Merge pull request #310 from kexa-io/dev #236

	name: "CodeQL"
	on: [push, pull_request]
	permissions:
	contents: read

	jobs:
	analyze:
	permissions:
	actions: read # for github/codeql-action/init to get workflow details
	contents: read # for actions/checkout to fetch code
	security-events: write # for github/codeql-action/analyze to upload SARIF results
	name: Analyze code
	runs-on: ubuntu-latest
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
	with:
	egress-policy: audit

	- name: Checkout repository
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

	- name: Initialize CodeQL
	uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
	with:
	languages: 'javascript'

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6

	- name: Upload SARIF File
	uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
	with:
	name: codeql-sarif
	path: /home/runner/work/Kexa/results/javascript.sarif

Provide feedback