chore(ci): seperate security job

ayushmanchhabra · ayushmanchhabra · commit 4869ecf63bb9 · 2025-08-03T22:33:06.000+05:30
diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml
@@ -36,17 +36,6 @@ jobs:
         run: npm ci
       - name: Check for linting errors
         run: npm run lint
-      - name: Init CodeQL
-        if: matrix.os == 'ubuntu-24.04'
-        uses: github/codeql-action/init@v3
-        with:
-          languages: ['javascript', 'typescript', 'actions']
-      - name: Autobuild
-        if: matrix.os == 'ubuntu-24.04'
-        uses: github/codeql-action/autobuild@v3
-      - name: Perform CodeQL Analysis
-        if: matrix.os == 'ubuntu-24.04'
-        uses: github/codeql-action/analyze@v3
       - name: Run tests
         run: npm run test:cov
       - name: Report Coverage
diff --git a/.github/workflows/sec.yml b/.github/workflows/sec.yml
@@ -0,0 +1,22 @@
+jobs:
+  codeql:
+    runs-on: ubuntu-24.04
+    permissions:
+      contents: read
+      security-events: write
+    steps:
+      ... # Same CodeQL steps as above
+
+  tests:
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Init CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ['javascript', 'typescript']
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
