ci(codeql): queries uses instead

Author: damyanpetev

.github/workflows/codeql-analysis.yml

@@ -49,7 +49,9 @@ jobs:
         # By default, queries listed here will override any specified in a config file.
         # Prefix the list here with "+" to use these queries and those in the config file.
         # queries: ./path/to/local/query, your-org/your-repo/queries@main
-        queries: ./.github/codeql/custom-queries-javascript
+        queries:
+          # https://docs.github.com/en/code-security/reference/code-scanning/workflow-configuration-options#specifying-additional-queries
+          - uses: ./.github/codeql/custom-queries-javascript/ShellSanitizer.qll
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)