





















@@ -272,8 +272,9 @@ default workflow because the macOS build dominates runtime even when clean.
272272The `CodeQL Critical Quality` workflow is the matching non-security shard. It
273273runs only error-severity, non-security JavaScript/TypeScript quality queries
274274over narrow high-value surfaces on the smaller Blacksmith Linux runner. Its
275-baseline job scans the same auth, secrets, sandbox, cron, and gateway surface
276-as the security workflow. The config-boundary
275+core-auth-secrets job scans auth, secrets, sandbox, cron, and gateway security
276+boundary code under the separate `/codeql-critical-quality/core-auth-secrets`
277+category. The config-boundary
277278job scans config schema, migration, normalization, and IO contracts under the
278279separate `/codeql-critical-quality/config-boundary` category. The
279280gateway-runtime-boundary job scans gateway protocol schemas and server method
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。