Skip to content

build(deps): update github/codeql-action digest to ea9e4e3 #2476

build(deps): update github/codeql-action digest to ea9e4e3

build(deps): update github/codeql-action digest to ea9e4e3 #2476

Workflow file for this run

# Workflow for testing spoon code quality.
#
# Note that actions are specified by commit hash. This is to avoid the security
# risk of someone injecting malicious code into a release and then simply
# changing a tag.
name: Qodana
on:
pull_request:
branches:
- master
jobs:
code-quality:
runs-on: ubuntu-latest
name: code-quality qodana
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: 'Qodana Scan'
uses: JetBrains/qodana-action@31d6f3309b31c566758e1314a3d9ef0dff75ecbd # v2024.2.6
with:
args: --source-directory,./src/main/java , --fail-threshold, 0
post-pr-comment: "false"
- uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3
with:
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
code-quality-spoon-javadoc:
runs-on: ubuntu-latest
name: code-quality spoon-javadoc qodana
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: 'Qodana Scan (spoon-javadoc)'
uses: JetBrains/qodana-action@31d6f3309b31c566758e1314a3d9ef0dff75ecbd # v2024.2.6
with:
args: --source-directory,./spoon-javadoc/src/main/java , --fail-threshold, 0
post-pr-comment: "false"
- uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3
with:
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
code-quality-spoon-control-flow:
runs-on: ubuntu-latest
name: code-quality spoon-controlflow qodana
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: 'Qodana Scan (spoon-control-flow)'
uses: JetBrains/qodana-action@31d6f3309b31c566758e1314a3d9ef0dff75ecbd # v2024.2.6
with:
args: --source-directory,./spoon-control-flow/src/main/java , --fail-threshold, 0
post-pr-comment: "false"
- uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3
with:
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json