Harden Scorecard signals around release signing and PR checks · recodeee/gitguardex@9202c86

Triggered via pull request April 23, 2026 16:56

NagyVikt

opened #392

agent/codex/harden-scorecard-best-practices-2026-04-23-18-42

Status Success

Total duration 8h 31m 13s

Artifacts –

codeql.yml

on: pull_request

Matrix: Analyze (javascript-typescript)

Annotations

3 warnings

Analyze (javascript-typescript) (javascript-typescript)

The process '/usr/bin/git' failed with exit code 128

Analyze (javascript-typescript) (javascript-typescript)

Error retrieving diff main...recodeee:agent/codex/harden-scorecard-best-practices-2026-04-23-18-42: Not Found - https://docs.github.com/rest/commits/commits#compare-two-commits

Analyze (javascript-typescript) (javascript-typescript)

Starting April 2026, the CodeQL Action will skip computing file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. To opt out of this change, set the `CODEQL_ACTION_FILE_COVERAGE_ON_PRS` environment variable to `true`. Alternatively, create a custom repository property with the name `github-codeql-file-coverage-on-prs` and the type "True/false", then set this property to `true` in the repository's settings.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Harden Scorecard signals around release signing and PR checks #523

Summary

Harden Scorecard signals around release signing and PR checks #523

Uh oh!

codeql.yml

Annotations