# Workflow for testing spoon code quality. # # Note that actions are specified by commit hash. This is to avoid the security # risk of someone injecting malicious code into a release and then simply # changing a tag. name: Qodana on: pull_request: branches: - master jobs: code-quality: runs-on: ubuntu-latest name: code-quality qodana steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: 'Qodana Scan' uses: JetBrains/qodana-action@b60a4b9259f448dd00f2ca4763db5677d69ba868 # v2024.3.4 with: args: --source-directory,./src/main/java , --fail-threshold, 0 post-pr-comment: "false" - uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3 with: sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json code-quality-spoon-javadoc: runs-on: ubuntu-latest name: code-quality spoon-javadoc qodana steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: 'Qodana Scan (spoon-javadoc)' uses: JetBrains/qodana-action@b60a4b9259f448dd00f2ca4763db5677d69ba868 # v2024.3.4 with: args: --source-directory,./spoon-javadoc/src/main/java , --fail-threshold, 0 post-pr-comment: "false" - uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3 with: sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json code-quality-spoon-control-flow: runs-on: ubuntu-latest name: code-quality spoon-controlflow qodana steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: 'Qodana Scan (spoon-control-flow)' uses: JetBrains/qodana-action@b60a4b9259f448dd00f2ca4763db5677d69ba868 # v2024.3.4 with: args: --source-directory,./spoon-control-flow/src/main/java , --fail-threshold, 0 post-pr-comment: "false" - uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3 with: sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json