Skip to content

Fix scan issues#2202

Merged
chensuyue merged 5 commits into
mainfrom
ze-fix/scan-cont
Aug 15, 2025
Merged

Fix scan issues#2202
chensuyue merged 5 commits into
mainfrom
ze-fix/scan-cont

Conversation

@ZePan110
Copy link
Copy Markdown
Collaborator

@ZePan110 ZePan110 commented Aug 15, 2025
edited
Loading

Description

Fix scan issues

Issues

List the issue or RFC link this PR is working on. If there is no such link, please mark it as n/a.

Type of change

List the type of change like below. Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds new functionality)
  • Breaking change (fix or feature that would break existing design and interface)
  • Others (enhancement, documentation, validation, etc.)

Dependencies

List the newly introduced 3rd party dependency if exists.

Tests

nightly-docker-build-publish.yml
https://github.com/opea-project/GenAIExamples/actions/runs/16981292565
pr-code-scan.yml
https://github.com/opea-project/GenAIExamples/actions/runs/16981250289
pr-link-path-scan.yml
https://github.com/opea-project/GenAIExamples/actions/runs/16981250300
daily-update-vllm-version.yml
https://github.com/opea-project/GenAIExamples/actions/runs/16981340575/job/48141680539
manual-example-workflow.yml
https://github.com/opea-project/GenAIExamples/actions/runs/16981386837
manual-image-build.yml
https://github.com/opea-project/GenAIExamples/actions/runs/16981416514

@ZePan110
Fix scan issues
7cb6d00 
Signed-off-by: ZePan110 <ze.pan@intel.com>
Copilot AI review requested due to automatic review settings August 15, 2025 02:02
@ZePan110 ZePan110 requested a review from chensuyue as a code owner August 15, 2025 02:02
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Aug 15, 2025
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues found.

Scanned Files

None

Copilot AI reviewed Aug 15, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR addresses scan-related issues in GitHub workflow files by standardizing permission configurations and environment variable usage. The changes appear to be security and best practice improvements to GitHub Actions workflows.

Key changes:

  • Refactored environment variable usage in hyperlink and path validation workflows
  • Adjusted GitHub Actions permissions across multiple workflow files
  • Moved job-level permissions to workflow-level where appropriate

Reviewed Changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
.github/workflows/pr-link-path-scan.yml Moved inline GitHub context variables to environment variables for better security
.github/workflows/pr-code-scan.yml Changed security-events permission from write to read
.github/workflows/nightly-docker-build-publish.yml Removed packages write permission
.github/workflows/manual-image-build.yml Removed multiple unnecessary permissions (checks, deployments, packages, statuses)
.github/workflows/manual-example-workflow.yml Removed multiple unnecessary permissions (checks, deployments, packages, statuses)
.github/workflows/daily_check_issue_and_pr.yml Moved permissions from job level to workflow level
.github/workflows/daily-update-vllm-version.yml Moved permissions from job level to workflow level

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

Comment thread .github/workflows/pr-code-scan.yml
@ZePan110
test
41f80d3 
Signed-off-by: ZePan110 <ze.pan@intel.com>
pre-commit-ci Bot and others added 3 commits August 15, 2025 02:13
@pre-commit-ci
[pre-commit.ci] auto fixes from pre-commit.com hooks
1dbf3c2 
for more information, see https://pre-commit.ci
@ZePan110
Fix issue and remove test code
9988855 
Signed-off-by: ZePan110 <ze.pan@intel.com>
@ZePan110
Merge branch 'ze-fix/scan-cont' of https://github.com/opea-project/Ge…
28a8bb3 
…nAIExamples into ze-fix/scan-cont

Signed-off-by: ZePan110 <ze.pan@intel.com>
@chensuyue chensuyue merged commit b314f7f into main Aug 15, 2025
29 of 40 checks passed
@chensuyue chensuyue deleted the ze-fix/scan-cont branch August 15, 2025 15:07
cogniware-devops pushed a commit to Cogniware-Inc/GenAIExamples that referenced this pull request Dec 19, 2025
@ZePan110 @cogniware-devops
Fix scan issues (opea-project#2202)
d6beb57 
Signed-off-by: ZePan110 <ze.pan@intel.com>
Signed-off-by: cogniware-devops <ambarish.desai@cogniware.ai>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@chensuyue chensuyue chensuyue approved these changes

@lvliang-intel lvliang-intel lvliang-intel approved these changes

@yao531441 yao531441 Awaiting requested review from yao531441

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@ZePan110 @chensuyue @lvliang-intel