This PR aims to improve the development workflow by simplying the POM to take advantage of an alternative repo which can fetch the full dependencies eliminating the need for Spigot's BuildTools during compilation.
Additionally, I've added a CodeQL Workflow to automate the build-and-upload process. This will assist us in locating vulnerabilities thanks to their semantic code analysis engine and artifacts will be automatically uploaded to the Actions section of this repo ultimately improving the development experience.
What this means is that going forward, all changes made to the source code will trigger this workflow which will check both PRs and direct commits for vulnerablilites while also building and uploading the jar for anyone to access and download using the Actions Tab. This improves the development process as there are now virtually no dependencies needed to compile and we get free code analysis to make sure everything is safe while also allowing users to conveniently test future PRs directly as a jar is automatically uploaded with their changes.
Feature Description
This PR aims to improve the development workflow by simplying the POM to take advantage of an alternative repo which can fetch the full dependencies eliminating the need for Spigot's BuildTools during compilation.
Additionally, I've added a CodeQL Workflow to automate the build-and-upload process. This will assist us in locating vulnerabilities thanks to their semantic code analysis engine and artifacts will be automatically uploaded to the Actions section of this repo ultimately improving the development experience.
What this means is that going forward, all changes made to the source code will trigger this workflow which will check both PRs and direct commits for vulnerablilites while also building and uploading the jar for anyone to access and download using the Actions Tab. This improves the development process as there are now virtually no dependencies needed to compile and we get free code analysis to make sure everything is safe while also allowing users to conveniently test future PRs directly as a jar is automatically uploaded with their changes.