Skip to content
CodeQL

fix(security): restrict release workflow to same-repo PRs and block env overrides for internal fields #10163

Sign in to view logs

fix(security): restrict release workflow to same-repo PRs and block env overrides for internal fields

fix(security): restrict release workflow to same-repo PRs and block env overrides for internal fields #10163

Triggered via pull request March 19, 2026 04:57
@2000041920000419
synchronize #4977
20000419:develop
Status Success
Total duration 3m 16s
Artifacts

codeql-analysis.yml

on: pull_request
Matrix: analyze
Fit to window
Zoom out
Zoom in

Annotations

2 warnings
Analyze (javascript-typescript)
Starting April 2026, the CodeQL Action will skip computing file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. To opt out of this change, set the `CODEQL_ACTION_FILE_COVERAGE_ON_PRS` environment variable to `true`. Alternatively, create a custom repository property with the name `github-codeql-file-coverage-on-prs` and the type "True/false", then set this property to `true` in the repository's settings.
Analyze (go)
Starting April 2026, the CodeQL Action will skip computing file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. To opt out of this change, set the `CODEQL_ACTION_FILE_COVERAGE_ON_PRS` environment variable to `true`. Alternatively, create a custom repository property with the name `github-codeql-file-coverage-on-prs` and the type "True/false", then set this property to `true` in the repository's settings.