Merge pull request #110 from XhmikosR/patch-1

bcomnes · web-flow · commit 9a528ccbdfd1 · 2023-04-13T20:28:53.000-06:00
Update CodeQL workflow
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -6,12 +6,12 @@ on:
       - master
       - "!dependabot/**"
   pull_request:
-    # The branches below must be a subset of the branches above
     branches:
       - master
       - "!dependabot/**"
   schedule:
     - cron: "0 0 * * 0"
+  workflow_dispatch:
 
 jobs:
   analyze:
@@ -23,13 +23,21 @@ jobs:
       security-events: write
 
     steps:
-      - name: Checkout repository
+      - name: Clone repository
         uses: actions/checkout@v3
+        with:
+          persist-credentials: false
 
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v2
         with:
           languages: "javascript"
+          queries: +security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:javascript"
