resq-software · WomB0ComB0 · Apr 15, 2026 · Apr 15, 2026 · gemini-code-assist · Apr 15, 2026
@@ -0,0 +1,2 @@
+# Default owner for everything not matched by a more specific rule.
+*  @WomB0ComB0
@@ -0,0 +1,27 @@
+# Copyright 2026 ResQ Software
+# SPDX-License-Identifier: Apache-2.0
+#
+# Thin caller for the org-wide reusable security-scan workflow in
+# resq-software/.github.
+
+name: security
+
+on:
+  push:
+    branches: [main, master]
+  pull_request:
+  schedule:
+    - cron: '17 6 * * 1'
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  security-events: write
+  pull-requests: read
+
+jobs:
+  scan:
+    uses: resq-software/.github/.github/workflows/security-scan.yml@main
+    with:
+      languages: '["actions"]'
+    secrets: inherit
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		# Default owner for everything not matched by a more specific rule.
Copy link Copy Markdown gemini-code-assist bot Apr 15, 2026 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. The pull request title and description indicate that this PR adds `.github/workflows/security.yml` to implement organization-wide security scanning. However, this file is missing from the current changes. Please include the intended workflow file to fulfill the PR's objective.
		* @WomB0ComB0
Copy link Copy Markdown gemini-code-assist bot Apr 15, 2026 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Using a single individual (@WomB0ComB0) as the global code owner is a maintenance risk. For an organization-level repository, it is recommended to use a team (e.g., @resq-software/maintainers) to ensure that PR reviews and repository management are not dependent on a single person's availability.