Rollback

Oops

.github/workflows/maven.yml

@@ -11,7 +11,9 @@ on:
 
 jobs:
   build:
+
     runs-on: ubuntu-latest
+
     steps:
     - uses: actions/checkout@v4
 
@@ -26,95 +28,13 @@ jobs:
       run: mvn -B package
       working-directory: main
 
-    # Generate dependency graph explicitly
+    # Generate dependency graph explicitly (run step supports -f)
     - name: Generate dependency graph
-      run: mvn -B com.github.ferstl:depgraph-maven-plugin:4.0.1:graph
+      run: mvn -B -f main/pom.xml com.github.ferstl:depgraph-maven-plugin:4.0.1:graph
-      working-directory: main
 
-    # Upload the packaged JAR file as an artifact
+    # Upload the generated dependency files so you can inspect them in the workflow run
-    - name: Upload package artifact
-      uses: actions/upload-artifact@v4
-      with:
-        name: package
-        path: main/target/*.jar # Upload only the JAR
-
-    # Upload the generated dependency graph so you can inspect it
     - name: Upload dependency graph artifact
       uses: actions/upload-artifact@v4
       with:
         name: dependency-graph
-        path: main/target/dependency-graph.dot # Upload the specific graph file
+        path: main/target/**
-
-  test-and-coverage:
-    runs-on: ubuntu-latest
-    needs: build # Make it dependent on the build job to ensure code compiles
-    
-    steps:
-    - uses: actions/checkout@v4
-
-    - name: Set up JDK 17
-      uses: actions/setup-java@v4
-      with:
-        java-version: '17'
-        distribution: 'temurin'
-        cache: maven
-
-    - name: Run tests and generate coverage report
-      # 'verify' runs all tests. 'jacoco:report' generates the coverage report.
-      # This assumes you have the JaCoCo plugin configured in your pom.xml
-      run: mvn -B verify jacoco:report
-      working-directory: main
-
-    - name: Upload coverage report
-      # This uploads the HTML coverage report as an artifact
-      uses: actions/upload-artifact@v4
-      with:
-        name: code-coverage-report
-        path: main/target/site/jacoco/ # Path to the JaCoCo HTML report
-
-  security-scan:
-    # NEW JOB: This job runs GitHub's CodeQL to find security vulnerabilities.
-    # It runs in parallel with other jobs.
-    runs-on: ubuntu-latest
-    
-    # Required permissions for CodeQL to write results
-    permissions:
-      security-events: write # for github/codeql-action/analyze
-      actions: read # for github/codeql-action/init
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v4
-
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
-      with:
-        languages: 'java' # Specify the language to analyze
-
-    - name: Build project for CodeQL
-      # CodeQL needs to monitor the build process.
-      # We skip tests here (-DskipTests) because we only need the compiled code
-      # for static analysis, and tests are run in the 'test-and-coverage' job.
-      run: mvn -B clean package -DskipTests
-      working-directory: main
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
-
-  dependency-review:
-    # NEW JOB: This job checks for vulnerable dependencies on Pull Requests.
-    # It prevents merging PRs that introduce known vulnerabilities.
-    runs-on: ubuntu-latest
-    
-    # This job only needs to run on pull requests
-    if: github.event_name == 'pull_request'
-    
-    permissions:
-      contents: read # To read dependency files
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        
-      - name: Dependency Review
-        uses: actions/dependency-review-action@v4