name: GitHub CodeQL ๐Ÿ”ฌ on: workflow_call: inputs: commit: required: true type: string jobs: analyze: name: Analyze ${{ matrix.language }} ๐Ÿ”ฌ runs-on: ubuntu-latest strategy: fail-fast: false matrix: language: - javascript-typescript steps: - name: Checkout repository โฌ‡๏ธ uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 with: ref: ${{ inputs.commit }} show-progress: false - name: Initialize CodeQL ๐Ÿ› ๏ธ uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 with: queries: security-and-quality languages: ${{ matrix.language }} - name: Autobuild ๐Ÿ“ฆ uses: github/codeql-action/autobuild@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 - name: Perform CodeQL Analysis ๐Ÿงช uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 with: category: '/language:${{matrix.language}}'