fix: align CodeQL with repo languages (robot-cleaner)

Author: hyperpolymath

.github/workflows/codeql.yml

@@ -1,4 +1,6 @@
+# SPDX-License-Identifier: AGPL-3.0-or-later
 name: CodeQL Security Analysis
+
 on:
   push:
     branches: [main, master]
@@ -7,29 +9,32 @@ on:
   schedule:
     - cron: '0 6 * * 1'
 
+permissions: read-all
+
 jobs:
   analyze:
     runs-on: ubuntu-latest
     permissions:
+      contents: read
       security-events: write
     strategy:
       fail-fast: false
       matrix:
-        language: ['javascript', 'python', 'go', 'java', 'ruby']
+        include:
+          - language: ruby
+            build-mode: none
+
     steps:
-      - uses: actions/checkout@v4
-      
+      - name: Checkout
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd # v3.28.1
         with:
           languages: ${{ matrix.language }}
-          queries: +security-and-quality
-        continue-on-error: true
-      
-      - name: Autobuild
-        uses: github/codeql-action/autobuild@v3
-        continue-on-error: true
-      
-      - name: Perform Analysis
-        uses: github/codeql-action/analyze@v3
-        continue-on-error: true
+          build-mode: ${{ matrix.build-mode }}
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd # v3.28.1
+        with:
+          category: "/language:${{ matrix.language }}"