Merge pull request #203 from codeunia-dev/production-readiness-improvements

codeunia-dev · web-flow · commit eacaf86f66e3 · 2025-09-06T11:03:40.000+05:30
FIX: Update CodeQL to v3, Node.js to v20, and add security permissions
diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml
@@ -6,8 +6,13 @@ on:
   pull_request:
     branches: [ main, develop ]
 
+permissions:
+  contents: read
+  security-events: write
+  actions: read
+
 env:
-  NODE_VERSION: '18'
+  NODE_VERSION: '20'
   PUPPETEER_SKIP_CHROMIUM_DOWNLOAD: true
 
 jobs:
@@ -135,12 +140,12 @@ jobs:
 
       # CodeQL Analysis
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
         with:
           languages: javascript
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3
 
       # Custom Security Tests
       - name: Run security tests
