ci(codeql): back to queries

Author: damyanpetev

.github/codeql/codeql-config.yml

@@ -14,3 +14,6 @@ class ShellArgSanitizer extends CommandInjection::Sanitizer {
       this.(DataFlow::CallNode).getCalleeName() = "sanitizeShellArg"
     }
 }
+
+// needed to make the module valid https://codeql.github.com/docs/ql-language-reference/modules/#query-modules
+where 1 = 0 select "no-op"

…om-queries-javascript/ShellSanitizer.qll …tom-queries-javascript/ShellSanitizer.ql.github/codeql/custom-queries-javascript/ShellSanitizer.qll renamed to .github/codeql/custom-queries-javascript/ShellSanitizer.ql .github/codeql/custom-queries-javascript/ShellSanitizer.qll renamed to .github/codeql/custom-queries-javascript/ShellSanitizer.ql

@@ -49,7 +49,7 @@ jobs:
         # By default, queries listed here will override any specified in a config file.
         # Prefix the list here with "+" to use these queries and those in the config file.
         # queries: ./path/to/local/query, your-org/your-repo/queries@main
-        config-file: ./.github/codeql/codeql-config.yml
+        queries: ./.github/codeql/custom-queries-javascript/ShellSanitizer.ql
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)