Update security-scan.yml

Author: KazerL

.github/workflows/security-scan.yml

@@ -1,35 +1,10 @@
-name: Security Scanning
+name: Security Scan
 
 on:
+  pull_request:
   schedule:
-    - cron: '0 0 * * 0' # Runs weekly on Sunday at midnight UTC
-  pull_request:           # Runs on every pull request
-  push:                   # Runs on pushes 
-    
+    - cron: '0 4 * * 0'   # weekly Sunday 04:00 UTC
 
 jobs:
-  codeql-scan:
-    name: Perform CodeQL Analysis
-    runs-on: ubuntu-latest
-
-    permissions:
-      actions: read          # Allows Actions to read resources
-      contents: read         # Grants access to code
-      security-events: write # Required for security analysis
-
-    steps:
-      # Step 1: Checkout the repository
-      - name: Checkout code
-        uses: actions/checkout@v3
-
-      # Step 2: Initialize CodeQL
-      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
-        with:
-          languages: 'javascript,python' # Specify languages (add/remove as needed)
-          # Optional: Specify custom CodeQL queries
-          # queries: ./path/to/custom-queries
-
-      # Step 3: Perform CodeQL Analysis
-      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+  codeql:
+    uses: github/codeql-action/.github/workflows/codeql.yml@v3