From e2198e932b385550924052c926dcd3d9327f8d53 Mon Sep 17 00:00:00 2001
From: vmfunc <celeste@linux.com>
Date: Fri, 13 Feb 2026 02:08:32 +0100
Subject: [PATCH] ci: replace qodana with codeql - no external tokens needed

Signed-off-by: vmfunc <celeste@linux.com>
---
 .github/workflows/code_quality.yml | 31 +++++++++++++++++++-----------
 1 file changed, 20 insertions(+), 11 deletions(-)

diff --git a/.github/workflows/code_quality.yml b/.github/workflows/code_quality.yml
index cc0d137..c8581ab 100644
--- a/.github/workflows/code_quality.yml
+++ b/.github/workflows/code_quality.yml
@@ -1,10 +1,13 @@
-name: qodana
+name: code quality
+
 on:
   workflow_dispatch:
   pull_request:
   push:
     branches:
       - main
+  schedule:
+    - cron: "0 6 * * 1" # monday 06:00 UTC
 
 permissions: {}
 
@@ -13,18 +16,24 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  qodana:
+  codeql:
     runs-on: ubuntu-latest
     permissions:
-      contents: write
-      pull-requests: write
-      checks: write
+      security-events: write
+      contents: read
     steps:
       - uses: actions/checkout@v4
+      - name: set up go
+        uses: actions/setup-go@v5
         with:
-          ref: ${{ github.event.pull_request.head.sha }}
-          fetch-depth: 0
-      - name: 'Qodana Scan'
-        uses: JetBrains/qodana-action@v2024.3
-        env:
-          QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
+          go-version: "1.24"
+      - name: initialize codeql
+        uses: github/codeql-action/init@v3
+        with:
+          languages: go
+      - name: build
+        run: go build ./...
+      - name: perform codeql analysis
+        uses: github/codeql-action/analyze@v3
+        with:
+          category: "/language:go"