1# Licensed to the Apache Software Foundation (ASF) under one or more 2# contributor license agreements. See the NOTICE file distributed with 3# this work for additional information regarding copyright ownership. 4# The ASF licenses this file to You under the Apache License, Version 2.0 5# (the "License"); you may not use this file except in compliance with 6# the License. You may obtain a copy of the License at 7# 8# http://www.apache.org/licenses/LICENSE-2.0 9# 10# Unless required by applicable law or agreed to in writing, software 11# distributed under the License is distributed on an "AS IS" BASIS, 12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13# See the License for the specific language governing permissions and 14# limitations under the License. 15 16name: "CodeQL" 17 18on: 19 push: 20 branches: [ master ] 21 pull_request: 22 # The branches below must be a subset of the branches above 23 branches: [ master ] 24 schedule: 25 - cron: '33 9 * * 4' 26 27permissions: 28 contents: read 29 30jobs: 31 analyze: 32 name: Analyze 33 runs-on: ubuntu-latest 34 permissions: 35 actions: read 36 contents: read 37 security-events: write 38 39 strategy: 40 fail-fast: false 41 matrix: 42 language: [ 'java' ] 43 # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] 44 # Learn more about CodeQL language support at https://git.io/codeql-language-support 45 46 steps: 47 - name: Checkout repository 48 uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 49 with: 50 persist-credentials: false 51 - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 52 with: 53 path: ~/.m2/repository 54 key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} 55 restore-keys: | 56 ${{ runner.os }}-maven- 57 58 # Initializes the CodeQL tools for scanning. 59 - name: Initialize CodeQL 60 uses: github/codeql-action/init@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2.22.3 61 with: 62 languages: ${{ matrix.language }} 63 # If you wish to specify custom queries, you can do so here or in a config file. 64 # By default, queries listed here will override any specified in a config file. 65 # Prefix the list here with "+" to use these queries and those in the config file. 66 # queries: ./path/to/local/query, your-org/your-repo/queries@main 67 68 # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). 69 # If this step fails, then you should remove it and run the build manually (see below) 70 - name: Autobuild 71 uses: github/codeql-action/autobuild@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2.22.3 72 73 # ℹ️ Command-line programs to run using the OS shell. 74 # �� https://git.io/JvXDl 75 76 # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines 77 # and modify them (or add more) to build your code if your project 78 # uses a compiled language 79 80 #- run: | 81 # make bootstrap 82 # make release 83 84 - name: Perform CodeQL Analysis 85 uses: github/codeql-action/analyze@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2.22.3 86