# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time

# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven

# This workflow uses actions that are not certified by GitHub.

# They are provided by a third-party and are governed by

# separate terms of service, privacy policy, and support

# documentation.

name: Java CI with Maven

on:

push:

branches: [ "master" ]

pull_request:

branches: [ "master" ]

jobs:

build:

runs-on: ubuntu-latest

steps:

- uses: actions/checkout@v4

- name: Set up JDK 17

uses: actions/setup-java@v4

with:

java-version: '17'

distribution: 'temurin'

cache: maven

- name: Build with Maven

run: mvn -B package --file pom.xml

semgrep:

# User definable name of this GitHub Actions job.

name: semgrep/ci

# If you are self-hosting, change the following `runs-on` value:

runs-on: ubuntu-latest

container:

# A Docker image with Semgrep installed. Do not change this.

image: semgrep/semgrep

steps:

# Fetch project source with GitHub Actions Checkout. Use either v3 or v4.

- uses: actions/checkout@v4

# Run the "semgrep ci" command on the command line of the docker image.

- run: semgrep ci --sarif > semgrep.sarif

env:

# Connect to Semgrep AppSec Platform through your SEMGREP_APP_TOKEN.

# Generate a token from Semgrep AppSec Platform > Settings

# and add it to your GitHub secrets.

SEMGREP_APP_TOKEN: "497a3f54ca63178c2e2c6056fe4fe93d2105d231b5221349445f0bf1f29665f5"

# test comment