From 9fa471028ea0fb80cc643473cc0f3a13b616ede7 Mon Sep 17 00:00:00 2001
From: Sora Morimoto <sora@morimoto.io>
Date: Thu, 11 Mar 2021 03:54:00 +0900
Subject: [PATCH] ci: add CodeQL security scanning

Signed-off-by: Sora Morimoto <sora@morimoto.io>
---
 .github/workflows/codeql.yml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 .github/workflows/codeql.yml

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 000000000..ca11ded74
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,21 @@
+name: CodeQL
+
+on:
+  pull_request:
+  push:
+  schedule:
+    - cron: 0 0 * * 0
+
+jobs:
+  codeql:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v1
+
+      - name: Perform CodeQL analysis
+        uses: github/codeql-action/analyze@v1