Skip to content

add socket tier 1 reachability analysis#70

Open
kanwalpreetd wants to merge 1 commit into
stellar:mainfrom
kanwalpreetd:main
Open

add socket tier 1 reachability analysis#70
kanwalpreetd wants to merge 1 commit into
stellar:mainfrom
kanwalpreetd:main

Conversation

@kanwalpreetd

Copy link
Copy Markdown
Contributor

Copilot AI review requested due to automatic review settings June 29, 2026 18:58

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a dedicated GitHub Actions workflow to run Socket “Tier 1 reachability” scanning on a schedule (and on-demand) for this repository, so dependency vulnerabilities can be evaluated with reachability context rather than only SBOM/CVE presence.

Changes:

  • Introduces a new scheduled + manual GitHub Actions workflow for Socket reachability scanning.
  • Installs required toolchains (Rust + Node) and Socket CLI, then runs socket scan create --reach.
  • Interprets Tier-2 fallback log markers to emit a GitHub Actions warning without failing the job.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +56 to +57
- name: Install Socket CLI
run: npm install -g socket
Comment on lines +59 to +62
- name: Run Socket reachability scan
env:
SOCKET_SECURITY_API_TOKEN: ${{ secrets.SOCKET_SECURITY_API_TOKEN }}
run: |
Comment on lines +43 to +44
socket-scan:
runs-on: ubuntu-latest
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants