10801 Awaiting requested review from dgp10801 dgp10801 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Prachig-Microsoft