CodeQL #31

	# For most projects, this workflow file will not need changing; you simply need
	# to commit it to your repository.
	#
	# You may wish to alter this file to override the set of languages analyzed,
	# or to provide custom queries or build logic.
	#
	# ****** NOTE ******
	# We have attempted to detect the languages in your repository. Please check
	# the `language` matrix defined below to confirm you have the correct set of
	# supported CodeQL languages.
	#
	name: "CodeQL"

	on:
	push:
	branches: [ "develop", master ]
	pull_request:
	branches: [ "develop" ]
	schedule:
	- cron: '0 5 * * 4'

	jobs:
	analyze:
	name: Analyze
	runs-on: ubuntu-latest
	permissions:
	actions: read
	contents: read
	security-events: write

	strategy:
	fail-fast: false
	matrix:
	# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
	language: [ 'javascript' ]

	steps:
	- name: Checkout repository
	uses: actions/checkout@v3

	# Initializes the CodeQL tools for scanning.
	- name: Initialize CodeQL
	uses: github/codeql-action/init@v2
	with:
	languages: ${{ matrix.language }}
	# Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
	# queries: security-extended,security-and-quality

	- uses: actions/setup-node@v3
	with:
	node-version: 18.x
	cache: yarn
	- run: yarn --immutable
	- run: yarn build

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v2
	with:
	category: "/language:${{matrix.language}}"

Provide feedback