Bug
The main-protection-rule repository ruleset requires CodeQL code scanning results before PRs can be merged:
{
"type": "code_scanning",
"parameters": {
"code_scanning_tools": [
{
"tool": "CodeQL",
"security_alerts_threshold": "high_or_higher",
"alerts_threshold": "errors"
}
]
}
}However, there is no CodeQL workflow in .github/workflows/. The existing workflows are:
build-and-test.ymllint.ymlrelease.ymlagent-restricted.ymlstrands-command.yml
Impact
All PRs targeting main are blocked from merging because GitHub is waiting for CodeQL results that will never be produced. For example, PR #314 has all checks passing but merge is blocked with:
Code scanning is waiting for results from CodeQL
Fix
Add a .github/workflows/codeql.yml that runs github/codeql-action for javascript-typescript on pushes to main and PRs targeting main.
Bug
The
main-protection-rulerepository ruleset requires CodeQL code scanning results before PRs can be merged:{ "type": "code_scanning", "parameters": { "code_scanning_tools": [ { "tool": "CodeQL", "security_alerts_threshold": "high_or_higher", "alerts_threshold": "errors" } ] } }However, there is no CodeQL workflow in
.github/workflows/. The existing workflows are:build-and-test.ymllint.ymlrelease.ymlagent-restricted.ymlstrands-command.ymlImpact
All PRs targeting
mainare blocked from merging because GitHub is waiting for CodeQL results that will never be produced. For example, PR #314 has all checks passing but merge is blocked with:Fix
Add a
.github/workflows/codeql.ymlthat runsgithub/codeql-actionforjavascript-typescripton pushes tomainand PRs targetingmain.