From ef3c381407628fe6e4cbc16ba5add5cc2284f133 Mon Sep 17 00:00:00 2001
From: github-actions <github-actions@github.com>
Date: Wed, 19 Nov 2025 16:31:31 +0000
Subject: [PATCH] [Product Security] Add or update CodeQL workflow

---
 .github/workflows/codeql.yaml | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 .github/workflows/codeql.yaml

diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
new file mode 100644
index 00000000..286b1abb
--- /dev/null
+++ b/.github/workflows/codeql.yaml
@@ -0,0 +1,19 @@
+name: "CodeQL public repository scanning"
+
+on:
+  push:
+  schedule:
+    - cron: "0 0 * * *"
+  pull_request_target:
+    types: [opened, synchronize, reopened]
+  workflow_dispatch:
+
+permissions:
+  contents: read
+  security-events: write
+  actions: read
+  packages: read
+
+jobs:
+  trigger-codeql:
+    uses: zendesk/prodsec-code-scanning/.github/workflows/codeql_advanced_shared.yml@production