Prepare for release v1.14.11 #1485

	name: CodeQL

	on:
	pull_request:
	branches:
	- v1.14
	- ft/v1.14/**
	push:
	branches:
	- v1.14
	- ft/v1.14/**
	schedule:
	- cron: "45 6 * * 3"

	permissions: read-all

	jobs:
	check_changes:
	name: Deduce required tests from code changes
	if: ${{ github.event_name == 'pull_request' }}
	runs-on: ubuntu-latest
	outputs:
	go-changes: ${{ steps.go-changes.outputs.src }}
	steps:
	- name: Check code changes
	uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
	id: go-changes
	with:
	filters: \|
	src:
	- .github/workflows/lint-codeql.yaml
	- '*/.go'
	- 'go.mod'
	- 'go.sum'

	analyze:
	needs: check_changes
	if: ${{ needs.check_changes.outputs.go-changes == 'true' \|\| github.event_name != 'pull_request' }}
	name: Analyze
	runs-on: ubuntu-latest
	permissions:
	security-events: write
	steps:
	- name: Checkout repo
	uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
	with:
	persist-credentials: false
	fetch-depth: 1
	- name: Initialize CodeQL
	uses: github/codeql-action/init@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1
	with:
	languages: go
	debug: true
	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1

Provide feedback