From fdb0947ba0f41911876dc06968ba815438eb889e Mon Sep 17 00:00:00 2001
From: Andrew Schwartzmeyer <andrew@schwartzmeyer.com>
Date: Wed, 28 Apr 2021 10:21:00 -0700
Subject: [PATCH] Fix triggers for CodeQL

The push event should only be registered for the master branch and for tags.
It was erroneously running on every branch, breaking Dependabot.  For PRs we
exclude documentation changes only.  The schedule was set to run once a week,
but we may as well run every morning.
---
 .github/workflows/codeql.yml | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index df7de6d888..f7b9d91aa3 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -2,9 +2,17 @@ name: "Code scanning - action"
 
 on:
   push:
+    branches:
+      - master
+    tags:
+      - v*
   pull_request:
+    branches:
+      - master
+    paths-ignore:
+      - '**/*.md'
   schedule:
-    - cron: '0 19 * * 0'
+    - cron: '00 14 * * *' # Every morning at 7:00am PDT
 
 jobs:
   CodeQL-Build:
@@ -25,7 +33,7 @@ jobs:
     # the head of the pull request instead of the merge commit.
     - run: git checkout HEAD^2
       if: ${{ github.event_name == 'pull_request' }}
-      
+
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v1