From 0306eb58839c17a11ecbeaff45ef6fa01766d1dd Mon Sep 17 00:00:00 2001
From: Guilherme Caponetto <638737+caponetto@users.noreply.github.com>
Date: Tue, 10 May 2022 13:55:40 -0700
Subject: [PATCH] Add CodeQL workflow (#45)

---
 .github/workflows/ci.yml     |  2 +-
 .github/workflows/codeql.yml | 37 ++++++++++++++++++++++++++++++++++++
 2 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 .github/workflows/codeql.yml

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index ebb4a1d..ad185bb 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -4,7 +4,7 @@ on:
   push:
     branches: [main]
   pull_request:
-    branches: "**"
+    branches: [main]
 
 concurrency:
   group: ${{ github.event.pull_request && format('ci-pr-{0}', github.event.pull_request.number) || 'ci-main' }}
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 0000000..98742c6
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,37 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+concurrency:
+  group: ${{ github.event.pull_request && format('codeql-pr-{0}', github.event.pull_request.number) || 'codeql-main' }}
+  cancel-in-progress: true
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["javascript"]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2