From aee424141be51373fb129fca3b1f7d1a5694ab6e Mon Sep 17 00:00:00 2001
From: Lam Wei Li <peteriman@mail.com>
Date: Mon, 26 Sep 2022 13:45:29 +0800
Subject: [PATCH] ci: removed scheduled job from codeql and separated npm audit

---
 .github/workflows/codeql-analysis.yml |  4 +--
 .github/workflows/node.js.yml         |  4 +--
 .github/workflows/npm-audit.yml       | 35 +++++++++++++++++++++++++++
 .github/workflows/npm-publish.yml     |  8 +++---
 4 files changed, 42 insertions(+), 9 deletions(-)
 create mode 100644 .github/workflows/npm-audit.yml

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 0ec1552..efb34a0 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -17,8 +17,6 @@ on:
   pull_request:
     # The branches below must be a subset of the branches above
     branches: [ "master" ]
-  schedule:
-    - cron: '15 11 * * 3'
 
 jobs:
   analyze:
@@ -70,3 +68,5 @@ jobs:
 
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v2
+      with:
+        category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml
index a8d1f22..6cac726 100644
--- a/.github/workflows/node.js.yml
+++ b/.github/workflows/node.js.yml
@@ -8,6 +8,7 @@ on:
     branches: [ master ]
   pull_request:
     branches: [ master ]
+  workflow_dispatch: {}
 
 jobs:
   build:
@@ -31,6 +32,3 @@ jobs:
     - run: npm run build --if-present
     - run: npm test
     - run: npm run typings
-    - run: npm audit
-      env:
-        NODE_ENV: production
diff --git a/.github/workflows/npm-audit.yml b/.github/workflows/npm-audit.yml
new file mode 100644
index 0000000..8894dec
--- /dev/null
+++ b/.github/workflows/npm-audit.yml
@@ -0,0 +1,35 @@
+# This workflow will do a clean installation of node dependencies, cache/restore them, build the source code and run tests across different versions of node
+# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
+
+name: npm audit
+
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    branches: [ "master" ]
+  schedule:
+    - cron: '0 0 * * 3'
+  workflow_dispatch: {}
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        node-version: [latest]
+        # See supported Node.js release schedule at https://nodejs.org/en/about/releases/
+
+    steps:
+    - uses: actions/checkout@v3
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v3
+      with:
+        node-version: ${{ matrix.node-version }}
+        cache: 'npm'
+
+    - run: npm audit
+      env:
+        NODE_ENV: production
diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml
index e4e4922..97f38df 100644
--- a/.github/workflows/npm-publish.yml
+++ b/.github/workflows/npm-publish.yml
@@ -11,8 +11,8 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
         with:
           node-version: 16
       - run: npm ci
@@ -23,8 +23,8 @@ jobs:
     needs: build
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-node@v3
         with:
           node-version: 16
           registry-url: https://registry.npmjs.org/