From 048c9050bf601616eb1675960d956f47da9e6438 Mon Sep 17 00:00:00 2001
From: Tom Tan <Tom.Tan@microsoft.com>
Date: Mon, 13 May 2024 14:06:38 -0700
Subject: [PATCH 1/2] Upgrade CodeQL from v2 to v3 (#1276)

---
 .github/workflows/codeql-analysis.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 65c598dbc..434fbd1c3 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -39,7 +39,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -50,7 +50,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
+      uses: github/codeql-action/autobuild@v3
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -64,4 +64,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3

From a956eb9cfc7ec2290478207c548652322f29c798 Mon Sep 17 00:00:00 2001
From: Tom Tan <Tom.Tan@microsoft.com>
Date: Mon, 13 May 2024 17:59:08 -0700
Subject: [PATCH 2/2] Add Java to CodeQL scan list (#1275)

---
 .github/workflows/codeql-analysis.yml | 80 ++++++++++++++++++++++++++-
 1 file changed, 77 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 434fbd1c3..4d8b3ceb6 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -17,7 +17,7 @@ on:
 jobs:
   analyze:
     name: Analyze
-    runs-on: ubuntu-latest
+    runs-on: windows-2019
     permissions:
       contents: read
       actions: read
@@ -49,8 +49,17 @@ jobs:
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
+    # - name: Autobuild
+    #   uses: github/codeql-action/autobuild@v3
+    - name: Build
+      env:
+        SKIP_ARM_BUILD: 1
+        SKIP_ARM64_BUILD: 1
+        PlatformToolset: v142
+        VSTOOLS_VERSION: vs2019
+      shell: cmd
+      if: matrix.language == 'cpp'
+      run: build-all.bat
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -63,5 +72,70 @@ jobs:
     #   make bootstrap
     #   make release
 
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
+
+  analyze-java:
+    name: Analyze Java
+    runs-on: windows-latest
+    permissions:
+      contents: read
+      actions: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+    
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+      continue-on-error: true
+
+    - name: Update submodules
+      run: |
+        git submodule sync
+        git config --global submodule.lib/modules.update none
+        git -c protocol.version=2 submodule update --init --force --depth=1
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: java
+
+    - name: Setup Java
+      uses: actions/setup-java@v3
+      with:
+        distribution: 'adopt'
+        java-version: '11'
+    - name: Remove default github maven configuration
+      run: rm $Env:USERPROFILE\.m2\settings.xml
+    - name: Setup Android SDK
+      uses: android-actions/setup-android@v2
+    - name: Install NDK
+      run: |
+        java -version
+        gci env:* | sort-object name
+        new-item "C:\Users\runneradmin\.android\repositories.cfg" -ItemType "file"
+        echo yes | .\sdkmanager.bat "ndk-bundle" "cmake;3.10.2.4988404" "ndk;21.4.7075529" --sdk_root=$Env:ANDROID_SDK_ROOT
+      working-directory: ${{ env.ANDROID_SDK_ROOT }}\cmdline-tools\7.0\bin
+    - name: Chocolatey
+      run: |
+        choco install --no-progress -y ninja
+    - name: List CMake
+      run: |
+        pwd
+        echo "=================="
+        gci -r -i "CMake*" -Name
+        echo "=================="
+        gci -r -i "gtest-all*" -Name
+        echo "=================="
+        gci third_party/ -Name
+        echo "=================="
+        gci third_party/googletest -Name
+    - name: Gradle Build
+      run: |
+        .\gradlew.bat maesdk:assemble app:assemble
+      working-directory: lib\android_build
+
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v3