chore: add/update default repository files (#181) #86

	---
	# GitHub Actions workflow for CodeQL security analysis
	# Performs static analysis to identify security vulnerabilities in GitHub Actions
	# https://docs.github.com/en/code-security/code-scanning/introduction-to-code-scanning/about-code-scanning-with-codeql
	name: codeql

	on:
	workflow_dispatch:
	push:
	branches: ["main"]
	pull_request:
	paths:
	- .github/workflows/*.yml
	schedule:
	- cron: 17 10 * * 2

	permissions: read-all

	jobs:
	codeql:
	runs-on: ubuntu-latest
	permissions:
	security-events: write
	packages: read
	steps:
	- name: Checkout repository
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

	- name: Initialize CodeQL
	# Does not support arm64
	uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
	with:
	languages: actions
	build-mode: none
	queries: security-extended

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
	with:
	category: "/language:actions"

Provide feedback