andrea-mosk
commented
1 year ago LGTM although I don't know much about these configs
@TovRudyy For future references, some notes:
- Code scanning is required for open source repositories to check for vulnerabilities.
- The job doing code scanning is
security-check. Most of the stuff on the job is the default when enabling CodeQL scanning for GitHub. - I'm caching Maven dependencies between jobs using the cache action so that they are not re-downloaded every time a
mvncommand is executed. This significantly decreases execution time for the commands.
Happy to have a chat if you want to understand more :)
What does this PR do?
Review checklist