name: GitHub CodeQL ๐Ÿ”ฌ on: workflow_call: inputs: commit: required: true type: string jobs: analyze: name: Analyze ${{ matrix.language }} ๐Ÿ”ฌ runs-on: ubuntu-latest strategy: fail-fast: false matrix: language: - javascript-typescript steps: - name: Checkout repository โฌ‡๏ธ uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: ref: ${{ inputs.commit }} show-progress: false - name: Initialize CodeQL ๐Ÿ› ๏ธ uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 with: queries: security-and-quality languages: ${{ matrix.language }} - name: Autobuild ๐Ÿ“ฆ uses: github/codeql-action/autobuild@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 - name: Perform CodeQL Analysis ๐Ÿงช uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 with: category: '/language:${{matrix.language}}'