CodeQL #183

	name: "CodeQL"
	on:
	push:
	branches:
	- 'main'
	- 'release-v*'
	pull_request:
	schedule:
	- cron: '0 12 * * *'
	permissions:
	contents: read
	jobs:
	analyze-go:
	name: Analyze Go
	runs-on: ubuntu-latest
	permissions:
	actions: read # github/codeql-action/init@v2
	security-events: write # github/codeql-action/init@v2
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	- uses: ./.github/actions/install-deps
	- run: make vulncheck
	- uses: github/codeql-action/init@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1
	with:
	languages: go
	- uses: github/codeql-action/autobuild@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1
	- uses: github/codeql-action/analyze@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1
	analyze-github-actions:
	name: Analyze Github Actions
	runs-on: ubuntu-latest
	permissions:
	actions: read # github/codeql-action/init@v2
	security-events: write # github/codeql-action/init@v2
	steps:
	- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	- uses: github/codeql-action/init@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1
	with:
	languages: actions
	config: \|
	paths:
	- '.github/workflows'
	- '.github/actions'
	- uses: github/codeql-action/analyze@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1

Provide feedback