Add qodana CI checks

[qodana-cloud]

Adds qodana.yaml and GitHub workflow file that runs Qodana static analysis on each pull request.

[github-actions]

Qodana for JVM

30 new problems were found

Inspection name	Severity	Problems
Taint analysis	🔶 Warning	6
Statement with empty body	🔶 Warning	2
Field may be 'final'	🔶 Warning	2
Non-safe string is used as SQL	🔶 Warning	2
Vulnerable declared dependency	🔶 Warning	2
Stream API call chain can be simplified	🔶 Warning	1
Redundant local variable	🔶 Warning	1
Duplicated code fragment	◽️ Notice	11
Vulnerable declared dependency	◽️ Notice	2
Constant values	◽️ Notice	1

☁️ View the detailed Qodana report

Detected 14 dependencies

Third-party software list

This page lists the third-party software dependencies used in project

Dependency	Version	Licenses
hikaricp	5.1.0	Apache-2.0
jackson-annotations	2.18.1	Apache-2.0
jackson-core	2.18.1	Apache-2.0
jackson-databind	2.18.1	Apache-2.0
jackson-datatype-jsr310	2.18.1	Apache-2.0
javax.servlet-api	4.0.1	CDDL-1.0 GPL-2.0-only ORACLE-OPENJDK-EXCEPTION-2.0
javax.servlet.jsp-api	2.3.3	GPL-2.0-only
jbcrypt	0.4	ISC
jstl	1.2	CDDL-1.0
logback-classic	1.5.6	EPL-1.0 LGPL-2.0-or-later
logback-core	1.5.6	EPL-1.0 LGPL-2.0-or-later
mysql-connector-j	8.3.0	EPL-1.0 GPL-2.0-only LGPL-2.1-only
protobuf-java	3.25.1	BSD-3-Clause
slf4j-api	2.0.13	MIT

Contact Qodana team

Contact us at qodana-support@jetbrains.com

• Or via our issue tracker: https://jb.gg/qodana-issue
• Or share your feedback: https://jb.gg/qodana-discussions