add socket tier 1 reachability analysis

[kanwalpreetd]

More info: https://stellarorg.atlassian.net/wiki/spaces/SCRT/pages/5689311233/Socket+Tier+1+Reachability+Analysis

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 587c16c79a

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Associate scans with the repository

When this scheduled workflow runs, there is no socket.json/socket.yml in the repo and the command does not pass --repo or --branch; Socket's CLI docs say those default to socket-default-repository and socket-default-branch. In that configuration, the go-xdr scan will not update the go-xdr project/branch alerts page and can be mixed with other unconfigured scans in the Stellar org, so pass the repository and branch explicitly (and set the default branch on the first run).

Useful? React with 👍 / 👎.

[Copilot]

Pull request overview

Adds a new GitHub Actions workflow to run Socket’s “full application reachability” (Tier 1) analysis on a weekly schedule (and manually on demand) for this Go module, surfacing Tier 2 fallbacks as warnings while preserving the scan’s exit status.

Changes:

• Introduces a scheduled + workflow_dispatch “Socket reachability scan” workflow.
• Sets up Go and Node toolchains, installs Socket CLI, and runs socket scan create --reach.
• Post-processes scan output to emit a GitHub Actions warning when reachability falls back to Tier 2 without failing the job.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.