cli/.github/workflows/codescan-pull-request.yml

# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request
name: "Code Scanning: Pull Request"

on:
  pull_request:
    branches: ["dev"]

jobs:
  CodeQL:
    runs-on: ubuntu-latest

    permissions:
      security-events: write
      actions: read
      contents: read

    steps:
      - name: "Checkout Repository"
        uses: actions/checkout@v6

      - name: "Initialize CodeQL"
        uses: github/codeql-action/init@v4
        with:
          languages: go,javascript,typescript

      - name: "Autobuild"
        uses: github/codeql-action/autobuild@v4

      - name: "Perform CodeQL Analysis"
        uses: github/codeql-action/analyze@v4