From 4264383e618152de808453c7b5d3ffa558bc837f Mon Sep 17 00:00:00 2001
From: Yoko <150261719+Dev-Yoko@users.noreply.github.com>
Date: Mon, 13 May 2024 15:42:59 +0530
Subject: [PATCH] Update CodeQL workflow to use latest CLI binaries and cache
 database (#431)

* Update CodeQL workflow to use latest CLI binaries and cache database

Update CodeQL workflow to use latest CLI binaries and cache database

- Specify the use of the latest CodeQL CLI binaries version v2.15.3 for both initialization and analysis steps.

* Resolve deprecation issue by upgrading to CodeQL Action v2

Resolve deprecation issue by upgrading to CodeQL Action v2

- Updated 'Initialize CodeQL' and 'Perform CodeQL Analysis' steps to use version 2 of the CodeQL Action.
- Removed deprecated version references and ensured compatibility with the latest GitHub Actions specifications.
---
 .github/workflows/codeql-analysis.yml | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 7e9bbb8..98bacbc 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -2,10 +2,10 @@ name: CodeQL Analysis
 
 on:
   push:
-    # ignore dependabot branches on push -> https://github.com/microsoft/binskim/issues/425#issuecomment-893373709
     branches-ignore:
       - 'dependabot/**'
   pull_request:
+    branches: [ '**' ]
   schedule:
     - cron: '0 8 * * *'
   workflow_dispatch:
@@ -14,14 +14,22 @@ jobs:
   analyze:
     name: Analyze
     runs-on: ubuntu-latest
+
     steps:
       - name: Checkout repository
         uses: actions/checkout@v2
 
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v1
+      - name: Cache CodeQL database
+        uses: actions/cache@v2
         with:
-          languages: python
+          path: ~/.codeql
+          key: ${{ runner.os }}-codeql-${{ hashFiles('**/qlpack.yml') }}
+          restore-keys: ${{ runner.os }}-codeql-
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: 'python'
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v1
\ No newline at end of file
+        uses: github/codeql-action/analyze@v2