├── .github └── workflows │ ├── code-scanning.yml │ └── jdk-builder.yml └── README.md /.github/workflows/code-scanning.yml: -------------------------------------------------------------------------------- 1 | name: JDK code-scanning builder 2 | 3 | on: 4 | workflow_call: 5 | inputs: 6 | REPOSITORY: 7 | required: true 8 | type: string 9 | VERSION: 10 | required: true 11 | type: number 12 | TAG: 13 | required: true 14 | type: string 15 | default: 'latest' 16 | CONFIGURE_OPTS: 17 | required: true 18 | type: string 19 | 20 | 21 | jobs: 22 | jdk4ql: 23 | runs-on: ubuntu-20.04 24 | 25 | steps: 26 | - name: ENV setup 27 | run: |- 28 | cat <(echo "MINUS=$((${{ inputs.VERSION }}-1))" | tee -a $GITHUB_ENV) 29 | 30 | if [[ "${{ inputs.TAG }}" == "latest" || "${{ inputs.TAG }}" == "" ]]; then 31 | TAG=$(curl https://api.github.com/repos/${{ inputs.REPOSITORY }}/tags | jq -r '.[].name' | grep ${{ inputs.VERSION }} | head -n 1) 32 | else 33 | TAG=${{ inputs.TAG }} 34 | fi 35 | 36 | cat <(echo "TAG=$TAG" | tee -a $GITHUB_ENV) 37 | 38 | - name: Checkout JDK repo 39 | uses: actions/checkout@v3 40 | with: 41 | repository: ${{ inputs.REPOSITORY }} 42 | ref: ${{ env.TAG }} 43 | 44 | - name: "Set up JDK ${{ env.MINUS }}" 45 | uses: AdoptOpenJDK/install-jdk@v1 46 | if: ${{ inputs.VERSION > 8 }} 47 | with: 48 | version: ${{ env.MINUS }} 49 | architecture: x64 50 | targets: "JAVA_HOME_MINUS" 51 | 52 | - name: "Set up JDK ${{ inputs.VERSION }}" 53 | uses: AdoptOpenJDK/install-jdk@v1 54 | with: 55 | version: ${{ inputs.VERSION }} 56 | architecture: x64 57 | targets: "JAVA_HOME_NOW" 58 | 59 | - name: Install apt dependencies 60 | run: |- 61 | DEBIAN_FRONTEND=noninteractive sudo apt update -y 62 | DEBIAN_FRONTEND=noninteractive sudo apt install -y libx11-dev libxext-dev libxrender-dev libxrandr-dev libxtst-dev libxt-dev libcups2-dev libasound2-dev libfreetype6-dev gawk libfontconfig1-dev cpio autoconf 63 | 64 | - name: Run ./configure 65 | run: bash ./configure ${{ inputs.CONFIGURE_OPTS }} 66 | 67 | - name: Initialize CodeQL 68 | uses: github/codeql-action/init@v2 69 | with: 70 | languages: 'java' 71 | 72 | - name: Build 73 | run: |- 74 | make images JOBS=$(nproc) 75 | 76 | - name: Perform CodeQL Analysis 77 | uses: github/codeql-action/analyze@v2 78 | with: 79 | upload: false 80 | skip-queries: true 81 | -------------------------------------------------------------------------------- /.github/workflows/jdk-builder.yml: -------------------------------------------------------------------------------- 1 | name: JDK builder 2 | 3 | on: 4 | schedule: 5 | - cron: "0 0 1 * *" 6 | workflow_dispatch: 7 | 8 | jobs: 9 | 10 | jdk4ql: 11 | strategy: 12 | fail-fast: false 13 | matrix: 14 | REPO: [openjdk/jdk^u] 15 | VERSION: [8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18] 16 | TAG: [latest] 17 | include: 18 | - VERSION: 8 19 | CONFIGURE_OPTS: "--with-extra-cflags=-Wno-error --with-extra-cxxflags=-Wno-error --with-freetype-include=/usr/include/freetype2 --with-freetype-lib=/usr/lib/x86_64-linux-gnu --with-boot-jdk=$JAVA_HOME_NOW" 20 | - VERSION: 9 21 | CONFIGURE_OPTS: "--disable-javac-server --disable-warnings-as-errors --disable-generate-classlist --with-boot-jdk=$JAVA_HOME_MINUS --with-build-jdk=$JAVA_HOME_NOW" 22 | - VERSION: 10 23 | CONFIGURE_OPTS: "--disable-javac-server --disable-warnings-as-errors --disable-generate-classlist --with-boot-jdk=$JAVA_HOME_MINUS --with-build-jdk=$JAVA_HOME_NOW" 24 | - VERSION: 11 25 | CONFIGURE_OPTS: "--disable-javac-server --disable-warnings-as-errors --disable-generate-classlist --with-boot-jdk=$JAVA_HOME_MINUS --with-build-jdk=$JAVA_HOME_NOW" 26 | - VERSION: 12 27 | CONFIGURE_OPTS: "--disable-javac-server --disable-warnings-as-errors --disable-generate-classlist --with-boot-jdk=$JAVA_HOME_MINUS --with-build-jdk=$JAVA_HOME_NOW --disable-cds-archive" 28 | - VERSION: 13 29 | CONFIGURE_OPTS: "--disable-javac-server --disable-warnings-as-errors --disable-generate-classlist --with-boot-jdk=$JAVA_HOME_MINUS --with-build-jdk=$JAVA_HOME_NOW --disable-cds-archive" 30 | - VERSION: 14 31 | CONFIGURE_OPTS: "--disable-javac-server --disable-warnings-as-errors --disable-generate-classlist --with-boot-jdk=$JAVA_HOME_MINUS --with-build-jdk=$JAVA_HOME_NOW --disable-cds-archive" 32 | - VERSION: 15 33 | CONFIGURE_OPTS: "--disable-javac-server --disable-warnings-as-errors --disable-generate-classlist --with-boot-jdk=$JAVA_HOME_MINUS --with-build-jdk=$JAVA_HOME_NOW --disable-cds-archive --disable-jvm-feature-cds" 34 | - VERSION: 16 35 | CONFIGURE_OPTS: "--disable-javac-server --disable-warnings-as-errors --disable-generate-classlist --with-boot-jdk=$JAVA_HOME_MINUS --with-build-jdk=$JAVA_HOME_NOW --disable-cds-archive --disable-jvm-feature-cds" 36 | - VERSION: 17 37 | CONFIGURE_OPTS: "--disable-javac-server --disable-warnings-as-errors --disable-generate-classlist --with-boot-jdk=$JAVA_HOME_MINUS --with-build-jdk=$JAVA_HOME_NOW --disable-cds-archive --disable-jvm-feature-cds" 38 | - VERSION: 18 39 | CONFIGURE_OPTS: "--disable-javac-server --disable-warnings-as-errors --disable-generate-classlist --with-boot-jdk=$JAVA_HOME_MINUS --with-build-jdk=$JAVA_HOME_NOW --disable-cds-archive --disable-jvm-feature-cds" 40 | 41 | runs-on: ubuntu-20.04 42 | 43 | steps: 44 | - name: ENV setup 45 | run: |- 46 | export `cat <(echo "REPOSITORY=$(echo ${{matrix.REPO}} | sed -e 's@\^@${{matrix.VERSION}}@g')" | tee -a $GITHUB_ENV)` 47 | cat <(echo "MINUS=$((${{matrix.VERSION}}-1))" | tee -a $GITHUB_ENV) 48 | 49 | if [[ "${{matrix.TAG}}" == *"^"* ]]; then 50 | TAG=$(echo ${{matrix.TAG}} | sed -e 's@\^@${{matrix.VERSION}}@g') 51 | elif [[ "${{matrix.TAG}}" == "latest" ]]; then 52 | TAG=$(curl https://api.github.com/repos/$REPOSITORY/tags | jq -r '.