chore(ci): move codeql-analysis.yml to codeql.yaml (#1378)

* chore(ci): move codeql-analysis.yml to codeql.yaml

* chore(ci): update codeql

Author: pmalek

.github/workflows/codeql-analysis.yml .github/workflows/codeql.yaml.github/workflows/codeql-analysis.yml renamed to .github/workflows/codeql.yaml

@@ -9,7 +9,7 @@
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
-name: codeql
+name: "CodeQL Advanced"
 
 on:
   push:
@@ -28,14 +28,17 @@ jobs:
       actions: read
       contents: read
       security-events: write
+      # required to fetch internal or private CodeQL packs
+      packages: read
 
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'go' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
-        # Learn more:
-        # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed
+        include:
+        - language: actions
+          build-mode: none
+        - language: go
+          build-mode: autobuild
 
     steps:
     - name: Checkout repository
@@ -51,6 +54,7 @@ jobs:
       uses: github/codeql-action/init@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
       with:
         languages: ${{ matrix.language }}
+        build-mode: ${{ matrix.build-mode }}
         # If you wish to specify custom queries, you can do so here or in a config file.
         # By default, queries listed here will override any specified in a config file.
         # Prefix the list here with "+" to use these queries and those in the config file.
@@ -74,3 +78,5 @@ jobs:
 
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3
+      with:
+        category: "/language:${{matrix.language}}"