CodeQL #3726

	name: 'CodeQL'

	on:
	push:
	branches: [master]
	pull_request:
	# The branches below must be a subset of the branches above
	branches: [master]
	schedule:
	- cron: '17 23 * * 3'

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	jobs:
	analyze:
	name: Analyze
	runs-on: ubuntu-22.04

	strategy:
	fail-fast: false
	matrix:
	language: ['cpp', 'java']

	steps:
	- name: Checkout Repo
	uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6
	with:
	submodules: 'recursive'

	- name: Initialize CodeQL
	uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # pin@v4.36.2
	with:
	languages: ${{ matrix.language }}

	- name: Installing Linux Dependencies
	run: \|
	sudo apt update
	sudo apt install cmake clang-14 clang-tools llvm kcov g++-12 valgrind zlib1g-dev libcurl4-openssl-dev

	- if: matrix.language == 'java'
	name: Setup Java Version
	uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5
	with:
	distribution: 'temurin'
	java-version: '17'

	- if: matrix.language == 'java'
	name: Setup Gradle
	uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # pin@v6.1.0

	- if: matrix.language == 'java'
	name: Build for Android NDK
	working-directory: ./ndk
	run: \|
	./gradlew compileJava

	- if: matrix.language == 'cpp'
	name: Build sentry-native
	run: \|
	cmake -B build -DCMAKE_BUILD_TYPE=RelWithDebInfo && cmake --build build --parallel

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # pin@v4.36.2

Provide feedback