diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index eaa9599b..3ef873fc 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -14,11 +14,10 @@ name: "CodeQL"
 on:
   push:
     branches: [ "main", "master" ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ "main", "master" ]
   schedule:
-    - cron: '28 21 * * 0'
+    - cron: '0 0 * * *'
+  pull_request:
+    branches: '*'
 
 jobs:
   analyze:
@@ -103,21 +102,25 @@ jobs:
           -**:cpp/suspicious-pointer-scaling
           -**:cpp/suspicious-pointer-scaling-void
           -**:cpp/unsigned-comparison-zero
-          -**/third*party/**
-          -**/3rd*party/**
-          -**/external/**
+          -**/cmake*/Modules/**
         input: ${{ steps.step1.outputs.sarif-output }}/cpp.sarif
         output: ${{ steps.step1.outputs.sarif-output }}/cpp.sarif
 
-    - name: Upload SARIF
+    - name: Upload CodeQL results to code scanning
       uses: github/codeql-action/upload-sarif@v2
       with:
         sarif_file: ${{ steps.step1.outputs.sarif-output }}
         category: "/language:${{matrix.language}}"
 
-    - name: Archive CodeQL results
+    - name: Upload CodeQL results as an artifact
+      if: success() || failure()
       uses: actions/upload-artifact@v3
       with:
         name: codeql-results
         path: ${{ steps.step1.outputs.sarif-output }}
-        retention-days: 5
\ No newline at end of file
+        retention-days: 5
+
+    - name: Fail if an error is found
+      run: |
+        ./.github/workflows/fail_on_error.py \
+          ${{ steps.step1.outputs.sarif-output }}/cpp.sarif