From 711bb5aaff13c9225b1909d2542e4e17d9b36578 Mon Sep 17 00:00:00 2001
From: Trevor Eberl <trevor@microsoft.com>
Date: Fri, 27 Jun 2025 12:23:46 -0700
Subject: [PATCH] adding codeql action

---
 .github/workflows/codeql.yaml | 38 +++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 .github/workflows/codeql.yaml

diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
new file mode 100644
index 000000000..3d5129caf
--- /dev/null
+++ b/.github/workflows/codeql.yaml
@@ -0,0 +1,38 @@
+name: 🔍️ CodeQL
+
+on: [push, pull_request, workflow_dispatch]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  analyse:
+    runs-on: ${{ matrix.os }}
+    permissions:
+      security-events: write
+    strategy:
+      matrix:
+        os:
+          - ubuntu-latest
+        language:
+          - javascript-typescript
+          - python
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Initialise CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          queries: +security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Perform CodeQL analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:${{ matrix.language }}"
\ No newline at end of file