name: "CodeQL" on: push: branches: - main - v4-dev - "!dependabot/**" pull_request: # The branches below must be a subset of the branches above branches: - main - v4-dev - "!dependabot/**" schedule: - cron: "0 2 * * 5" workflow_dispatch: jobs: analyze: name: Analyze runs-on: ubuntu-latest permissions: actions: read contents: read security-events: write steps: - name: Checkout repository uses: actions/checkout@v2 - name: Initialize CodeQL uses: github/codeql-action/init@v1 with: languages: "javascript" - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v1