This PR adds the automated code review reusable workflow.
The file is at .github/workflows-pending/code-review.yml because
our OAuth token lacks the workflow scope required to push to
.github/workflows/ directly.
After merging, move the file:
mv .github/workflows-pending/code-review.yml .github/workflows/code-review.yml
git add . && git commit -m "ci: move code-review workflow to workflows dir"
git pushOr: authorize the token with workflow scope, then re-push.
| Job | Tools | Purpose |
|---|---|---|
| Lint & Format | ruff, mypy | Code quality & type checking |
| Security Scan | bandit, semgrep, pip-audit | Vulnerability detection |
| Test Coverage | pytest-cov | Coverage gate + reporting |
| Review Summary | gh CLI | PR comment with status table |
jobs:
code-review:
uses: Coding-Dev-Tools/.github/.github/workflows/code-review.yml@main
secrets:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}