diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
new file mode 100644
index 0000000000..4404649076
--- /dev/null
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,157 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+#
+name: "CodeQL"
+
+on:
+ push:
+ branches: [ "master", "0.10" ]
+ pull_request:
+ # The branches below must be a subset of the branches above
+ branches: [ "master", "0.10" ]
+ schedule:
+ - cron: '23 0 * * 5'
+ workflow_dispatch:
+
+jobs:
+ analyze:
+ name: "Analyze (${{ matrix.language }})"
+ # Runner size impacts CodeQL analysis time. To learn more, please see:
+ # - https://gh.io/recommended-hardware-resources-for-running-codeql
+ # - https://gh.io/supported-runners-and-hardware-resources
+ # - https://gh.io/using-larger-runners
+ # Consider using larger runners for possible analysis time improvements.
+ runs-on: 'ubuntu-latest'
+ container:
+ image: debian:stable
+ timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
+ strategy:
+ fail-fast: false
+ matrix:
+ include:
+ - language: "cpp"
+ configure-args: "--enable-ja-rule --enable-e133 --enable-unittests"
+ compiler:
+ CC: "/usr/bin/gcc"
+ CXX: "/usr/bin/g++"
+ pkg: "gcc g++"
+ - language: "java"
+ configure-args: "--enable-unittests --enable-java-libs"
+ compiler:
+ CC: "/usr/bin/gcc"
+ CXX: "/usr/bin/g++"
+ pkg: "gcc g++"
+ - language: "javascript"
+ configure-args: "--enable-unittests"
+ compiler:
+ CC: "/usr/bin/gcc"
+ CXX: "/usr/bin/g++"
+ pkg: "gcc g++"
+ - language: "python"
+ configure-args: "--enable-unittests --enable-rdm-tests"
+ compiler:
+ CC: "/usr/bin/gcc"
+ CXX: "/usr/bin/g++"
+ pkg: "gcc g++"
+ env:
+ CC: "${{ matrix.compiler.CC }}"
+ CXX: "${{ matrix.compiler.CXX }}"
+
+ steps:
+ - name: Get number of CPU cores
+ id: num-cpu-cores
+ # TODO(Perry): Parallelization causes GH Actions to hang -j${{ steps.num-cpu-cores.outputs.NUM_CPU_CORES }}
+ # run: echo "NUM_CPU_CORES=$(grep -c processor /proc/cpuinfo)" >> $GITHUB_OUTPUT
+ run: echo "NUM_CPU_CORES=1" >> $GITHUB_OUTPUT
+ - name: Update package database
+ run: apt-get update -y
+ # See comments beginning at
+ # https://github.com/actions/runner/issues/763#issuecomment-1435474884
+ # Without Git, actions/checkout@v3 will resort to REST and will not
+ # create a .git folder or .git.config. The Problem Matcher looks for
+ # .git/config to find where the root of the repo is, so it must be
+ # present.
+ - name: Install Git
+ run: apt-get -y install git
+ - uses: actions/checkout@v3
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v2
+ with:
+ languages: ${{ matrix.language }}
+ # If you wish to specify custom queries, you can do so here or in a config file.
+ # By default, queries listed here will override any specified in a config file.
+ # Prefix the list here with "+" to use these queries and those in the config file.
+
+ # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+ # queries: security-extended,security-and-quality
+
+ # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift).
