From a245a8f6592073afbd1d6c95b7b082058ef10a35 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20P=C5=82udowski?= <9961738+seplu@users.noreply.github.com> Date: Fri, 7 Nov 2025 10:24:19 +0100 Subject: [PATCH 1/3] CodeQL workflow update --- .github/workflows/T01-codeql-scans.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/T01-codeql-scans.yml b/.github/workflows/T01-codeql-scans.yml index b0635c2..3a44fe3 100644 --- a/.github/workflows/T01-codeql-scans.yml +++ b/.github/workflows/T01-codeql-scans.yml @@ -1,9 +1,9 @@ name: T01. CodeQL Scans - on: - push: + workflow_dispatch: + inputs: {} + pull_request: branches: [ "master" ] - jobs: codeql-analysis: runs-on: ubuntu-latest @@ -13,15 +13,15 @@ jobs: security-events: write steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ github.head_ref }} - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: java - name: Maven Build run: mvn package - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 \ No newline at end of file + uses: github/codeql-action/analyze@v3 From d5d41e2a2639ff6f5a1377d1351ad63a2cc0b326 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20P=C5=82udowski?= <9961738+seplu@users.noreply.github.com> Date: Fri, 7 Nov 2025 10:29:37 +0100 Subject: [PATCH 2/3] CodeQL workflow rollback versions --- .github/workflows/T01-codeql-scans.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/T01-codeql-scans.yml b/.github/workflows/T01-codeql-scans.yml index 3a44fe3..6ec93f0 100644 --- a/.github/workflows/T01-codeql-scans.yml +++ b/.github/workflows/T01-codeql-scans.yml @@ -13,15 +13,15 @@ jobs: security-events: write steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v3 with: ref: ${{ github.head_ref }} - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v2 with: languages: java - name: Maven Build run: mvn package - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v2 From ba8c0c84adb0b48d1bd09c9a09e50a1f446b3637 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20P=C5=82udowski?= <9961738+seplu@users.noreply.github.com> Date: Fri, 7 Nov 2025 10:42:02 +0100 Subject: [PATCH 3/3] CodeQL workflow added java setup --- .github/workflows/T01-codeql-scans.yml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/T01-codeql-scans.yml b/.github/workflows/T01-codeql-scans.yml index 6ec93f0..ca4a900 100644 --- a/.github/workflows/T01-codeql-scans.yml +++ b/.github/workflows/T01-codeql-scans.yml @@ -13,15 +13,20 @@ jobs: security-events: write steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{ github.head_ref }} - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: java + - name: Setup Java + uses: actions/setup-java@v5 + with: + distribution: 'temurin' + java-version: '17' - name: Maven Build run: mvn package - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3