github: run workflows for dependabot #65

	name: "CodeQL"

	on:
	workflow_call: # allows to reuse this workflow
	inputs:
	ref:
	description: 'The branch to run the workflow on'
	required: true
	type: string
	push:
	branches: [ main ]
	pull_request:
	branches: [ main ]
	schedule:
	- cron: '34 1 * * 0'

	permissions:
	contents: read

	concurrency:
	group: ${{ github.ref }}-codeql
	cancel-in-progress: true

	jobs:
	analyze:
	name: Analyze (Go)
	# Runner size impacts CodeQL analysis time. To learn more, please see:
	# - https://gh.io/recommended-hardware-resources-for-running-codeql
	# - https://gh.io/supported-runners-and-hardware-resources
	# - https://gh.io/using-larger-runners (GitHub.com only)
	# Consider using larger runners or machines with greater resources for possible analysis time improvements.
	runs-on: 'ubuntu-latest'
	timeout-minutes: 360
	permissions:
	# required for all workflows
	security-events: write

	# required to fetch internal or private CodeQL packs
	packages: read

	# only required for workflows in private repositories
	actions: read
	contents: read

	steps:
	- name: Checkout repository
	uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
	with:
	ref: ${{ inputs.ref \|\| github.ref }}

	# Initializes the CodeQL tools for scanning.
	- name: Initialize CodeQL
	uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
	with:
	languages: go
	build-mode: autobuild

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
	with:
	category: "/language:go"

Provide feedback