+ # If this step fails, then you should remove it and run the build manually (see below)
+ #- name: Autobuild
+ # uses: github/codeql-action/autobuild@v2
+
+ - name: Install build tools
+ shell: bash
+ run: |
+ apt-get -y install adduser sudo pkg-config libtool autoconf \
+ automake g++ bison flex make bash-completion dh-autoreconf \
+ debhelper devscripts wget python3-full python3-pip
+ - name: Setup Python venv
+ shell: bash
+ run: |
+ python3 -m venv --system-site-packages ../venv
+ source ../venv/bin/activate
+ echo "PATH=$PATH" >> $GITHUB_ENV
+ - name: Install Python build tools
+ run: python3 -m pip install --no-input gcovr
+ - name: Install build dependencies
+ shell: bash
+ run: |
+ sudo apt-get -y install libcppunit-dev uuid-dev libncurses5-dev \
+ libmicrohttpd-dev protobuf-compiler python3-protobuf \
+ libprotobuf-dev libprotoc-dev zlib1g-dev libftdi-dev \
+ libusb-1.0-0-dev liblo-dev libavahi-client-dev python3-numpy \
+ default-jdk-headless maven
+ - name: Install compiler
+ shell: bash
+ run: apt-get -y install ${{ matrix.compiler.pkg }}
+ - name: Set up build user # CredentialsTest cannot run as root
+ run: |
+ adduser --disabled-password --gecos "" builduser
+ chown -R builduser:builduser .
+ chown builduser:builduser ..
+ - name: Autoreconf
+ run: sudo --preserve-env -u builduser env "PATH=$PATH" autoreconf -i
+ - name: Set configure arguments
+ run: |
+ echo "GH_OLA_CONFIGURE_ARGS=${{ matrix.configure-args }}" >> $GITHUB_ENV
+ - name: Set additional Linux configure arguments
+ if: runner.os == 'Linux'
+ # Silence all deprecated declarations on Linux due to auto_ptr making the build log too long
+ run: |
+ echo "GH_OLA_CONFIGURE_ARGS=$GH_OLA_CONFIGURE_ARGS CPPFLAGS=-Wno-deprecated-declarations" >> $GITHUB_ENV
+ - name: Print configure command
+ run: echo "./configure $GH_OLA_CONFIGURE_ARGS"
+ - name: Configure
+ run: sudo --preserve-env -u builduser env "PATH=$PATH" ./configure $GH_OLA_CONFIGURE_ARGS
+ - name: Make
+ run: sudo --preserve-env -u builduser env "PATH=$PATH" make -j${{ steps.num-cpu-cores.outputs.NUM_CPU_CORES }} VERBOSE=1
+ - name: Display structure of the built files
+ if: always() && env.ACTIONS_STEP_DEBUG == 'true'
+ run: ls -alR
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v2
+ with:
+ category: "/language:${{matrix.language}}"
diff --git a/config/maven.m4 b/config/maven.m4
index 3b524a6c1a..ad94d53f44 100644
--- a/config/maven.m4
+++ b/config/maven.m4
@@ -26,7 +26,8 @@ if test -z "$MAVEN" ; then
AC_MSG_ERROR([cannot find 'mvn' program, you need to install Maven]);
elif test -n "$1" ; then
AC_MSG_CHECKING([mvn version])
- [maven_version=`$MAVEN --version 2> /dev/null | head -n 1 | sed 's/.*\([0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\).*/\1/g'`]
+ set -x
+ [maven_version=`$MAVEN --version 2>/dev/null | grep -i 'Maven' | head -n 1 | sed 's/.*\([0-9][0-9]*\.[0-9][0-9]*\.[0-9][0-9]*\).*/\1/g'`]
[required=$1]
[required_major=`echo $required | sed 's/[^0-9].*//'`]
[required_minor=`echo $required | sed 's/[0-9][0-9]*\.\([0-9][0-9]*\)\.[0-9][0-9]*/\1/'`]
@@ -48,5 +49,6 @@ elif test -n "$1" ; then
else
AC_MSG_ERROR([mvn version too old $mavaen_version < $required]);
fi
+ set +x
fi
])
diff --git a/java/pom.xml b/java/pom.xml
index 8171a10879..4626fa1fc2 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -9,16 +9,16 @@
org.apache.maven.plugins
maven-compiler-plugin
- 2.5.1
+ 3.11.0
- 1.5
- 1.5
+ 1.7
+ 1.7
org.apache.maven.plugins
maven-surefire-plugin
- 2.12
+ 3.1.2
**/OlaClientTest.java
@@ -31,12 +31,12 @@
com.google.protobuf
protobuf-java
- 2.6.1
+ 3.21.12
junit
junit
- 4.8.2
+ 4.13.2
test