FIX: Update CodeQL to v3, Node.js to v20, and add security permissions

Deepak Pandey · Deepak Pandey · commit 9ebd1ddc7ce4 · 2025-09-06T11:02:59.000+05:30
- Updated CodeQL actions from v2 to v3 to fix deprecation warnings
- Updated Node.js version from 18 to 20 to fix engine compatibility warnings
- Added security-events:write permission for CodeQL to upload results
- Added contents:read and actions:read permissions for proper workflow execution
diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml
@@ -6,8 +6,13 @@ on:
   pull_request:
     branches: [ main, develop ]
 
+permissions:
+  contents: read
+  security-events: write
+  actions: read
+
 env:
-  NODE_VERSION: '18'
+  NODE_VERSION: '20'
   PUPPETEER_SKIP_CHROMIUM_DOWNLOAD: true
 
 jobs:
@@ -135,12 +140,12 @@ jobs:
 
       # CodeQL Analysis
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
         with:
           languages: javascript
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3
 
       # Custom Security Tests
       - name: Run security tests