[].name' | grep ${{matrix.VERSION}} | head -n 1) 53 | else 54 | TAG=${{matrix.TAG}} 55 | fi 56 | 57 | cat <(echo "TAG=$TAG" | tee -a $GITHUB_ENV) 58 | 59 | - name: Checkout JDK repo 60 | uses: actions/checkout@v3 61 | with: 62 | repository: ${{env.REPOSITORY}} 63 | ref: ${{env.TAG}} 64 | 65 | - name: "Set up JDK ${{env.MINUS}}" 66 | uses: AdoptOpenJDK/install-jdk@v1 67 | if: ${{ matrix.VERSION > 8 }} 68 | with: 69 | version: ${{env.MINUS}} 70 | architecture: x64 71 | targets: "JAVA_HOME_MINUS" 72 | 73 | - name: "Set up JDK ${{matrix.VERSION}}" 74 | uses: AdoptOpenJDK/install-jdk@v1 75 | with: 76 | version: ${{matrix.VERSION}} 77 | architecture: x64 78 | targets: "JAVA_HOME_NOW" 79 | 80 | - name: Install apt dependencies 81 | run: |- 82 | DEBIAN_FRONTEND=noninteractive sudo apt update -y 83 | DEBIAN_FRONTEND=noninteractive sudo apt install -y libx11-dev libxext-dev libxrender-dev libxrandr-dev libxtst-dev libxt-dev libcups2-dev libasound2-dev libfreetype6-dev gawk libfontconfig1-dev cpio autoconf 84 | 85 | - name: Run ./configure 86 | run: |- 87 | bash ./configure ${{matrix.CONFIGURE_OPTS}} 88 | 89 | - name: "CodeQL binary: Download & Add to $PATH" 90 | run: |- 91 | wget https://github.com/github/codeql-cli-binaries/releases/latest/download/codeql-linux64.zip -O codeql.zip 92 | unzip -q codeql.zip && rm codeql.zip && mv codeql codeql-bin 93 | echo "`pwd`/codeql-bin" >> $GITHUB_PATH 94 | 95 | - name: "CodeQL database: Create" 96 | run: |- 97 | codeql database create --overwrite --threads 0 --cleanup-upgrade-backups --mode brutal -v --language java -c "make images JOBS=$(nproc)" ${{env.TAG}}-DB 98 | 99 | - name: "CodeQL database: Bundle" 100 | run: |- 101 | codeql database bundle --cleanup-upgrade-backups --mode brutal -v -o ${{env.TAG}}-DB.zip ${{env.TAG}}-DB 102 | 103 | - name: "CodeQL database: Upload as artifact" 104 | uses: actions/upload-artifact@v3 105 | with: 106 | name: ${{env.TAG}}-DB 107 | path: ${{env.TAG}}-DB.zip 108 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # JDK 4 QL 2 | 3 | Monthly-updated JDK databases to perform variant analysis with CodeQL. 4 | 5 | Visit [the Actions page](https://github.com/jorgectf/jdk4QL/actions), click on the latest workflow and download the artifacts. You may need to unzip the downloaded artifact from the GitHub UI before using it with CodeQL as per a known double-zip [issue](https://github.com/actions/upload-artifact/issues/39). 6 | 7 | --- 8 | 9 | https://github.com/jorgectf/jdk8u/actions/workflows/build.yml 10 | https://github.com/jorgectf/jdk11u/actions/workflows/build.yml 11 | https://github.com/jorgectf/jdk12u/actions/workflows/build.yml 12 | https://github.com/jorgectf/jdk13u/actions/workflows/build.yml 13 | https://github.com/jorgectf/jdk14u/actions/workflows/build.yml 14 | https://github.com/jorgectf/jdk15u/actions/workflows/build.yml 15 | https://github.com/jorgectf/jdk16u/actions/workflows/build.yml 16 | https://github.com/jorgectf/jdk17u/actions/workflows/build.yml 17 | https://github.com/jorgectf/jdk18u/actions/workflows/build.yml 18 | --------------------------------------------------------------------------------