Upgrade OpenRewrite Templating 1.19.1 -> 1.20.0 (#1470) #4089
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Analyzes the code using GitHub's default CodeQL query database. | |
# Identified issues are registered with GitHub's code scanning dashboard. When | |
# a pull request is analyzed, any offending lines are annotated. See | |
# https://codeql.github.com for details. | |
name: CodeQL analysis | |
on: | |
pull_request: | |
push: | |
branches: [ master ] | |
schedule: | |
- cron: '0 4 * * 1' | |
permissions: | |
contents: read | |
jobs: | |
analyze: | |
strategy: | |
matrix: | |
language: [ java, ruby ] | |
permissions: | |
contents: read | |
security-events: write | |
runs-on: ubuntu-24.04 | |
steps: | |
- name: Install Harden-Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
disable-sudo: true | |
egress-policy: block | |
allowed-endpoints: > | |
api.adoptium.net:443 | |
api.github.com:443 | |
github.com:443 | |
objects.githubusercontent.com:443 | |
repo.maven.apache.org:443 | |
uploads.github.com:443 | |
- name: Check out code and set up JDK and Maven | |
uses: s4u/setup-maven-action@9a27433d289dd99d73851f653607c39d3444e8ba # v1.17.0 | |
with: | |
java-version: 17.0.13 | |
java-distribution: temurin | |
maven-version: 3.9.9 | |
- name: Initialize CodeQL | |
uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 | |
with: | |
languages: ${{ matrix.language }} | |
- name: Perform minimal build | |
if: matrix.language == 'java' | |
run: mvn -T1C clean package -DskipTests -Dverification.skip | |
- name: Perform CodeQL analysis | |
uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 | |
with: | |
category: /language:${{ matrix.language }} |