ci: use electron/semantic-trusted-release instead of npx (#127) #412

	name: CodeQL

	on:
	pull_request:
	branches:
	- main
	push:
	branches:
	- main
	schedule:
	- cron: '31 7 * * 3'

	permissions:
	actions: read
	checks: write
	contents: read
	security-events: write

	jobs:
	analyze:
	name: Analyze
	runs-on: ubuntu-latest

	strategy:
	fail-fast: false
	matrix:
	language:
	- TypeScript

	steps:
	- name: Checkout
	id: checkout
	uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

	- name: Initialize CodeQL
	id: initialize
	uses: github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
	with:
	languages: ${{ matrix.language }}
	source-root: src

	- name: Autobuild
	id: autobuild
	uses: github/codeql-action/autobuild@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4

	- name: Perform CodeQL Analysis
	id: analyze
	uses: github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4

Provide feedback