From 6f19e2e4e5205431f4b570004e8efdfeb079b435 Mon Sep 17 00:00:00 2001
From: damachine <christkue79@gmail.com>
Date: Sun, 14 Sep 2025 02:35:42 +0200
Subject: [PATCH 1/5] Add Codacy security scan workflow

---
 .github/workflows/codacy.yml | 61 ++++++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)
 create mode 100644 .github/workflows/codacy.yml

diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml
new file mode 100644
index 0000000..8c2d7bf
--- /dev/null
+++ b/.github/workflows/codacy.yml
@@ -0,0 +1,61 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# This workflow checks out code, performs a Codacy security scan
+# and integrates the results with the
+# GitHub Advanced Security code scanning feature.  For more information on
+# the Codacy security scan action usage and parameters, see
+# https://github.com/codacy/codacy-analysis-cli-action.
+# For more information on Codacy Analysis CLI in general, see
+# https://github.com/codacy/codacy-analysis-cli.
+
+name: Codacy Security Scan
+
+on:
+  push:
+    branches: [ "main", "beta", "v2.00rc" ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ "main" ]
+  schedule:
+    - cron: '25 17 * * 5'
+
+permissions:
+  contents: read
+
+jobs:
+  codacy-security-scan:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+    name: Codacy Security Scan
+    runs-on: ubuntu-latest
+    steps:
+      # Checkout the repository to the GitHub Actions runner
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
+      - name: Run Codacy Analysis CLI
+        uses: codacy/codacy-analysis-cli-action@d840f886c4bd4edc059706d09c6a1586111c540b
+        with:
+          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
+          # You can also omit the token and run the tools that support default configurations
+          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
+          verbose: true
+          output: results.sarif
+          format: sarif
+          # Adjust severity of non-security issues
+          gh-code-scanning-compat: true
+          # Force 0 exit code to allow SARIF file generation
+          # This will handover control about PR rejection to the GitHub side
+          max-allowed-issues: 2147483647
+
+      # Upload the SARIF file generated in the previous step
+      - name: Upload SARIF results file
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: results.sarif

From 312412ef3f26e8d39a9b5b629824b387b5690fa2 Mon Sep 17 00:00:00 2001
From: damachine <christkue79@gmail.com>
Date: Sun, 14 Sep 2025 02:38:54 +0200
Subject: [PATCH 2/5] Update .github/workflows/codacy.yml

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 .github/workflows/codacy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml
index 8c2d7bf..3b292bd 100644
--- a/.github/workflows/codacy.yml
+++ b/.github/workflows/codacy.yml
@@ -40,7 +40,7 @@ jobs:
 
       # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@d840f886c4bd4edc059706d09c6a1586111c540b
+        uses: codacy/codacy-analysis-cli-action@v4.3.0
         with:
           # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
           # You can also omit the token and run the tools that support default configurations

From 8d25ff5584af4a627b2534afcf6e7e0f02dd2f06 Mon Sep 17 00:00:00 2001
From: damachine <christkue79@gmail.com>
Date: Sun, 14 Sep 2025 02:39:14 +0200
Subject: [PATCH 3/5] Update .github/workflows/codacy.yml

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 .github/workflows/codacy.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml
index 3b292bd..9f9d4e6 100644
--- a/.github/workflows/codacy.yml
+++ b/.github/workflows/codacy.yml
@@ -52,7 +52,8 @@ jobs:
           gh-code-scanning-compat: true
           # Force 0 exit code to allow SARIF file generation
           # This will handover control about PR rejection to the GitHub side
-          max-allowed-issues: 2147483647
+          # Set a reasonable threshold to avoid masking important security findings
+          max-allowed-issues: 100
 
       # Upload the SARIF file generated in the previous step
       - name: Upload SARIF results file

From dc44c483851d805ff98f3583b2d3395bbb2dbca1 Mon Sep 17 00:00:00 2001
From: damachine <christkue79@gmail.com>
Date: Wed, 1 Oct 2025 05:39:43 +0200
Subject: [PATCH 4/5] Modify Codacy workflow for schedule and action version

Updated Codacy workflow to change cron schedule and CLI action version.

Signed-off-by: damachine <christkue79@gmail.com>
---
 .github/workflows/codacy.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml
index 9f9d4e6..de3b4af 100644
--- a/.github/workflows/codacy.yml
+++ b/.github/workflows/codacy.yml
@@ -1,3 +1,4 @@
+
 # This workflow uses actions that are not certified by GitHub.
 # They are provided by a third-party and are governed by
 # separate terms of service, privacy policy, and support
@@ -20,7 +21,7 @@ on:
     # The branches below must be a subset of the branches above
     branches: [ "main" ]
   schedule:
-    - cron: '25 17 * * 5'
+    - cron: '40 13 * * 5'
 
 permissions:
   contents: read
@@ -40,7 +41,7 @@ jobs:
 
       # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@v4.3.0
+        uses: codacy/codacy-analysis-cli-action@d840f886c4bd4edc059706d09c6a1586111c540b
         with:
           # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
           # You can also omit the token and run the tools that support default configurations
@@ -52,8 +53,7 @@ jobs:
           gh-code-scanning-compat: true
           # Force 0 exit code to allow SARIF file generation
           # This will handover control about PR rejection to the GitHub side
-          # Set a reasonable threshold to avoid masking important security findings
-          max-allowed-issues: 100
+          max-allowed-issues: 2147483647
 
       # Upload the SARIF file generated in the previous step
       - name: Upload SARIF results file

From d5aefd692da8c69541d60d06fd902f9de9aec4ee Mon Sep 17 00:00:00 2001
From: damachine <christkue79@gmail.com>
Date: Wed, 1 Oct 2025 05:41:34 +0200
Subject: [PATCH 5/5] Modify Codacy workflow schedule and action version

Updated the Codacy workflow to change the cron schedule and update the Codacy Analysis CLI action version.

Signed-off-by: damachine <christkue79@gmail.com>
---
 .github/workflows/codacy.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml
index 9f9d4e6..de3b4af 100644
--- a/.github/workflows/codacy.yml
+++ b/.github/workflows/codacy.yml
@@ -1,3 +1,4 @@
+
 # This workflow uses actions that are not certified by GitHub.
 # They are provided by a third-party and are governed by
 # separate terms of service, privacy policy, and support
@@ -20,7 +21,7 @@ on:
     # The branches below must be a subset of the branches above
     branches: [ "main" ]
   schedule:
-    - cron: '25 17 * * 5'
+    - cron: '40 13 * * 5'
 
 permissions:
   contents: read
@@ -40,7 +41,7 @@ jobs:
 
       # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@v4.3.0
+        uses: codacy/codacy-analysis-cli-action@d840f886c4bd4edc059706d09c6a1586111c540b
         with:
           # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
           # You can also omit the token and run the tools that support default configurations
@@ -52,8 +53,7 @@ jobs:
           gh-code-scanning-compat: true
           # Force 0 exit code to allow SARIF file generation
           # This will handover control about PR rejection to the GitHub side
-          # Set a reasonable threshold to avoid masking important security findings
-          max-allowed-issues: 100
+          max-allowed-issues: 2147483647
 
       # Upload the SARIF file generated in the previous step
       - name: Upload SARIF results file