Skip to content

ci: wire Gemini code review + CodeQL security scanning#4

Merged
jeremylongshore merged 2 commits into
mainfrom
ci/wire-gemini-codeql
Jun 18, 2026
Merged

ci: wire Gemini code review + CodeQL security scanning#4
jeremylongshore merged 2 commits into
mainfrom
ci/wire-gemini-codeql

Conversation

@jeremylongshore

@jeremylongshore jeremylongshore commented Jun 18, 2026

Copy link
Copy Markdown
Contributor

Wires the standing two-reviewer gate on the IEP umbrella (the 7th IEP repo).

Gemini Code Assist — workhorse code reviewer; auto-reviews every PR once the app is installed on the intent-solutions-io org (separate install from the personal account). .gemini/styleguide.md carries the same IEP review priorities as the six code repos.

CodeQL — security scanning only (security-extended, no quality queries) over the generator scripts (aggregate-changelog.mjs, ecosystem-drift.py). build-mode: none, PR + push + weekly. Free on this public repo.

Docs/CI-only. Completes Gemini+CodeQL coverage across all 7 IEP repos.

@jeremylongshore
ci: wire Gemini code review + CodeQL security scanning
acd3dc7 
Gemini Code Assist is the workhorse code reviewer; CodeQL runs the security-extended
query suite only (no quality queries) so the two are non-overlapping. Both run on PRs
and pushes to main so review is a standing pre-merge gate on the umbrella's generator
scripts (aggregate-changelog.mjs, ecosystem-drift.py).

- .gemini/config.yaml + .gemini/styleguide.md   workhorse code-review gate
- .github/workflows/codeql.yml                   CodeQL security-extended, build-mode none
@gemini-code-assist

gemini-code-assist Bot commented Jun 18, 2026

Copy link
Copy Markdown

Note

Gemini is unable to generate a review for this pull request due to the file types involved not being currently supported.

@github-advanced-security

github-advanced-security AI commented Jun 18, 2026

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

@jeremylongshore jeremylongshore merged commit ddc889f into main Jun 18, 2026
3 checks passed
@jeremylongshore jeremylongshore deleted the ci/wire-gemini-codeql branch June 18, 2026 14:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jeremylongshore @github-advanced-security