with:
          name: SARIF file
          path: results.sarif
          retention-days: 5

      # Upload the results to GitHub's code scanning dashboard (optional).
      # Commenting out will disable upload of results to your repo's Code Scanning dashboard
      - name: "Upload to code-scanning"
        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.29.5
        with:

        # Learn more...
        # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection

    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
      uses: github/codeql-action/init@v3
      with:
        languages: ${{ matrix.language }}

        with:
          name: SARIF file
          path: results.sarif
          retention-days: 5

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
        uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
        with:

name: "Code scanning - action"

on:
  push:
    branches: [ main, master, release ]
  schedule:
    - cron: '0 5 * * *'

permissions: {}

jobs:
  CodeQL-Build:
    permissions:
      actions: read  # for github/codeql-action/init to get workflow details
      contents: read  # for actions/checkout to fetch code
      security-events: write  # for github/codeql-action/analyze to upload SARIF results
    runs-on: ubuntu-latest

 * to register, retrieve, and discover available data stores.
 *
 * <p>Data stores are registered by name and class name, allowing flexible lookup.
 * The factory also supports dynamic discovery of data store plugins by scanning
 * JAR files for data store configurations.</p>
 *
 * <p>Thread-safe operations are supported for registration and retrieval of data stores.
 * The factory caches data store names with a time-based refresh mechanism to improve

### Application Discovery { #application-discovery }

     */
    public ProtocolHelper() {
        // Default constructor
    }

    /**
     * Initializes the protocol helper by loading configured protocols from FessConfig
     * and scanning for available protocol handlers in the classpath.
     * This method is called automatically after bean construction.
     */
    @PostConstruct
    public void init() {

 *       not support this directly, either, but ClassGraph documents how to <a
 *       href="https://github.com/classgraph/classgraph/wiki/Build-Time-Scanning">perform build-time
 *       classpath scanning and make the results available to an Android app</a>.)
 *   <li>Like all of Guava, it is not tested under Windows. We have gotten <a

   * C} will be excluded from automated serialization test performed by this method.
   */
  @Test
  public void testSerializable() throws Exception {
    // TODO: when we use @BeforeClass, we can pay the cost of class path scanning only once.
    for (Class<?> classToTest :
        findClassesToTest(loadClassesInPackage(), SERIALIZABLE_TEST_METHOD_NAMES)) {
      if (Serializable.class.isAssignableFrom(classToTest)) {
        try {

   * C} will be excluded from automated serialization test performed by this method.
   */
  @Test
  public void testSerializable() throws Exception {
    // TODO: when we use @BeforeClass, we can pay the cost of class path scanning only once.
    for (Class<?> classToTest :
        findClassesToTest(loadClassesInPackage(), SERIALIZABLE_TEST_METHOD_NAMES)) {
      if (Serializable.class.isAssignableFrom(classToTest)) {
        try {