From 9cd4a35120b849689707ae8be39c2b909276c2d7 Mon Sep 17 00:00:00 2001
From: Manuel <5673677+mtrezza@users.noreply.github.com>
Date: Wed, 14 Sep 2022 23:38:37 +0200
Subject: [PATCH] ci: add code scanning (#8169)

---
 .github/workflows/ci.yml | 26 +++++++++++++++++++++++---
 1 file changed, 23 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index c37ca70a..75791824 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -1,14 +1,34 @@
 name: ci
 on:
   push:
-    branches: [ release, alpha, beta, next-major ]
+    branches: [ release, alpha, beta ]
   pull_request:
-    branches:
-      - '**'
+    branches: [ release, alpha, beta ]
 env:
   NODE_VERSION: 16.14.2
   PARSE_SERVER_TEST_TIMEOUT: 20000
 jobs:
+  check-code-analysis:
+    name: Code Analysis
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'javascript' ]
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        source-root: src
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
   check-ci:
     name: Node Engine Check
     timeout-minutes: 15