Skip to content

add socket tier 1 reachability analysis#976

Open
kanwalpreetd wants to merge 1 commit into
stellar:masterfrom
kanwalpreetd:master
Open

add socket tier 1 reachability analysis#976
kanwalpreetd wants to merge 1 commit into
stellar:masterfrom
kanwalpreetd:master

Conversation

@kanwalpreetd

@kanwalpreetd kanwalpreetd commented Jun 12, 2026

Copy link
Copy Markdown
Contributor

Copilot AI review requested due to automatic review settings June 12, 2026 14:20
Copilot AI reviewed Jun 12, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds an automated GitHub Actions workflow to run Socket’s full-application reachability analysis for this repo on a weekly schedule (and on-demand), including logic to surface Tier 2 fallback as a non-failing GitHub Actions warning.

Changes:

  • Introduces a new scheduled + manually-triggerable “Socket reachability scan” workflow.
  • Installs Socket CLI and runs socket scan create --reach with “continue-on-*” reachability options.
  • Parses the scan log to emit a ::warning:: annotation when Tier 2 fallback is detected.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/socket-scan.yml
Comment on lines +53 to +55
- name: Install Socket CLI
run: npm install -g socket

chatgpt-codex-connector[bot]
chatgpt-codex-connector Bot reviewed Jun 12, 2026
View reviewed changes

@chatgpt-codex-connector chatgpt-codex-connector Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: b60d4e533b

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

Comment thread .github/workflows/socket-scan.yml
Comment on lines +67 to +68
socket scan create --reach \
--org=stellar \

@chatgpt-codex-connector chatgpt-codex-connector Bot Jun 12, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Pass the GitHub repo and branch to Socket scans

In this workflow context there is no checked-in Socket config, and Socket's scan create help says --repo/--branch are what associate the Scan with a dashboard repository/branch, otherwise they default to socket-default-repository/socket-default-branch (see https://docs.socket.dev/docs/socket-scan#repo--branch-names). As written, the scheduled js-stellar-base scan is uploaded under those generic defaults instead of this repository/default branch, so the repository's alerts/head scan in Socket will not be updated correctly (and can collide with other repos using the same defaults).

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@chatgpt-codex-connector chatgpt-codex-connector[bot] chatgpt-codex-connector[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kanwalpreetd