CodeQL #994

	name: "CodeQL"

	on:
	push:
	branches:
	- master
	- 'release/**'
	pull_request:
	# The branches below must be a subset of the branches above
	branches:
	- master
	- 'release/**'
	schedule:
	#daily at 01:19 UTC
	- cron: '19 1 * * *'

	jobs:
	analyze:
	name: Analyze
	runs-on: ubuntu-latest
	permissions:
	actions: read
	contents: read
	security-events: write

	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	# Initializes the CodeQL tools for scanning.
	- name: Initialize CodeQL
	uses: github/codeql-action/init@v2
	with:
	languages: java

	- name: Set up JDK 21
	uses: actions/setup-java@v3
	with:
	java-version: 21
	distribution: temurin
	check-latest: true
	cache: maven

	- name: Build with Maven
	# Skip tests, code style, etc. This is handled in the regular CI workflows.
	run: \|
	mvn clean package -B -V \
	-DskipTests \
	-Dmaven.test.skip.exec \
	-Dgpg.skip \
	-Dcheckstyle.skip \
	-Denforcer.skip \
	-Dmaven.javadoc.skip \
	-Dspotless.check.skip=true \
	-Danimal.sniffer.skip=true \
	compile \
	test-compile

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v2

Provide feedback