contents: read  # for actions/checkout to fetch code
      security-events: write  # for github/codeql-action/analyze to upload SARIF results
    runs-on: ubuntu-latest

    strategy:
      fail-fast: false
      matrix:
        # Override automatic language detection by changing the below list
        # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']

name: Check issues metadata

on:
  issues:
    types: [ opened, unlabeled, closed ]

permissions: {}

jobs:
  check_issue_metadata:
    permissions:
      issues: write
    runs-on: ubuntu-latest
    steps:
      # Check that issues have proper metadata: labels and milestone
      # https://github.com/gradle/issue-management-action/blob/main/src/issue-metadata.ts
      - uses: gradle/issue-management-action@v1
        with:

on:
  schedule:
    - cron: '0 * * * *' # every hour
  workflow_dispatch:

permissions: {}

jobs:
  feedback:
    permissions:
      issues: write
      pull-requests: write
    runs-on: ubuntu-latest
    steps:
      # Feedback loop: ask for something on PR/Issue and close if not provided or return to the queue on update.
      # https://github.com/gradle/issue-management-action/blob/main/src/feedback.ts

name: Submit Dependency Graph
on:
  workflow_dispatch:
  push:
    branches:
      - master

permissions: {}

jobs:
  generate-and-submit:
    permissions:
      contents: write
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
    - uses: actions/setup-java@v4
      with:
        distribution: temurin
        java-version: 11
    - name: Setup Gradle