From 04f3f96ea2b5ae6c4d81ded7fbf5721a70096a2e Mon Sep 17 00:00:00 2001
From: rugk <rugk+git@posteo.de>
Date: Fri, 12 Aug 2022 23:13:02 +0200
Subject: [PATCH 1/6] ci: Add Codacy analysis

copied from Unicodify
---
 .github/workflows/codacy-analysis.yml | 46 +++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)
 create mode 100644 .github/workflows/codacy-analysis.yml

diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml
new file mode 100644
index 0000000..f2633e9
--- /dev/null
+++ b/.github/workflows/codacy-analysis.yml
@@ -0,0 +1,46 @@
+# This workflow checks out code, performs a Codacy security scan
+# and integrates the results with the
+# GitHub Advanced Security code scanning feature.  For more information on
+# the Codacy security scan action usage and parameters, see
+# https://github.com/codacy/codacy-analysis-cli-action.
+# For more information on Codacy Analysis CLI in general, see
+# https://github.com/codacy/codacy-analysis-cli.
+
+name: Codacy Security Scan
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  codacy-security-scan:
+    name: Codacy Security Scan
+    runs-on: ubuntu-latest
+    steps:
+      # Checkout the repository to the GitHub Actions runner
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
+      - name: Run Codacy Analysis CLI
+        uses: codacy/codacy-analysis-cli-action@1.1.0
+        with:
+          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
+          # You can also omit the token and run the tools that support default configurations
+          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
+          verbose: true
+          output: results.sarif
+          format: sarif
+          # Adjust severity of non-security issues
+          gh-code-scanning-compat: true
+          # Force 0 exit code to allow SARIF file generation
+          # This will handover control about PR rejection to the GitHub side
+          max-allowed-issues: 2147483647
+
+      # Upload the SARIF file generated in the previous step
+      - name: Upload SARIF results file
+        uses: github/codeql-action/upload-sarif@v1
+        with:
+          sarif_file: results.sarif

From c331b1f31ba8df11fa7628ba5af1a41cee7a492a Mon Sep 17 00:00:00 2001
From: rugk <rugk+git@posteo.de>
Date: Tue, 16 Aug 2022 21:24:01 +0200
Subject: [PATCH 2/6] ci: checkout git submodules

---
 .github/workflows/codacy-analysis.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml
index f2633e9..c7ef7f5 100644
--- a/.github/workflows/codacy-analysis.yml
+++ b/.github/workflows/codacy-analysis.yml
@@ -22,6 +22,8 @@ jobs:
       # Checkout the repository to the GitHub Actions runner
       - name: Checkout code
         uses: actions/checkout@v2
+        with:
+          submodules: recursive
 
       # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Run Codacy Analysis CLI

From c75660c8f80e9cb6c83d3326c968a32d178d240a Mon Sep 17 00:00:00 2001
From: rugk <rugk+git@posteo.de>
Date: Tue, 16 Aug 2022 21:24:45 +0200
Subject: [PATCH 3/6] ci: bump version for codacy

---
 .github/workflows/codacy-analysis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml
index c7ef7f5..eea430c 100644
--- a/.github/workflows/codacy-analysis.yml
+++ b/.github/workflows/codacy-analysis.yml
@@ -27,7 +27,7 @@ jobs:
 
       # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@1.1.0
+        uses: codacy/codacy-analysis-cli-action@4.1.0
         with:
           # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
           # You can also omit the token and run the tools that support default configurations

From 49c7400447c3e26d6cac562190364f7b28d1934c Mon Sep 17 00:00:00 2001
From: rugk <rugk+git@posteo.de>
Date: Fri, 19 Aug 2022 18:26:32 +0200
Subject: [PATCH 4/6] ci: fix missing v prefix

Co-authored-by: Teal Dulcet <tdulcet@gmail.com>
---
 .github/workflows/codacy-analysis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml
index eea430c..477fcaa 100644
--- a/.github/workflows/codacy-analysis.yml
+++ b/.github/workflows/codacy-analysis.yml
@@ -27,7 +27,7 @@ jobs:
 
       # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@4.1.0
+        uses: codacy/codacy-analysis-cli-action@v4.1.0
         with:
           # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
           # You can also omit the token and run the tools that support default configurations

From d2782fed34b64cacf1693e7654b27a56a8cb6df0 Mon Sep 17 00:00:00 2001
From: rugk <rugk+git@posteo.de>
Date: Fri, 19 Aug 2022 18:29:52 +0200
Subject: [PATCH 5/6] ci: upgrade to v3 actually

---
 .github/workflows/codacy-analysis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml
index 477fcaa..f98c76d 100644
--- a/.github/workflows/codacy-analysis.yml
+++ b/.github/workflows/codacy-analysis.yml
@@ -21,7 +21,7 @@ jobs:
     steps:
       # Checkout the repository to the GitHub Actions runner
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           submodules: recursive
 

From da87e1362302e10294172ab8ae853c1e9b8ed9ed Mon Sep 17 00:00:00 2001
From: rugk <rugk+git@posteo.de>
Date: Wed, 19 Oct 2022 22:08:03 +0200
Subject: [PATCH 6/6] chore: bump version again hehe

Co-authored-by: Teal Dulcet <tdulcet@gmail.com>
---
 .github/workflows/codacy-analysis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml
index f98c76d..0b70bb2 100644
--- a/.github/workflows/codacy-analysis.yml
+++ b/.github/workflows/codacy-analysis.yml
@@ -27,7 +27,7 @@ jobs:
 
       # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@v4.1.0
+        uses: codacy/codacy-analysis-cli-action@v4.2.0
         with:
           # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
           # You can also omit the token and run the tools that support default configurations