From b592b56a9649f4a64eee6fe353ebfb16d6718983 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabiana=20=F0=9F=9A=80=20=20Campanari?=
 <113218619+FabianaCampanari@users.noreply.github.com>
Date: Sun, 5 Jan 2025 18:23:47 -0300
Subject: [PATCH] Update codeql-analysis.yml
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Fabiana 🚀  Campanari <113218619+FabianaCampanari@users.noreply.github.com>
---
 .github/workflows/codeql-analysis.yml | 40 ++++++---------------------
 1 file changed, 8 insertions(+), 32 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 875e246..6a25645 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -1,20 +1,14 @@
-name: 'Code scanning'
+name: 'Code Scanning'
 
 on:
-  push:
-    branches: [main]
-
   pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [main]
     types:
       - opened
       - synchronize
       - reopened
       - ready_for_review
-
   schedule:
-    - cron: '0 13 * * 1'
+    - cron: '0 13 * * 1' # Scheduled to run every Monday at 13:00 UTC
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.event.number || github.ref }}
@@ -30,37 +24,19 @@ jobs:
     permissions:
       security-events: write
     steps:
+      # Step 1: Checkout the repository
       - name: Checkout repository
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@v4.1.1
 
+      # Step 2: Delete fixtures to suppress false positives
       - name: Delete fixtures to suppress false positives
         run: |
           find ./lib -type d -name '__fixtures__' -exec rm -rf {} \; || true
 
-      # Initializes the CodeQL tools for scanning.
+      # Step 3: Initialize CodeQL for scanning
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
+        uses: github/codeql-action/init@v3.28.0
         with:
           languages: javascript
 
-        # Override language selection by uncommenting this and choosing your languages
-        # with:
-        #   languages: go, javascript, csharp, python, cpp, java
-      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-      # If this step fails, then you should remove it and run the build manually (see below)
-      - name: Autobuild
-        uses: github/codeql-action/autobuild@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
-
-      # ℹ️ Command-line programs to run using the OS shell.
-      # 📚 https://git.io/JvXDl
-
-      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-      #    and modify them (or add more) to build your code if your project
-      #    uses a compiled language
-
-      #- run: |
-      #   make bootstrap
-      #   make release
-
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
+      # Step 4: Autobuild step to build