Skip to content

[VULN-649] ci: Remove deprecated scan workflow#149

Draft
theMickster wants to merge 1 commit into
mainfrom
vuln-649/remove-scan-workflow
Draft

[VULN-649] ci: Remove deprecated scan workflow#149
theMickster wants to merge 1 commit into
mainfrom
vuln-649/remove-scan-workflow

Conversation

@theMickster

@theMickster theMickster commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

🎟️ Tracking

https://bitwarden.atlassian.net/browse/VULN-649

📔 Objective

Removes the deprecated scan.yml GitHub Actions workflow.

@theMickster theMickster added the ai-review Request a Claude code review label Jun 22, 2026
@github-actions

github-actions Bot commented Jun 22, 2026
edited
Loading

Copy link
Copy Markdown

🤖 Bitwarden Claude Code Review

Overall Assessment: APPROVE

This PR deletes the deprecated .github/workflows/scan.yml GitHub Actions workflow (Checkmarx SAST and check-run jobs), tracked under VULN-649. The removal is complete — no other workflow or file references the deleted scan.yml, its check-run/_checkmarx jobs, or the workflow name. As a CI-infrastructure-only change with no plugin code touched, no plugin version bump or changelog entry is required.

Code Review Details

No findings. The deletion is clean and well-scoped:

  • No dangling references to the removed workflow remain in .github/ or elsewhere in the repo.
  • The change is authorized by an AppSec VULN task (VULN-649), so the removal of the SAST workflow is an intentional security-team decision, not an accidental coverage gap.
  • Removing the pull_request_target trigger on main eliminates a historically risky workflow pattern.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

ai-review Request a Claude code review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@theMickster