Add SQL injection sample #21

Workflow file for this run

	name: CI

	on: push

	jobs:
	build:
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4
	with:
	submodules: true

	- name: Set up Java
	uses: actions/setup-java@v3
	with:
	distribution: 'zulu'
	java-version: 11

	- name: Set up Gradle
	uses: gradle/gradle-build-action@v2

	- name: Build and run tests
	run: ./gradlew build --stacktrace --scan -x :cli:test

	- name: Publish test results
	uses: EnricoMi/publish-unit-test-result-action@v2
	if: always()
	with:
	files: "/build/test-results//*.xml"

	#---------------------------------------------
	# Here, the main build is complete, and below
	# is the sample usage of the analyzer.

	- name: Publish to local Maven repository
	run: ./gradlew :core:publishToMavenLocal :gradle:publish

	# NpeExamples

	- name: Run analysis on sample project
	working-directory: examples/byteflow-plugin-usage
	run: ./gradlew runAnalyzer

	- name: Upload SARIF report as artifact
	uses: actions/upload-artifact@v3
	with:
	name: sarif-report
	path: examples/byteflow-plugin-usage/report.sarif

	- name: Upload SARIF report
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: examples/byteflow-plugin-usage/report.sarif
	category: example

	# Juliet (CWE476 - NPE)

	- name: Run analysis on sample project (Juliet CWE476)
	working-directory: examples/byteflow-juliet
	run: ./gradlew analyzeJulietCwe476

	- name: Upload SARIF report as artifact (Juliet CWE476)
	uses: actions/upload-artifact@v3
	with:
	name: sarif-report-juliet-cwe476
	path: examples/byteflow-juliet/report-cwe476.sarif

	- name: Upload SARIF report (Juliet CWE476)
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: examples/byteflow-juliet/report-cwe476.sarif
	category: cwe476

	# Juliet (CWE690 - NPE)

	- name: Run analysis on sample project (Juliet CWE690)
	working-directory: examples/byteflow-juliet
	run: ./gradlew analyzeJulietCwe690

	- name: Upload SARIF report as artifact (Juliet CWE690)
	uses: actions/upload-artifact@v3
	with:
	name: sarif-report-juliet-cwe690
	path: examples/byteflow-juliet/report-cwe690.sarif

	- name: Upload SARIF report (Juliet CWE690)
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: examples/byteflow-juliet/report-cwe690.sarif
	category: cwe690

	# Juliet (CWE563 - Unused)

	- name: Run analysis on sample project (Juliet CWE563)
	working-directory: examples/byteflow-juliet
	run: ./gradlew analyzeJulietCwe563

	- name: Upload SARIF report as artifact (Juliet CWE563)
	uses: actions/upload-artifact@v3
	with:
	name: sarif-report-juliet-cwe563
	path: examples/byteflow-juliet/report-cwe563.sarif

	- name: Upload SARIF report (Juliet CWE563)
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: examples/byteflow-juliet/report-cwe563.sarif
	category: cwe563

	# Juliet (CWE89 - SQL)

	- name: Run analysis on sample project (Juliet CWE89)
	working-directory: examples/byteflow-juliet
	run: ./gradlew analyzeJulietCwe89

	- name: Upload SARIF report as artifact (Juliet CWE89)
	uses: actions/upload-artifact@v3
	with:
	name: sarif-report-juliet-cwe89
	path: examples/byteflow-juliet/report-cwe89.sarif

	- name: Upload SARIF report (Juliet CWE89)
	uses: github/codeql-action/upload-sarif@v2
	with:
	sarif_file: examples/byteflow-juliet/report-cwe89.sarif
	category: cwe89

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add SQL injection sample #21

Workflow file

Add SQL injection sample #21

Jobs

Run details

Workflow file for this run