Google Git
Sign in
apache/iceberg-python/ec0a451a0a81d30f8fe6bbabaf2480adcfcf27e2
commit
ec0a451a0a81d30f8fe6bbabaf2480adcfcf27e2
[log] [tgz]
author
Kevin Liu <kevinjqliu@users.noreply.github.com>
Wed Feb 18 08:01:03 2026 -0500
committer
GitHub <noreply@github.com>
Wed Feb 18 14:01:03 2026 +0100
tree
cba75a00de1c500f96e999dc5a479e01d57ac0ff
parent
9c9f160b393893070794d050f8e30ef6dfe27ea7 [diff]
CI: Add CodeQL workflow for GitHub Actions security scanning (#3060)

This adds a CodeQL workflow to scan GitHub Actions workflow files for
security issues such as script injection, use of untrusted input, and
other misconfigurations.

Reference:
https://github.blog/security/application-security/how-to-secure-your-github-actions-workflows-with-codeql/

**Triggers:**
- Push and PR to `main`
- Weekly scheduled scan (Mondays at 4:16 UTC)


This is based on [Apache Infra
recommendation](https://cwiki.apache.org/confluence/display/BUILDS/GitHub+Actions+Security),

> IMPORTANT! You should enable CodeQL "actions" scanning in your
repositories as described in
https://github.blog/security/application-security/how-to-secure-your-github-actions-workflows-with-codeql/
- this will scan and flag those issues described below and many more
automatically for you
1 file changed
tree: cba75a00de1c500f96e999dc5a479e01d57ac0ff
  1. .github/
  2. dev/
  3. mkdocs/
  4. notebooks/
  5. pyiceberg/
  6. tests/
  7. vendor/
  8. .asf.yaml
  9. .codespellrc
  10. .gitignore
  11. .markdownlint.yaml
  12. .pre-commit-config.yaml
  13. LICENSE
  14. Makefile
  15. MANIFEST.in
  16. NOTICE
  17. pyproject.toml
  18. README.md
  19. ruff.toml
  20. setup.py
  21. uv.lock
README.md

Iceberg Python

PyIceberg is a Python library for programmatic access to Iceberg table metadata as well as to table data in Iceberg format. It is a Python implementation of the Iceberg table spec.

The documentation is available at https://py.iceberg.apache.org/.

Get in Touch