CodeQL #9

	# CodeQL SAST analysis for supply-chain security
	# See https://docs.github.com/en/code-security/code-scanning

	name: CodeQL

	on:
	push:
	branches: [ "main" ]
	pull_request:
	branches: [ "main" ]
	schedule:
	# Run weekly on Mondays at 3 AM UTC
	- cron: '0 3 * * 1'

	# Declare default permissions as read only.
	permissions: read-all

	jobs:
	analyze:
	name: Analyze (Go)
	runs-on: ubuntu-latest
	permissions:
	contents: read
	security-events: write
	actions: read

	steps:
	- name: Checkout code
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

	- name: Set up Go
	uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5.4.0
	with:
	go-version-file: 'go.mod'

	- name: Initialize CodeQL
	uses: github/codeql-action/init@ebcb5b36ded6beda4ceefea6a8bc4cc885255bb3 # v3.34.1
	with:
	languages: go
	queries: security-extended,security-and-quality

	- name: Autobuild
	uses: github/codeql-action/autobuild@ebcb5b36ded6beda4ceefea6a8bc4cc885255bb3 # v3.34.1

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@ebcb5b36ded6beda4ceefea6a8bc4cc885255bb3 # v3.34.1
	with:
	category: "/language:go"

Provide feedback