Skip to content

ci: remove stray codeql.yml workflow#188

Closed
don-petry wants to merge 3 commits into
mainfrom
claude/issue-169-20260414-1138
Closed

ci: remove stray codeql.yml workflow#188
don-petry wants to merge 3 commits into
mainfrom
claude/issue-169-20260414-1138

Conversation

@don-petry

Copy link
Copy Markdown
Collaborator

Summary

  • Deletes .github/workflows/codeql.yml to comply with org standards
  • The org now uses GitHub-managed CodeQL default setup; per-repo workflow files create duplicate analysis

Standard Reference

standards/ci-standards.md#2-codeql-analysis-github-managed-default-setup

Closes #169

Generated with Claude Code

Org standard uses GitHub-managed CodeQL default setup.
Per-repo workflow files create duplicate analysis alongside
the default setup. Deleting to comply with org standards.

Closes #169

Co-authored-by: don-petry <don-petry@users.noreply.github.com>
Copilot AI review requested due to automatic review settings April 14, 2026 11:39
@coderabbitai

coderabbitai Bot commented Apr 14, 2026

Copy link
Copy Markdown

Warning

Rate limit exceeded

@github-actions[bot] has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 55 minutes and 47 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 55 minutes and 47 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: cf56615e-7432-4204-8620-5f32d4fb8977

📥 Commits

Reviewing files that changed from the base of the PR and between 56ee75a and e07d64c.

📒 Files selected for processing (1)
  • .github/workflows/codeql.yml
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch claude/issue-169-20260414-1138

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@don-petry

Copy link
Copy Markdown
Collaborator Author

Self-review: This is a single-file deletion with no logic changes. The change correctly removes the stray .github/workflows/codeql.yml to comply with the org's CodeQL standard (GitHub-managed default setup).

@don-petry — please review and merge when CI is green.

@sonarqubecloud

Copy link
Copy Markdown

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Removes the repository’s standalone CodeQL GitHub Actions workflow to align with the organization standard of using GitHub-managed CodeQL default setup (avoiding duplicate CodeQL analyses).

Changes:

  • Deleted .github/workflows/codeql.yml to eliminate the per-repo CodeQL workflow and prevent duplicate scanning.

@don-petry

Copy link
Copy Markdown
Collaborator Author

Automated review — APPROVED

Risk: LOW
Reviewed commit: cb622f944c3a4714d3169434ee9d20db217159a4
Cascade: triage → deep (see triage: haiku 4.5 → deep: sonnet 4.6 + duck: gpt-5.4 → audit: opus 4.6 for models)

Summary

This PR deletes a redundant per-repo CodeQL workflow to comply with the org standard of using GitHub-managed CodeQL default setup. All CI checks pass (including the GitHub-managed CodeQL scans confirming analysis is still active), SonarCloud reports 0 new issues/hotspots, and there are no logic or security posture changes.

Findings

Info

  • .github/workflows/codeql.yml — Deletion of .github/workflows/codeql.yml is intentional org-standard compliance. GitHub-managed CodeQL default setup is confirmed active in statusCheckRollup (CodeQL: SUCCESS). Security scanning coverage is not reduced.
  • All checks green: build-and-test, Node.js Tests, Playwright UI Tests, SonarCloud (0 issues, 0 hotspots), CodeQL (GitHub-managed), AgentShield, Dependency audit, Coverage.

CI status

All checks passing: build-and-test, Node.js Tests, Playwright UI Tests, SonarCloud (0 new issues, 0 hotspots), CodeQL (GitHub-managed default setup active), AgentShield, Dependency audit, Coverage.


Reviewed by the don-petry PR-review cascade (triage: haiku 4.5 → deep: sonnet 4.6 + duck: gpt-5.4 → audit: opus 4.6). Reply with @don-petry if you need a human.

@don-petry don-petry enabled auto-merge (squash) April 16, 2026 20:47

@petry-projects-pr-review-agent petry-projects-pr-review-agent Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed by the don-petry PR-review cascade (triage: haiku 4.5 → deep: sonnet 4.6 + duck: gpt-5.4 → audit: opus 4.6). Reply with @don-petry if you need a human.

@petry-projects-pr-review-agent petry-projects-pr-review-agent Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed by the don-petry PR-review cascade (triage: haiku 4.5 → deep: sonnet 4.6 + duck: gpt-5.4 → audit: opus 4.6). Reply with @don-petry if you need a human.

@don-petry

Copy link
Copy Markdown
Collaborator Author

Closing as duplicate of #213 — same fix for issue #188. The newest attempt is kept open.

@don-petry don-petry closed this May 3, 2026
auto-merge was automatically disabled May 3, 2026 15:00

Pull request was closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Compliance: stray-codeql-workflow

2 participants