# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json

name: CodeQL

on:
  workflow_dispatch:

  schedule:
    - cron: "0 7 * */2 *"
  #            │ │ │  │  │
  #            │ │ │  │  └─── day of the week (0 - 6 or SUN-SAT)
  #            │ │ │  └────── month (1 - 12 or JAN-DEC)
  #            │ │ └───────── day of the month (1 - 31)
  #            │ └─────────── hour (0 - 23)
  #            └───────────── minute (0 - 59)
  workflow_call:
    inputs:
      node-version:
        description: "Node.js version"
        required: true
        default: "lts/*"
        type: string

jobs:
  analyze-code-ql:
    name: CodeQL Analyze
    runs-on: ubuntu-latest

    permissions:
      actions: read
      contents: read
      security-events: write

    strategy:
      fail-fast: false
      matrix:
        language: ["TypeScript"]
        # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support

    steps:
      - name: ⤵️ Checkout repository
        uses: actions/checkout@v4

      - name: 🏗 Initialize CodeQL
        uses: github/codeql-action/init@v3
        with:
          languages: ${{ matrix.language }}
          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
          # queries: security-extended,security-and-quality

      - name: 🏗 Auto build
        uses: github/codeql-action/autobuild@v3

      - name: 🚀 Perform CodeQL Analysis
        uses: github/codeql-action/analyze@v3