codeql-analysis.yml

name: CodeQL Analysis
concurrency:
    group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
    cancel-in-progress: true
on:
    push:
        branches: [main]
    pull_request:
        branches: [main]
    schedule:
        - cron: '0 0 * * 0'
    workflow_dispatch:
jobs:
    analyze:
        name: Analyze
        runs-on: ubuntu-latest
        permissions:
            actions: read
            contents: read
            security-events: write
        strategy:
            fail-fast: false
            matrix:
                language: ['JavaScript', 'TypeScript']
        steps:
            - name: Checkout repository
              uses: actions/checkout@v4
            - name: Initialize CodeQL
              uses: github/codeql-action/init@v3
              with:
                  languages: ${{ matrix.language }}
                  queries: security-extended, security-and-quality
            - name: Autobuild
              uses: github/codeql-action/autobuild@v3
            - name: Perform CodeQL Analysis
              uses: github/codeql-action/analyze@v3