ci: fix security alert for Lighthouse workflow (#2031)

Signed-off-by: Sebastian Beltran <[email protected]>

Author: bjohansebas

.github/workflows/codeql.yml

@@ -35,7 +35,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: ["javascript"]
+        language: ["javascript", "actions"]
         # CodeQL supports [ $supported-codeql-languages ]
         # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
 

.github/workflows/lighthouse.yml

@@ -2,7 +2,6 @@ name: Lighthouse audit
 
 on:
   pull_request_target:
-    types: [opened, synchronize]
 
 permissions:
   contents: read
@@ -16,9 +15,6 @@ jobs:
     steps:
       - name: Checkout PR code
         uses: actions/checkout@v4
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-          repository: ${{ github.event.pull_request.head.repo.full_name }}
 
       - name: Setup Node.js with npm cache
         uses: actions/setup-node@v4