cli/.github/workflows/codescan.yml

name: "Code Scanning"

on:
  push:
    branches: ["dev"]
  pull_request:
    branches: ["dev"]
  schedule:
    - cron: "0 2 * * 1-5"

jobs:
  CodeQL:
    runs-on: ubuntu-latest

    permissions:
      # required for all workflows
      security-events: write

      # only required for workflows in private repositories
      actions: read
      contents: read

    steps:
      - name: "Checkout Repository"
        uses: actions/checkout@v6

      - name: "Initialize CodeQL"
        uses: github/codeql-action/init@v4
        with:
          languages: go,javascript,typescript

      - name: "Autobuild"
        uses: github/codeql-action/autobuild@v4

      - name: "Perform CodeQL Analysis"
        uses: github/codeql-action/analyze@v4