otpauth/.github/workflows/codeql.yml

# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: "CodeQL analysis"

on:
  push:
    tags: ["*"]
    branches: ["*"]
  pull_request:
    branches: ["*"]
  schedule:
    - cron: "25 10 * * 3"
  workflow_dispatch:

permissions: {}

jobs:
  analyze:
    name: "CodeQL analysis (${{ matrix.language }})"
    runs-on: "ubuntu-latest"
    permissions:
      actions: "read"
      contents: "read"
      security-events: "write"
    strategy:
      fail-fast: false
      matrix:
        language: ["javascript"]
    steps:
      - name: "Checkout"
        uses: "actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8"
      - name: "Initialize CodeQL"
        uses: "github/codeql-action/init@f443b600d91635bebf5b0d9ebc620189c0d6fba5"
        with:
          languages: "${{ matrix.language }}"
      - name: "Autobuild"
        uses: "github/codeql-action/autobuild@f443b600d91635bebf5b0d9ebc620189c0d6fba5"
      - name: "Perform CodeQL Analysis"
        uses: "github/codeql-action/analyze@f443b600d91635bebf5b0d9ebc620189c0d6fba5"