From eb208f5f3a8adb446cce372c28460f3dde90f602 Mon Sep 17 00:00:00 2001
From: Ulli Hafner <ullrich.hafner@gmail.com>
Date: Wed, 13 Nov 2024 15:53:09 +0100
Subject: [PATCH] Use `pull_request_target` for CodeQL workflow.

---
 .github/workflows/codeql.yml | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index d2ae816e4d..c1e547419c 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -3,12 +3,8 @@ name: "CodeQL"
 on:
   push:
     branches:
-      - master
-      - main
-  pull_request:
-    branches:
-      - master
       - main
+  pull_request_target:
   schedule:
     - cron: "32 3 * * 0"
 
@@ -49,7 +45,7 @@ jobs:
           queries: +security-and-quality
 
       - name: Build with Maven
-        run: mvn -V --color always -ntp clean verify --file pom.xml -Pskip
+        run: mvn -V --color always -ntp clean verify -Pskip
 
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v3