PR Analysis without upload.yml #30

	name: "CodeQL Advanced"

	on:
	pull_request:
	branches: [ "main" ]


	jobs:
	analyze:
	name: Analyze (${{ matrix.language }})
	runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') \|\| 'ubuntu-latest' }}
	permissions:
	# required for all workflows
	security-events: write

	# required to fetch internal or private CodeQL packs
	packages: read

	strategy:
	fail-fast: false
	matrix:
	include:
	- language: javascript
	build-mode: none

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	# Initializes the CodeQL tools for scanning.
	- name: Initialize CodeQL
	uses: github/codeql-action/init@v3
	with:
	languages: ${{ matrix.language }}
	build-mode: ${{ matrix.build-mode }}
	queries: security-extended

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v3
	with:
	category: "/language:${{matrix.language}}"
	upload: "never"
	output: ./codeql/

	- name: List files to verify the file exists
	run: cd codeql/; ls -lah

	- name: List files to verify the file exists
	run: cd codeql/; more javascript.sarif

	- name: Set up Node.js
	uses: actions/setup-node@v3
	with:
	node-version: 'latest'

	- name: Run sarif-to-comment
	run: \|
	npx @security-alert/sarif-to-comment \
	--commentUrl "$URL" \
	--sarifContentOwner "$OWNER" \
	--sarifContentRepo "$REPOSITORY" \
	--sarifContentBranch "$BRANCH" \
	"$File"
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	REPOSITORY: "codeql_troubleshoot_container"
	OWNER: "Perdiga"
	URL: "https://github.com/Perdiga/codeql_troubleshoot_container/pull/1"
	BRANCH: "main"
	File: "./codeql/javascript.sarif"

Provide feedback