Update security-scan.yml

Author: KazerL

.github/workflows/security-scan.yml

@@ -1,25 +1,29 @@
+# .github/workflows/security-scan.yml
+
 name: Security Scan
 
 on:
   push:
     branches:
       - main
   pull_request:
+    branches:
+      - main
   schedule:
-    - cron: '0 4 * * 0'  # weekly Sunday 04:00 UTC
+    - cron: '0 4 * * 0'   # weekly Sunday 04:00 UTC
+
+permissions:
+  contents: read        # allow reading repository contents
+  security-events: write  # allow uploading CodeQL alerts
 
 jobs:
   codeql:
     name: Perform CodeQL Analysis
     runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      security-events: write
 
     strategy:
       matrix:
-        # pick the languages you use; here we scan JavaScript and Python
-        language: [ 'javascript', 'python' ]
+        language: [ 'javascript', 'python' ]  # scan these languages
 
     steps:
       - name: Checkout repository