From 0a634c3ad12437d42a477a59b2d31648d5c688cc Mon Sep 17 00:00:00 2001
From: Adam Chalkley <atc0005@users.noreply.github.com>
Date: Fri, 17 Mar 2023 07:42:34 -0500
Subject: [PATCH] Update vuln analysis GHAW to use on.push hook

This hook is needed for proper operation of the
`Vulnerability / CodeQL` job so that it can compare
before/after changes against the base branch.

I'm opting to skip limiting either of the on.push or the
on.pull_request hook events to just the base branch, instead
adding a commented directive to imply that I explicitly
made that decision.

refs atc0005/todo#56
---
 .github/workflows/project-analysis.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/project-analysis.yml b/.github/workflows/project-analysis.yml
index 42e7047..1bdabfd 100644
--- a/.github/workflows/project-analysis.yml
+++ b/.github/workflows/project-analysis.yml
@@ -8,11 +8,17 @@
 name: Project Analysis
 
 on:
+  push:
+    # branches: [master]
+
   pull_request:
     # `synchronized` seems to equate to pushing new commits to a linked branch
     # (whether force-pushed or not)
     types: [opened, synchronize]
 
+    # The branches below must be a subset of the branches above
+    # branches: [master]
+
 jobs:
   lint:
     name: Lint