Skip to content

add socket tier 1 reachability analysis#460

Open
kanwalpreetd wants to merge 1 commit into
stellar:masterfrom
kanwalpreetd:master
Open

add socket tier 1 reachability analysis#460
kanwalpreetd wants to merge 1 commit into
stellar:masterfrom
kanwalpreetd:master

Conversation

@kanwalpreetd

Copy link
Copy Markdown
Contributor

Copilot AI review requested due to automatic review settings June 29, 2026 19:00

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR introduces a scheduled GitHub Actions workflow to run Socket “full application reachability” scans against the repo, aiming to surface Tier 1 (your-code-aware) reachability results and flag Tier 2 fallback cases without failing the job.

Changes:

  • Adds a weekly + on-demand “Socket reachability scan” workflow.
  • Sets up Rust + Node toolchains on the runner and installs the Socket CLI.
  • Streams scan output to logs and emits a GitHub Actions warning when Tier 2 fallback text is detected.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +56 to +57
- name: Install Socket CLI
run: npm install -g socket
Comment on lines +37 to +40
# Force JS-based GitHub actions (actions/checkout, actions/setup-*, etc.) to
# use Node 24 instead of the soon-to-be-deprecated Node 20. Safe to remove
# after 2026-06-16 (when Node 24 becomes the default and this becomes a no-op).
FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true
Comment on lines +59 to +62
- name: Run Socket reachability scan
env:
SOCKET_SECURITY_API_TOKEN: ${{ secrets.SOCKET_SECURITY_API_TOKEN }}
run: |
@stellar-jenkins-ci

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants