Skip to content

ci(security): add Go to CodeQL language matrix #335

Open
Task
Open
ci(security): add Go to CodeQL language matrix#335
Task
Assignees
katriendg
Labels
ci/cdCI/CD pipeline and automationenhancementNew feature or improvement requestsecuritySecurity-related issues or fixes
@katriendg

Description

@katriendg
katriendg
opened on Mar 20, 2026

Summary

Add 'go' to the CodeQL language matrix in .github/workflows/codeql-analysis.yml.

# Before
language: [ 'javascript', 'python' ]

# After
language: [ 'go', 'javascript', 'python' ]

Priority: P2 — defer until Go code exceeds ~500 lines. CodeQL static analysis only adds value once there is Go source code with meaningful call graphs to scan.

Depends on: #290 implementation PR with Terratest code must be merged first. Do not implement this issue until Go source code exists in the repository.

Acceptance Criteria

  • CodeQL runs Go analysis alongside JavaScript and Python
  • No false-positive security findings on initial Go codebase

Metadata

Metadata

Assignees

Labels

ci/cdCI/CD pipeline and automationenhancementNew feature or improvement requestsecuritySecurity-related issues or fixes

Type

Task

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions