Fix CodeQL (#347)

Author: MikeAlhayek

.github/dependabot.yml

@@ -3,29 +3,27 @@ updates:
   - package-ecosystem: "nuget"
     directory: "/"
     schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 10
-    groups:
-       all-dependencies:
-          patterns:
-            - "*"
+      interval: "daily"
+    # Disable version update PRs; only Dependabot security updates create PRs.
+    open-pull-requests-limit: 0
+    ignore:
+      # OrchardCore packages are pinned; never auto-update them.
+      - dependency-name: "OrchardCore.*"
+      - dependency-name: "SafeMode"
+      - dependency-name: "TheAdmin"
+      - dependency-name: "TheAgencyTheme"
+      - dependency-name: "TheBlogTheme"
+      - dependency-name: "TheComingSoonTheme"
+      - dependency-name: "TheTheme"
 
   - package-ecosystem: "npm"
     directory: "/"
     schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 10
-    groups:
-       all-dependencies:
-          patterns:
-            - "*"
+      interval: "daily"
+    open-pull-requests-limit: 0
 
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
-      interval: "weekly"
-    open-pull-requests-limit: 10
-    groups:
-       all-dependencies:
-          patterns:
-            - "*"
+      interval: "daily"
+    open-pull-requests-limit: 0

.github/workflows/codeql.yml

@@ -0,0 +1,43 @@
+name: "CodeQL Security Analysis"
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  schedule:
+    - cron: "25 14 * * 1"
+  workflow_dispatch:
+
+permissions:
+  security-events: write
+  contents: read
+
+jobs:
+  analyze:
+    name: Analyze C#
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Setup .NET
+        uses: actions/setup-dotnet@v4
+        with:
+          dotnet-version: "10.0.x"
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: csharp
+          config-file: ./.github/codeql/codeql-config.yml
+
+      - name: Build solution
+        run: dotnet build CrestApps.OrchardCore.slnx -c Release /p:NuGetAudit=false
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:csharp"

src/Modules/CrestApps.OrchardCore.AI.Agent/Communications/SendEmailTool.cs

@@ -125,6 +125,6 @@ protected override async ValueTask<object> InvokeCoreAsync(AIFunctionArguments a
             return "The email was sent successfully.";
         }
 
-        return $"The email was not sent successfully due to the following: {string.Join(' ', result.Errors.Values)}";
+        return $"The email was not sent successfully due to the following: {string.Join(' ', result.Errors)}";
     }
 }