usbutils.spdx: update due to new file and checksums #45

	# SPDX-FileCopyrightText: 2024 Emil Velikov <[email protected]>
	# SPDX-FileCopyrightText: 2024 Lucas De Marchi <[email protected]>
	#
	# SPDX-License-Identifier: LGPL-2.1-or-later

	name: CodeQL

	on:
	push:
	branches: [master, ci-test]
	pull_request:
	branches: [master]
	schedule:
	- cron: "30 2 * * 0"

	permissions:
	contents: read

	jobs:
	analyze:
	name: Analyze
	runs-on: ubuntu-latest
	permissions:
	actions: read
	security-events: write

	strategy:
	fail-fast: false
	matrix:
	include:
	- container: 'ubuntu:24.04'

	container:
	image: ${{ matrix.container }}

	steps:
	- name: Sparse checkout the local actions
	uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
	with:
	sparse-checkout: .github

	- uses: ./.github/actions/setup-ubuntu
	if: ${{ startsWith(matrix.container, 'ubuntu') }}

	- name: Checkout the whole project
	uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0

	- name: Set the environment
	run: \|
	# The second checkout above claims to set safe.directory, yet it
	# doesn't quite work. Perhaps our double/sparse checkout is to blame?
	git config --global --add safe.directory '*'

	- name: Initialize CodeQL
	uses: github/codeql-action/init@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
	with:
	languages: cpp
	queries: +security-and-quality

	- name: Build
	run: \|
	mkdir build && cd build
	meson setup --native-file ../build-dev.ini . ..
	meson compile

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
	with:
	category: "/language:cpp"

Provide feedback