Bump errorProneVersion from 2.40.0 to 2.41.0 (#4391) #1578

Workflow file for this run

.github/workflows/codeql-daily.yml at 1f6a6fe

	name: CodeQL (daily)

	on:
	schedule:
	- cron: '30 1 * * *' # run daily at 1:30 AM UTC
	workflow_dispatch:
	push:
	branches:
	- main

	jobs:
	# ===== Java Analysis Job =====
	analyze-java:
	name: "Analyze Java Code"
	permissions:
	actions: read # for github/codeql-action/init to get workflow details
	security-events: write # for github/codeql-action/analyze to upload SARIF results
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4

	- name: Set up Java 17
	uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17

	- name: Setup Gradle
	uses: gradle/actions/setup-gradle@v4

	- name: Initialize CodeQL
	uses: github/codeql-action/init@v3
	with:
	languages: java

	- name: Build Java code
	# skipping build cache is needed so that all modules will be analyzed
	run: ./gradlew assemble --no-build-cache

	- name: Perform CodeQL analysis
	uses: github/codeql-action/analyze@v3
	with:
	category: java

	# ===== C++ Analysis Job =====
	analyze-cpp:
	name: "Analyze C++ Code"
	permissions:
	actions: read
	security-events: write
	runs-on: windows-2022

	steps:
	- uses: actions/checkout@v4

	- name: Set up Java 17 (required for JNI compilation)
	uses: actions/setup-java@v4
	with:
	distribution: temurin
	java-version: 17

	- name: Setup Visual Studio Build Tools
	uses: microsoft/setup-msbuild@v2

	# This step uses Microsoft's vswhere tool to verify that the official Windows 10 SDK (version 19041) is installed.
	# vswhere is a Microsoft-provided command-line utility that locates Visual Studio installations and their components.
	- name: Verify Windows SDK installation
	run: \|
	& "${env:ProgramFiles(x86)}\Microsoft Visual Studio\Installer\vswhere.exe" -products * -requires Microsoft.VisualStudio.Component.Windows10SDK.19041 -property installationPath
	shell: pwsh

	- name: Setup Gradle
	uses: gradle/actions/setup-gradle@v4

	- name: Initialize CodeQL
	uses: github/codeql-action/init@v3
	with:
	languages: cpp
	debug: true

	- name: Build C++ code
	shell: cmd
	run: \|
	"%ProgramFiles(x86)%\Microsoft Visual Studio\Installer\vswhere.exe" -latest -products * -requires Microsoft.VisualStudio.Component.VC.Tools.x86.x64 -property installationPath > vs.txt
	set /p VSPATH=<vs.txt
	set VCVARS=%VSPATH%\VC\Auxiliary\Build\vcvars64.bat
	call "%VCVARS%"
	set APPINSIGHTS_WIN10_SDK_PATH=C:\Program Files (x86)\Windows Kits\10
	set APPINSIGHTS_VS_PATH=%VSPATH%
	set JAVA_HOME=%JAVA_HOME_17_X64%
	set sourceDir=etw/native/src/main/cpp
	set headerDir=etw/native/src/main/headers
	set cppFile=%sourceDir%/etw_provider.cpp
	echo Analyzing C++ file: %cppFile%
	echo [ > compile_commands.json
	echo { >> compile_commands.json
	echo "directory": "%CD%/%sourceDir%", >> compile_commands.json
	echo "command": "cl.exe /W4 /EHsc /sdl /std:c++14 /I\"%APPINSIGHTS_WIN10_SDK_PATH%/include/10.0.22621.0/um\" /I\"%JAVA_HOME%/include\" /I\"%JAVA_HOME%/include/win32\" /I\"%CD%/%headerDir%\" /c %cppFile%", >> compile_commands.json
	echo "file": "%cppFile%" >> compile_commands.json
	echo } >> compile_commands.json
	echo ] >> compile_commands.json
	echo // Simple file to ensure compiler is run > codeql_trigger.cpp
	echo #include ^<windows.h^> >> codeql_trigger.cpp
	echo #include ^<jni.h^> >> codeql_trigger.cpp
	echo #include "etw_provider.h" >> codeql_trigger.cpp
	echo int main() { return 0; } >> codeql_trigger.cpp
	dir %sourceDir% /s /b *.cpp
	dir %headerDir% /s /b *.h
	cl.exe /c codeql_trigger.cpp /I"%headerDir%" /I"%sourceDir%" /I"%JAVA_HOME%/include" /I"%JAVA_HOME%/include/win32" /EHsc
	if %errorlevel%==0 (
	echo C++ preparation completed successfully
	echo CPP_BUILD_SUCCEEDED=true>>%GITHUB_ENV%
	) else (
	echo Warning: C++ build step encountered an error
	echo Proceeding with CodeQL analysis anyway
	echo CPP_BUILD_SUCCEEDED=false>>%GITHUB_ENV%
	)

	- name: Perform CodeQL analysis
	uses: github/codeql-action/analyze@v3
	with:
	category: cpp

	- name: Report C++ build status
	if: env.CPP_BUILD_SUCCEEDED == 'false'
	run: \|
	echo "::warning::C++ build failed but CodeQL scan was attempted anyway. Some C++ issues may not be detected."

	scheduled-job-notification:
	permissions:
	issues: write
	needs:
	- analyze-java
	- analyze-cpp
	if: always()
	uses: ./.github/workflows/reusable-scheduled-job-notification.yml
	with:
	success: ${{ needs.analyze-java.result == 'success' && needs.analyze-cpp.result == 'success' }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump errorProneVersion from 2.40.0 to 2.41.0 (#4391) #1578

Workflow file

Bump errorProneVersion from 2.40.0 to 2.41.0 (#4391) #1578

Uh oh!

Jobs

Run details

Workflow file for this run