Skip to content

Commit 62b3fef

Browse files
committed
🎨 [style] update CodeQL workflow configuration for improved clarity and scheduling
Signed-off-by: Nick2bad4u <20943337+Nick2bad4u@users.noreply.github.com>
1 parent 1caa0d7 commit 62b3fef

1 file changed

Lines changed: 16 additions & 26 deletions

File tree

Lines changed: 16 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,6 @@
1-
# yaml-language-server: $schema=https://www.schemastore.org/github-workflow.json
2-
name: "Codeql"
3-
4-
run-name: "CodeQL • ${{ github.ref_name }} @${{ github.actor }}"
1+
# eslint-disable github-actions/pin-action-shas, github-actions/prefer-step-uses-style -- Bootstrap CodeQL intentionally follows official action release tags.
2+
name: "Codeql Analysis"
3+
run-name: "Codeql Analysis - ${{ github.ref_name }}"
54

65
on:
76
merge_group:
@@ -12,37 +11,28 @@ on:
1211
branches:
1312
- "main"
1413
schedule:
15-
- cron: "37 9 * * 1"
14+
- cron: "0 6 * * 1"
1615

1716
concurrency:
18-
group: "codeql-${{ github.ref }}"
1917
cancel-in-progress: true
18+
group: "${{ github.workflow }}-${{ github.ref }}"
19+
20+
permissions:
21+
actions: "read"
22+
contents: "read"
23+
security-events: "write"
2024

2125
jobs:
2226
analyze:
2327
name: "Analyze"
2428
runs-on: "ubuntu-latest"
25-
timeout-minutes: 20
26-
permissions:
27-
actions: "read"
28-
contents: "read"
29-
security-events: "write"
30-
29+
timeout-minutes: 15
3130
steps:
32-
- name: "Harden Runner"
33-
uses: "step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e" # v2.14.2
34-
with:
35-
egress-policy: "audit"
36-
37-
- name: "Checkout Repository"
38-
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
39-
31+
- name: "Checkout"
32+
uses: "actions/checkout@v6"
4033
- name: "Initialize CodeQL"
41-
uses: "github/codeql-action/init@8e52c9d6d12b70f2bf8f94bfe03e9980250bd2c4" # v4.31.6
34+
uses: "github/codeql-action/init@v4.35.4"
4235
with:
4336
languages: "javascript-typescript"
44-
45-
- name: "Perform CodeQL Analysis"
46-
uses: "github/codeql-action/analyze@8e52c9d6d12b70f2bf8f94bfe03e9980250bd2c4" # v4.31.6
47-
with:
48-
category: "/language:javascript-typescript"
37+
- name: "Perform CodeQL analysis"
38+
uses: "github/codeql-action/analyze@v4.35.4"

0 commit comments

Comments
 (0)