Skip to content

Add dependency review job to code quality workflow#198

Merged
frasermolyneux merged 5 commits intomainfrom
feature/codeql
Feb 5, 2026
Merged

Add dependency review job to code quality workflow#198
frasermolyneux merged 5 commits intomainfrom
feature/codeql

Conversation

@frasermolyneux
Copy link
Owner

@frasermolyneux frasermolyneux commented Feb 5, 2026

This pull request adds a new job to the GitHub Actions workflow to automatically review dependencies on pull requests. This helps ensure that any new or updated dependencies are checked for security and compliance issues before merging.

CI/CD improvements:

  • .github/workflows/codequality.yml: Added a dependency-review job that runs on pull requests and uses the actions/dependency-review-action@v4 to automatically review dependency changes.

Copilot AI review requested due to automatic review settings February 5, 2026 16:21
Copilot AI reviewed Feb 5, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request adds a dependency review job to the GitHub Actions code quality workflow to automatically scan and review dependencies in pull requests for security and compliance issues.

Changes:

  • Added dependency-review job to the codequality.yml workflow that runs on pull requests using GitHub's dependency-review-action

Copilot AI review requested due to automatic review settings February 5, 2026 17:01
Copilot AI reviewed Feb 5, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

@frasermolyneux frasermolyneux enabled auto-merge (squash) February 5, 2026 17:25
Copilot AI review requested due to automatic review settings February 5, 2026 17:31
Copilot AI reviewed Feb 5, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 5, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-advanced-security
Copy link

github-advanced-security bot commented Feb 5, 2026

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@frasermolyneux frasermolyneux merged commit dff8b25 into main Feb 5, 2026
14 checks passed
@frasermolyneux frasermolyneux deleted the feature/codeql branch February 5, 2026 17:36
This was referenced Feb 20, 2026
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Closed
This was referenced Feb 20, 2026
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@frasermolyneux