Resolves: Add native GitHub continuous code security and quality analysis #121

	name: CodeQL Analysis

	on:
	push:
	# ignore dependabot branches on push -> https://github.com/microsoft/binskim/issues/425#issuecomment-893373709
	branches-ignore:
	- 'dependabot/**'
	pull_request:
	schedule:
	- cron: '0 8 * * *'
	workflow_dispatch:

	jobs:
	analyze:
	name: Analyze
	runs-on: ubuntu-latest
	steps:
	- name: Checkout repository
	uses: actions/checkout@v2

	- name: Initialize CodeQL
	uses: github/codeql-action/init@v1
	with:
	languages: javascript
	config-file: ./.github/codeql/codeql-config.yml

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v1

	# Built with ❤ by [Pipeline Foundation](https://pipeline.foundation)

Provide feedback