CI: Re-enable CodeQL with lightweight Fdroid build (JDK17, compile-only) #19192
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
First PR! 🚀 We sincerely appreciate that you have taken the time to propose a change to AnkiDroid! Please have patience with us as we are all volunteers - we will get to this as soon as possible. |
lukstbit
added
the
Needs Author Reply
Contributor
|
Hello 👋, this PR has had no activity for more than 2 weeks and needs a reply from the author. If you think this is a mistake please comment and ping a maintainer to get this merged ASAP! Thanks for contributing! You have 7 days until this gets closed automatically |
Contributor
|
Hello 👋, this PR has had no activity for more than 2 weeks and needs a reply from the author. If you think this is a mistake please comment and ping a maintainer to get this merged ASAP! Thanks for contributing! You have 7 days until this gets closed automatically |
tabikiji
force-pushed
the
setup-codeql
branch
from
fe84854 to
85c6899
Compare
tabikiji
changed the title
disabled default codeQL analysis so that codeQL can be run on customized setting
… into setup-codeql # Please enter a commit message to explain why this merge is necessary, # especially if it merges an updated upstream into a topic branch. # # Lines starting with '#' will be ignored, and an empty message aborts # the commit.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Purpose / Description
Improve the CodeQL workflow for better stability and faster execution.
The previous setup often failed due to OOM errors during Kotlin compilation.
Fixes
java-kotlin#16286Approach
-Added a new GitHub Actions workflow for CodeQL under
.github/workflows/codeql.yml
-Based on GitHub’s standard CodeQL template, customized for AnkiDroid
-Switched to JDK 17 for better compatibility and stability with AGP/Kotlin
-Replaced autobuild with an explicit Gradle compile command:
./gradlew --no-daemon --max-workers=2 -x test -x lint :AnkiDroid:compileFdroidDebugSources
-Runs only on pull requests to keep CI lightweight
-Uses Fdroid + Debug flavor to reduce dependencies and build time
-Applies security-extended query pack for essential security checks
How Has This Been Tested?
Workflow successfully runs on my fork
Verified that CodeQL initializes and performs analysis correctly
Kotlin OOM issue no longer occurs
Learning (optional, can help others)
Learned how CodeQL integrates with GitHub Actions
Official documentation followed:
https://docs.github.com/ja/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning
Checklist