Merge pull request #2828 from theupdateframework/dependabot/pip/test-… #1890

	name: "CodeQL Analysis"

	on:
	push:
	branches: [ develop ]
	pull_request:
	branches: [ develop ]
	schedule:
	- cron: '30 0 * * 2'
	workflow_dispatch:

	permissions: {}

	jobs:
	analyze:
	name: Analyze
	runs-on: ubuntu-latest
	permissions:
	# NOTE: If you add security critical permissions, start pinning used actions
	actions: read
	contents: read
	security-events: write # for uploading to code-scanning dashboard

	steps:
	- name: Checkout repository
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	with:
	persist-credentials: false

	- name: Initialize CodeQL
	uses: github/codeql-action/init@v3 # zizmor: ignore[unpinned-uses]
	with:
	languages: 'python'

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v3 # zizmor: ignore[unpinned-uses]

Provide feedback