Skip to content

feat(ci): add CodeQL security analysis workflow#6

Closed
williaby wants to merge 1 commit into
mainfrom
feat/add-codeql
Closed

feat(ci): add CodeQL security analysis workflow#6
williaby wants to merge 1 commit into
mainfrom
feat/add-codeql

Conversation

@williaby

@williaby williaby commented May 7, 2026

Copy link
Copy Markdown
Contributor

Adds CodeQL security analysis workflow. Part of standard security workflow set for python-package repos.

Adds CodeQL analysis for Python using the pinned action SHA
(v3.28.0). Runs on push/PR to main and weekly on Monday
mornings. Uses harden-runner for supply-chain hardening and
queries security-extended,security-and-quality.

GitHub's CodeQL default setup must remain disabled for this
repo so this workflow controls the scan configuration.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@coderabbitai

coderabbitai Bot commented May 7, 2026

Copy link
Copy Markdown

Warning

Rate limit exceeded

@williaby has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 39 minutes and 58 seconds before requesting another review.

You’ve run out of usage credits. Purchase more in the billing tab.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: ed8ad41c-c544-480d-8e67-298b0c18da8c

📥 Commits

Reviewing files that changed from the base of the PR and between 96483d1 and 3fe411b.

📒 Files selected for processing (1)
  • .github/workflows/codeql.yml
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch feat/add-codeql

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@sonarqubecloud

sonarqubecloud Bot commented May 7, 2026

Copy link
Copy Markdown

@williaby

Copy link
Copy Markdown
Contributor Author

Closing as redundant: CodeQL runs via the org reusable security-analysis workflow on PRs and main (Security Scan / CodeQL Analysis check), with the same python language matrix this standalone workflow defines. Repo-level CodeQL default setup was disabled 2026-06-10 in favor of that advanced config.

@williaby williaby closed this Jun 10, 2026
@williaby williaby deleted the feat/add-codeql branch June 10, 2026 13:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant