codeclou
diff --git a/‎.github/workflows/build-on-pull-request.yml‎
Lines changed: 21 additions & 0 deletions b/‎.github/workflows/build-on-pull-request.yml‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎.github/workflows/build-on-release.yml‎
Lines changed: 26 additions & 0 deletions b/‎.github/workflows/build-on-release.yml‎
Lines changed: 26 additions & 0 deletions
diff --git a/‎.github/workflows/scan-malware.yml‎
Lines changed: 14 additions & 0 deletions b/‎.github/workflows/scan-malware.yml‎
Lines changed: 14 additions & 0 deletions
diff --git a/‎.github/workflows/scan-semgrep.yml‎
Lines changed: 19 additions & 0 deletions b/‎.github/workflows/scan-semgrep.yml‎
Lines changed: 19 additions & 0 deletions
diff --git a/‎BUILD‎
Lines changed: 0 additions & 38 deletions b/‎BUILD‎
Lines changed: 0 additions & 38 deletions
diff --git a/‎DEVELOPMENT.md‎
Lines changed: 0 additions & 54 deletions b/‎DEVELOPMENT.md‎
Lines changed: 0 additions & 54 deletions
diff --git a/‎WORKSPACE‎
Lines changed: 0 additions & 78 deletions b/‎WORKSPACE‎
Lines changed: 0 additions & 78 deletions
diff --git a/‎deprecated_pom.xml‎
Lines changed: 0 additions & 70 deletions b/‎deprecated_pom.xml‎
Lines changed: 0 additions & 70 deletions
@@ -0,0 +1,21 @@
+name: build and test on pull request
+on:
+  pull_request:
+    branches: [main]
+jobs:
+  build-and-test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v5
+      - name: Malware Scanner # https://github.com/dell/common-github-actions/blob/main/malware-scanner/README.md
+        uses: dell/common-github-actions/malware-scanner@main
+        with:
+          directories: .
+          options: -ri
+      - name: Set up JDK 21 for x64
+        uses: actions/setup-java@v4
+        with:
+          java-version: "21"
+          distribution: "temurin"
+          architecture: x64
+      - run: mvn package -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true
@@ -0,0 +1,26 @@
+name: build and test on release
+on:
+  push:
+    tags:
+      - "*"
+jobs:
+  build-and-release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v5
+      - name: Set up JDK 21 for x64
+        uses: actions/setup-java@v4
+        with:
+          java-version: "21"
+          distribution: "temurin"
+          architecture: x64
+      - run: mvn package -Dmaven.wagon.http.ssl.insecure=true -Dmaven.wagon.http.ssl.allowall=true
+      - name: "upload release assets"
+        uses: softprops/action-gh-release@cd28b0f5ee8571b76cfdaa62a30d51d752317477 #https://github.com/softprops/action-gh-release/issues/216
+        if: github.ref_type == 'tag'
+        with:
+          body: |
+            :closed_book: File 1 of 1 uploaded: java-xml-grepper.jar
+          files: |
+            target/java-xml-grepper.jar
+          append_body: true
@@ -0,0 +1,14 @@
+name: scan-malware
+on:
+  pull_request:
+    branches: [main]
+jobs:
+  scan-malware:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v5
+      - name: Malware Scanner # https://github.com/dell/common-github-actions/blob/main/malware-scanner/README.md
+        uses: dell/common-github-actions/malware-scanner@main
+        with:
+          directories: .
+          options: -ri
@@ -0,0 +1,19 @@
+name: scan-semgrep
+on:
+  pull_request: {}
+  workflow_dispatch: {}
+  merge_group:
+    types: [checks_requested]
+jobs:
+  scan-semgrep:
+    name: semgrep/ci
+    runs-on: ubuntu-latest
+    container:
+      image: semgrep/semgrep
+    # Skip any PR created by dependabot and any check triggered by merge group
+    if: (github.actor != 'dependabot[bot]') && (github.event != 'merge_group')
+    steps:
+      - uses: actions/checkout@v4
+      - run: semgrep ci
+        env:
+          SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}