Skip to content

Add Lighthouse CI and CodeQL workflows#7

Merged
Mandal-OS merged 2 commits into
mainfrom
codex/add-lighthouse-codeql
Jun 27, 2026
Merged

Add Lighthouse CI and CodeQL workflows#7
Mandal-OS merged 2 commits into
mainfrom
codex/add-lighthouse-codeql

Conversation

@Mandal-OS

Copy link
Copy Markdown
Owner

Summary

  • Add Lighthouse CI against https://gigworlds.net with warning-based thresholds and report artifacts.
  • Add CodeQL scanning for JavaScript/TypeScript and GitHub Actions workflows.
  • Document what Lighthouse CI and CodeQL mean, when they run, and how to use them locally.
  • Keep npm audit clean by using a pinned Lighthouse CI runtime command instead of committing vulnerable transitive dev dependencies.

Closes #4.
Closes #6.

Verification

  • npm run check
  • npm audit --audit-level=low
  • node --check lighthouserc.cjs

Notes

Local Lighthouse run was not completed in this Windows environment because Chrome is not installed locally. The GitHub workflow installs stable Chrome explicitly before running Lighthouse CI.

Risk Review

  • Security: adds CodeQL and preserves minimal workflow permissions.
  • Performance: adds browser-based Lighthouse monitoring for gigworlds.net.
  • SEO: Lighthouse includes SEO category warnings.
  • Accessibility: Lighthouse includes accessibility category warnings.
  • Operations: Lighthouse is warning-based initially to avoid noisy failures from live-site variance.

@github-advanced-security

Copy link
Copy Markdown

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

Comment thread .github/workflows/lighthouse-ci.yml Fixed
@Mandal-OS Mandal-OS merged commit a8a9e72 into main Jun 27, 2026
3 checks passed
@Mandal-OS Mandal-OS deleted the codex/add-lighthouse-codeql branch June 27, 2026 01:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Add Lighthouse CI for browser-based performance checks Add CodeQL once application code exists

3 participants