Skip to content

ci: CodeQL workflow missing, blocking all PR merges #315

New issue
New issue
Closed
#316
Closed
ci: CodeQL workflow missing, blocking all PR merges#315
#316
Assignees
notgitika
@notgitika

Description

@notgitika
notgitika
opened on Feb 14, 2026

Bug

The main-protection-rule repository ruleset requires CodeQL code scanning results before PRs can be merged:

{
  "type": "code_scanning",
  "parameters": {
    "code_scanning_tools": [
      {
        "tool": "CodeQL",
        "security_alerts_threshold": "high_or_higher",
        "alerts_threshold": "errors"
      }
    ]
  }
}

However, there is no CodeQL workflow in .github/workflows/. The existing workflows are:

  • build-and-test.yml
  • lint.yml
  • release.yml
  • agent-restricted.yml
  • strands-command.yml

Impact

All PRs targeting main are blocked from merging because GitHub is waiting for CodeQL results that will never be produced. For example, PR #314 has all checks passing but merge is blocked with:

Code scanning is waiting for results from CodeQL

Fix

Add a .github/workflows/codeql.yml that runs github/codeql-action for javascript-typescript on pushes to main and PRs targeting main.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions