Merge pull request #312 from cryptomator/feature/files-in-use #828


	name: "CodeQL"

	on:
	push:
	branches: [develop, main]
	pull_request:
	branches: [develop]
	schedule:
	- cron: '0 7 * * 0'

	jobs:
	analyse:
	name: Analyse
	runs-on: ubuntu-latest
	# dependeabot has on push events only read-only access, but codeql requires write access
	if: ${{ !(github.actor == 'dependabot[bot]' && contains(fromJSON('["push"]'), github.event_name)) }}
	steps:
	- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
	with:
	fetch-depth: 2
	show-progress: false
	- uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
	with:
	java-version: 25
	distribution: 'temurin'
	cache: 'maven'
	- name: Initialize CodeQL
	uses: github/codeql-action/init@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v4.30.8
	with:
	languages: java
	- name: Build
	run: mvn -B install -DskipTests
	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v4.30.8

Provide feedback