ci: upgrading the codeql workflow to the latest way it configs

readmeio · Jun 18, 2021 · 82e35ac · 82e35ac
1 parent b675d52
commit 82e35ac
Showing 1 changed file with 12 additions and 23 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -1,8 +1,10 @@
-name: "Code scanning - action"
+name: "CodeQL"
 
 on:
   push:
+    branches: [master]
   pull_request:
+    branches: [master]
   schedule:
     - cron: '0 12 * * 1'
 
@@ -12,27 +14,14 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - name: Checkout repository
-      uses: actions/[email protected]
-      with:
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
-        fetch-depth: 2
+      - name: Checkout repository
+        uses: actions/[email protected]
 
-    # If this run was triggered by a pull request event, then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+        with:
+          languages: javascript
+          config-file: ./.github/codeql/config.yml
 
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      with:
-        languages: javascript
-        config-file: ./.github/codeql/config.yml
-
-    - name: Install Dependencies
-      run: npm ci
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v1