You want to modify the queries that are being run by CodeQL by updating the default set of queries that are run.
Add the following line to codeql-analysis.yml on line 47 under the “with:” tag
queries: +security-extended
Generate output csv
This part is a little hacky, but if you add the following to your codeq-analysisl.yml it will append a zip to each workflow run that contains the CodeQL SARIF output and the csv format that Mike is expecting.
đź’ˇ Description
The following needs to be updated on all repos:
Enable security analysis
Generate output csv