I have given it some, yes, but it is worthy of some further investigation. I would love to spend the time automating the builds of the binaries / JAR using GitHub actions, but instead I have been looking into running the JAR directly to make the solution more complete, but maybe I should shift focus and let someone else pick up the running the JAR work.
I’m investigating the build automation here: https://github.com/logpresso/CVE-2021-44228-Scanner/issues/133
Some discussion here:
Some info about the company here:
I have actually been filing issues on github with the project and the developer has been SUPER responsive.
I haven’t touched Java since school, but I could look it over.
I was also looking into adding some automated code validation and scanning to the github project, but I got kind of confused if it was giving me results or not, or where they would show up for the CodeQL analysis I was doing.