From f6596db12c9e120990831e1caa149ba67f8de6c0 Mon Sep 17 00:00:00 2001
From: Christian Oliff <christian_oliff@trimble.com>
Date: Thu, 11 Sep 2025 10:29:49 +0900
Subject: [PATCH] Add CodeQL workflow and update project metadata

Introduces a CodeQL analysis GitHub Actions workflow for security and quality scanning. Updates the README to reference the correct upstream project. Refactors index.html for improved semantics and accessibility, including header/main elements and image attributes. Cleans up and reorders package.json fields, adds 'private' flag, and makes minor metadata adjustments.
---
 .github/workflows/codeql-analysis.yml | 36 +++++++++++++++++++++++++++
 README.md                             |  2 +-
 index.html                            | 10 ++++----
 package.json                          | 29 ++++++++++-----------
 4 files changed, 57 insertions(+), 20 deletions(-)
 create mode 100644 .github/workflows/codeql-analysis.yml

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000..101905c
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,36 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches:
+      - main
+      - "!dependabot/**"
+  pull_request:
+    branches:
+      - main
+      - "!dependabot/**"
+  workflow_dispatch:
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        with:
+          persist-credentials: false
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.30.1
+        with:
+          languages: "javascript"
+          queries: +security-and-quality
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.30.1
diff --git a/README.md b/README.md
index 20b7938..3a2172a 100644
--- a/README.md
+++ b/README.md
@@ -2,4 +2,4 @@
 
 Display for all the H5BP projects.
 
-Adapted from [twitter.github.com](https://github.com/twitter/twitter.github.com).
+Adapted from [opensource-website](https://github.com/twitter/opensource-website).
diff --git a/index.html b/index.html
index e8f28f1..45e5438 100644
--- a/index.html
+++ b/index.html
@@ -3,9 +3,9 @@
 
 <head>
   <meta charset="utf-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1">
   <title>H5BP &hearts; Open Source</title>
   <meta name="description" content="Find all the H5BP projects in one place.">
-  <meta name="viewport" content="width=device-width, initial-scale=1">
   <link rel="stylesheet" href="assets/normalize.css">
   <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/main.css@3.0.0/dist/main.min.css">
   <link rel="stylesheet" href="assets/style.css">
@@ -14,10 +14,10 @@
 
 <body>
   <div class="grid">
-    <div class="unit-1-3 site-header">
+    <header class="unit-1-3 site-header">
       <div class="header-box">
         <div class="site-logo">
-          <img src="assets/h5bp-logo.png" alt="">
+          <img src="assets/h5bp-logo.png" width="57" height="57" alt="">
           <h1>H5BP</h1>
         </div>
         <h2>A bunch of people creating open source software. Fork a project and get involved!</h2>
@@ -31,9 +31,9 @@ <h2>A bunch of people creating open source software. Fork a project and get invo
         <h3>Recently updated</h3>
         <ol id="updated-repos"></ol>
       </div>
-    </div>
+    </header>
 
-    <div class="site-content" id="repos"></div>
+    <main class="site-content" id="repos"></main>
   </div>
 
   <footer class="site-footer">
diff --git a/package.json b/package.json
index 817b582..543fe11 100644
--- a/package.json
+++ b/package.json
@@ -1,29 +1,30 @@
 {
-  "engines": {
-    "node": ">=8",
-    "npm": ">=3"
-  },
-  "babel": {
-    "presets": [
-      "@babel/preset-env"
-    ]
-  },
-  "scripts": {
-    "babel": "babel ./assets/app.babel.js --watch --out-file ./assets/app.js"
-  },
-  "homepage": "https://h5bp.org/",
-  "license": "MIT",
   "name": "h5bp.github.io",
   "version": "1.0.0",
+  "private": true,
   "description": "Home page for the h5bp gitHub organization.",
+  "homepage": "https://h5bp.org/",
   "repository": {
     "type": "git",
     "url": "https://github.com/h5bp/h5bp.github.io.git"
   },
+  "license": "MIT",
+  "scripts": {
+    "babel": "babel ./assets/app.babel.js --watch --out-file ./assets/app.js"
+  },
+  "babel": {
+    "presets": [
+      "@babel/preset-env"
+    ]
+  },
   "devDependencies": {
     "@babel/cli": "^7.4.3",
     "@babel/core": "^7.4.3",
     "@babel/preset-env": "^7.4.3",
     "babel-preset-env": "^1.7.0"
+  },
+  "engines": {
+    "node": ">=8",
+    "npm": ">=3"
   }
 }