From 78205af63c8d5cddcd40e015c8436def692e3357 Mon Sep 17 00:00:00 2001 From: Jonathan Miller <1+jmiller@noreply.git.mokoconsulting.tech> Date: Thu, 21 May 2026 17:22:54 +0000 Subject: [PATCH] chore: rename .gitea/ to .mokogitea/ [skip ci] Authored-by: Moko Consulting --- .gitea/workflows/codeql-analysis.yml | 115 --------------------------- 1 file changed, 115 deletions(-) delete mode 100644 .gitea/workflows/codeql-analysis.yml diff --git a/.gitea/workflows/codeql-analysis.yml b/.gitea/workflows/codeql-analysis.yml deleted file mode 100644 index dd61fc3..0000000 --- a/.gitea/workflows/codeql-analysis.yml +++ /dev/null @@ -1,115 +0,0 @@ -# Copyright (C) 2026 Moko Consulting -# -# This file is part of a Moko Consulting project. -# -# SPDX-License-Identifier: GPL-3.0-or-later -# -# FILE INFORMATION -# DEFGROUP: GitHub.Workflow.Template -# INGROUP: MokoStandards.Security -# REPO: https://github.com/mokoconsulting-tech/MokoStandards -# PATH: /templates/workflows/generic/codeql-analysis.yml.template -# VERSION: 04.05.00 -# BRIEF: CodeQL security scanning workflow (generic — all repo types) -# NOTE: Deployed to .mokogitea/workflows/codeql-analysis.yml in governed repos. -# CodeQL does not support PHP directly; JavaScript scans JSON/YAML/shell. -# For PHP-specific security scanning see standards-compliance.yml. - -name: "Universal: CodeQL Analysis" - -on: - push: - branches: - - main - - dev/** - - rc/** - - version/** - pull_request: - branches: - - main - - dev/** - - rc/** - schedule: - # Weekly on Monday at 06:00 UTC - - cron: '0 6 * * 1' - workflow_dispatch: - -permissions: - actions: read - contents: read - security-events: write - pull-requests: read - -jobs: - analyze: - name: Analyze (${{ matrix.language }}) - runs-on: ubuntu-latest - timeout-minutes: 360 - - strategy: - fail-fast: false - matrix: - # CodeQL does not support PHP. Use 'javascript' to scan JSON, YAML, - # and shell scripts. Add 'actions' to scan GitHub Actions workflows. - language: ['javascript', 'actions'] - - steps: - - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - queries: security-extended,security-and-quality - - - name: Autobuild - uses: github/codeql-action/autobuild@v3 - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:${{ matrix.language }}" - upload: true - output: sarif-results - wait-for-processing: true - - - name: Upload SARIF results - if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.5.0 - with: - name: codeql-results-${{ matrix.language }} - path: sarif-results - retention-days: 30 - - - name: Step summary - if: always() - run: | - echo "### 🔍 CodeQL — ${{ matrix.language }}" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - URL="https://github.com/${{ github.repository }}/security/code-scanning" - echo "See the [Security tab]($URL) for findings." >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "| Severity | SLA |" >> $GITHUB_STEP_SUMMARY - echo "|----------|-----|" >> $GITHUB_STEP_SUMMARY - echo "| Critical | 7 days |" >> $GITHUB_STEP_SUMMARY - echo "| High | 14 days |" >> $GITHUB_STEP_SUMMARY - echo "| Medium | 30 days |" >> $GITHUB_STEP_SUMMARY - echo "| Low | 60 days / next release |" >> $GITHUB_STEP_SUMMARY - - summary: - name: Security Scan Summary - runs-on: ubuntu-latest - needs: analyze - if: always() - - steps: - - name: Summary - run: | - echo "### 🛡️ CodeQL Complete" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "**Trigger:** ${{ github.event_name }}" >> $GITHUB_STEP_SUMMARY - echo "**Branch:** ${{ github.ref_name }}" >> $GITHUB_STEP_SUMMARY - SECURITY_URL="https://github.com/${{ github.repository }}/security" - echo "" >> $GITHUB_STEP_SUMMARY - echo "📊 [View all security alerts]($SECURITY_URL)" >> $GITHUB_STEP_SUMMARY