Add CodeQL security scanning workflow

2025-10-19 22:08:31 -04:00
parent 69fa5ffc28
commit 9d0372484a
1 changed files with 6 additions and 3 deletions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -8,6 +8,9 @@ on:
  schedule:
    - cron: '0 3 * * *'

+permissions:
+  security-events: write  
+
 jobs:
  analyze:
    name: Analyze CodeQL
@@ -18,12 +21,12 @@ jobs:
        uses: actions/checkout@v3

      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
        with:
          languages: javascript,typescript  

      - name: Autobuild
-        uses: github/codeql-action/autobuild@v2
+        uses: github/codeql-action/autobuild@v3

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3