Skip to content

add socket tier 1 reachability analysis#230

Open
kanwalpreetd wants to merge 1 commit into
stellar:masterfrom
kanwalpreetd:master
Open

add socket tier 1 reachability analysis#230
kanwalpreetd wants to merge 1 commit into
stellar:masterfrom
kanwalpreetd:master

Conversation

@kanwalpreetd

Copy link
Copy Markdown

Copilot AI review requested due to automatic review settings June 30, 2026 06:44

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a dedicated GitHub Actions workflow to run Socket’s full-application reachability scan for this Ruby project on a weekly schedule (and on-demand), surfacing Tier 2 fallbacks as a non-failing workflow warning.

Changes:

  • Introduces a new scheduled + workflow_dispatch workflow for Socket reachability scanning.
  • Sets up Ruby and Node tooling, installs Socket CLI, and runs socket scan create --reach.
  • Parses scan output to emit a GitHub Actions ::warning:: when Tier 2 reachability fallback is detected.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +69 to +70
- name: Install Socket CLI
run: npm install -g socket
Comment on lines +72 to +75
- name: Run Socket reachability scan
env:
SOCKET_SECURITY_API_TOKEN: ${{ secrets.SOCKET_SECURITY_API_TOKEN }}
run: |
--reach-continue-on-missing-lock-files \
. 2>&1 | tee /tmp/scan.log
rc=${PIPESTATUS[0]}
if [ $rc -eq 0 ] && grep -qE "Reachability falls back to Tier 2|fallback to the results from the pre-computed|Reachability falls back to precomputed" /tmp/scan.log; then
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants