Skip to content

add socket tier 1 reachability analysis#53

Open
kanwalpreetd wants to merge 2 commits into
stellar:mainfrom
kanwalpreetd:main
Open

add socket tier 1 reachability analysis#53
kanwalpreetd wants to merge 2 commits into
stellar:mainfrom
kanwalpreetd:main

Conversation

@kanwalpreetd

Copy link
Copy Markdown
Contributor

Copilot AI review requested due to automatic review settings June 12, 2026 14:21
@github-project-automation github-project-automation Bot moved this to Backlog (Not Ready) in DevX Jun 12, 2026

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 4b57a67b22

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

# annotation that GitHub Actions renders as a yellow run-level
# warning without failing the job.
set +e
socket scan create --reach \

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Associate scans with the real repo and branch

When this scheduled workflow runs without an existing socket.json/socket.yml (checked the repo and none is present), this command does not pass --repo, --branch, or --default-branch, so Socket records the scan under its documented defaults (socket-default-repository / socket-default-branch) instead of js-stellar-xdr-json on the real default branch. In that configuration the run will not update the intended repository/default-branch alerts page and can be mixed with other repos using the same defaults; pass explicit repo/branch metadata for the GitHub run.

Useful? React with 👍 / 👎.

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a scheduled GitHub Actions workflow to run Socket’s reachability scan for this repository, aiming to surface Tier 1 reachability results (and emit a warning when the scan falls back to Tier 2 reachability).

Changes:

  • Introduces a new weekly + manual (workflow_dispatch) “Socket reachability scan” workflow.
  • Installs Rust toolchain + Node, installs the Socket CLI, runs socket scan create --reach, and emits a GitHub Actions ::warning:: if Tier 2 fallback is detected in logs.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@@ -0,0 +1,82 @@
# Socket reachability scan for js-stellar-xdr-json.
# For general Socket reachability documentation, see https://docs.socket.dev/docs/full-application-reachability
# Rust-only project.
Comment on lines +36 to +40
env:
# Force JS-based GitHub actions (actions/checkout, actions/setup-*, etc.) to
# use Node 24 instead of the soon-to-be-deprecated Node 20. Safe to remove
# after 2026-06-16 (when Node 24 becomes the default and this becomes a no-op).
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
Comment on lines +56 to +57
- name: Install Socket CLI
run: npm install -g socket
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Status: Backlog (Not Ready)

Development

Successfully merging this pull request may close these issues.

2 participants