Skip to content

changes to ensure if no object is opened user won't be able to add pr… #911

changes to ensure if no object is opened user won't be able to add pr…

changes to ensure if no object is opened user won't be able to add pr… #911

Workflow file for this run

# Based on default config generated by GitHub, see also https://github.com/github/codeql-action
name: "CodeQL"
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
schedule:
# Run every Monday at 16:10
- cron: '10 16 * * 1'
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'java' ]
steps:
- name: Checkout repository
uses: actions/checkout@v3
# Initializes the CodeQL tools for scanning
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# Run all security queries and maintainability and reliability queries
queries: +security-and-quality
- name: Cache local Maven repository
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-maven-
# Only compile main sources, but ignore test sources because findings for them might not
# be that relevant (though GitHub security view also allows filtering by source type)
# Can replace this with github/codeql-action/autobuild action to run complete build
- name: Compile sources
run: |
mvn compile --batch-mode --no-transfer-progress
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2