From aeac5fb55fc86be657c12338706c0b0acc32694f Mon Sep 17 00:00:00 2001 From: varkart <44122128+varkart@users.noreply.github.com> Date: Fri, 12 Jun 2026 04:58:05 -0600 Subject: [PATCH 1/2] Add concurrency guard to CI workflow --- .github/workflows/ci.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bab4fda..2bd0f83 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,6 +9,10 @@ on: permissions: contents: read +concurrency: + group: ci-${{ github.ref }} + cancel-in-progress: true + env: FORCE_JAVASCRIPT_ACTIONS_TO_NODE24: true From b02d12a324de4b9c6c958f0b6c1e96e39b255253 Mon Sep 17 00:00:00 2001 From: varkart <44122128+varkart@users.noreply.github.com> Date: Fri, 12 Jun 2026 04:58:06 -0600 Subject: [PATCH 2/2] Add CodeQL analysis workflow --- .github/workflows/codeql.yml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 .github/workflows/codeql.yml diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..ec09b93 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,35 @@ +name: CodeQL + +on: + push: + branches: [main] + pull_request: + branches: [main] + schedule: + - cron: '0 5 * * 1' + +permissions: + actions: read + contents: read + security-events: write + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + language: ['javascript-typescript'] + steps: + - uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v4 + with: + languages: ${{ matrix.language }} + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v4 + with: + category: '/language:${{ matrix.language }}'