CodeQL #1117

	# For most projects, this workflow file will not need changing; you simply need
	# to commit it to your repository.
	#
	# You may wish to alter this file to override the set of languages analyzed,
	# or to provide custom queries or build logic.
	#
	# ****** NOTE ******
	# We have attempted to detect the languages in your repository. Please check
	# the `language` matrix defined below to confirm you have the correct set of
	# supported CodeQL languages.
	#
	name: "CodeQL"

	on:
	push:
	branches:
	- main
	- beta
	paths-ignore:
	- '.github/**'
	- 'changes/**'
	- 'deploy/**'
	- '**.md'
	- '**.yml'
	- '**.xml'
	- 'LICENSE'
	- '.gitignore'
	pull_request:
	branches:
	- main
	- beta
	paths-ignore:
	- '.github/**'
	- 'changes/**'
	- 'deploy/**'
	- '**.md'
	- '**.yml'
	- '**.xml'
	- 'LICENSE'
	- '.gitignore'
	schedule:
	- cron: '28 6 * * 2'

	jobs:
	analyze:
	name: Analyze
	runs-on: ubuntu-latest
	if: github.repository == 'HXSecurity/DongTai-agent-java'
	permissions:
	actions: read
	contents: read
	security-events: write

	strategy:
	fail-fast: false
	matrix:
	language: [ 'java' ]

	steps:
	- name: Checkout repository
	uses: actions/checkout@v2

	- name: Initialize CodeQL
	uses: github/codeql-action/init@v2
	with:
	languages: ${{ matrix.language }}

	- name: Set up JDK 1.8
	uses: actions/setup-java@v1
	with:
	java-version: 1.8

	- name: Set up Maven
	uses: stCarolas/setup-maven@v4
	with:
	maven-version: 3.2.5

	- name: Autobuild
	uses: github/codeql-action/autobuild@v2

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@v2

Provide feedback