Delete unused code-analysis script (#55421)

huntie · meta-codesync[bot] · commit 19305299bd26 · 2026-02-05T10:02:20.000-08:00
Summary: Pull Request resolved: #55421 Deletes the largely unused `analyze_code`/`code-analysis-bot` script, which was part of our earlier CircleCI infra. **Motivation** - **Security**: Removes another use of a `GITHUB_TOKEN` env var being loaded into a script in our CI (similar to S603729). - **Cleanup**: This script attempted to read various lint job results (including google-java-format, which is no longer present), and post a GitHub PR comment for >5 issues. In a GitHub Actions world, we don't really need this functionality. **Other changes** - The `yarn shellcheck` run from this script was load bearing, and is moved directly into the `lint` action. Changelog: [Internal] Reviewed By: cipolleschi Differential Revision: D92407627 fbshipit-source-id: ef5664a273ad4aac721dbb53de73f2b96b47d75b
diff --git a/.github/actions/lint/action.yml b/.github/actions/lint/action.yml
@@ -5,9 +5,6 @@ inputs:
     description: "The node.js version to use"
     required: false
     default: "22"
-  github-token:
-    description: "The GitHub token used by pull-bot"
-    required: true
 runs:
   using: composite
   steps:
@@ -17,12 +14,9 @@ runs:
         node-version: ${{ inputs.node-version }}
     - name: Run yarn install
       uses: ./.github/actions/yarn-install
-    - name: Run linters against modified files (analysis-bot)
+    - name: Run shellcheck
       shell: bash
-      run: yarn lint-ci
-      env:
-        GITHUB_TOKEN: ${{ inputs.github-token }}
-        GITHUB_PR_NUMBER: ${{ github.event.number }}
+      run: yarn shellcheck
     - name: Lint code
       shell: bash
       run: ./.github/workflow-scripts/exec_swallow_error.sh yarn lint --format junit -o ./reports/junit/eslint/results.xml
diff --git a/.github/workflow-scripts/analyze_code.sh b/.github/workflow-scripts/analyze_code.sh
diff --git a/.github/workflows/test-all.yml b/.github/workflows/test-all.yml
@@ -511,8 +511,6 @@ jobs:
         uses: actions/checkout@v6
       - name: Run all the linters
         uses: ./.github/actions/lint
-        with:
-          github-token: ${{ env.GH_TOKEN }}
 
   build_debugger_shell:
     runs-on: ubuntu-latest
diff --git a/package.json b/package.json
@@ -17,7 +17,6 @@
     "format": "npm run prettier && npm run clang-format",
     "featureflags": "yarn --cwd packages/react-native featureflags",
     "js-api-diff": "node ./scripts/js-api/diff-api-snapshot",
-    "lint-ci": "./.github/workflow-scripts/analyze_code.sh && yarn shellcheck",
     "lint-kotlin-check": "./gradlew ktfmtCheck",
     "lint-kotlin": "./gradlew ktfmtFormat",
     "lint-markdown": "markdownlint-cli2 2>&1",
diff --git a/private/react-native-bots/README.md b/private/react-native-bots/README.md
@@ -12,15 +12,3 @@ So, for example:
 cd private/react-native-bots && yarn
 DANGER_GITHUB_API_TOKEN=ghp_<REDACTED> yarn danger pr https://github.com/facebook/react-native/pull/1234
 ```
-
-## Code Analysis Bot
-
-The code analysis bot provides lint and other results as inline reviews on GitHub. It runs as part of the Circle CI analysis workflow.
-
-If you want to test changes to the Code Analysis Bot, I'd recommend checking out an existing PR and then running the `analyze pr` command.
-You'll need a GitHub token. You can re-use this one: `312d354b5c36f082cfe9` `07973d757026bdd9f196` (just remove the space).
-So, for example:
-
-```
-GITHUB_TOKEN=[ENV_ABOVE] GITHUB_PR_NUMBER=1234 yarn lint-ci
-```
diff --git a/private/react-native-bots/code-analysis-bot.js b/private/react-native-bots/code-analysis-bot.js
