Skip to content

add socket tier 1 reachability analysis#1972

Open
kanwalpreetd wants to merge 1 commit into
stellar:masterfrom
kanwalpreetd:master
Open

add socket tier 1 reachability analysis#1972
kanwalpreetd wants to merge 1 commit into
stellar:masterfrom
kanwalpreetd:master

Conversation

@kanwalpreetd

Copy link
Copy Markdown

Copilot AI review requested due to automatic review settings June 29, 2026 19:04

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new scheduled GitHub Actions workflow to run Socket’s reachability-based dependency vulnerability analysis for this repository, with a warning signal when Tier 1 reachability can’t be computed and the scan falls back to Tier 2.

Changes:

  • Introduces .github/workflows/socket-scan.yml to run socket scan create --reach on a weekly cron and via manual dispatch.
  • Captures scan output and emits a ::warning:: annotation when Tier 2 fallback markers are detected.
  • Configures Node tooling (setup-node + Corepack) and installs the Socket CLI before running the scan.

Comment on lines +37 to +39
# Force JS-based GitHub actions (actions/checkout, actions/setup-*, etc.) to
# use Node 24 instead of the soon-to-be-deprecated Node 20. Safe to remove
# after 2026-06-16 (when Node 24 becomes the default and this becomes a no-op).
Comment on lines +53 to +54
- name: Install Socket CLI
run: npm install -g socket
@anupsdf

anupsdf commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

We don't need socket scan for this repo since it only contains spec for our stack.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants