Enable CodeQL in Azure Pipelines (#723)

.azure-pipelines/ci.yml

@@ -2,8 +2,8 @@ trigger:
 - main
 
 jobs:
-  - job: cred_scan
-    displayName: Cred Scan
+  - job: static_analysis
+    displayName: Static Code Analysis
     pool:
       vmImage: 'windows-latest'
     steps:
@@ -13,13 +13,34 @@ jobs:
         toolMajorVersion: V2
         verboseOutput: true
         debugMode: false
-    - task: securedevelopmentteam.vss-secure-development-tools.build-task-postanalysis.PostAnalysis@1
+    - task: Semmle@1
+      displayName: Code QL for TS/JS
+      inputs:
+        sourceCodeDirectory: '$(Build.SourcesDirectory)'
+        language: 'tsandjs'
+        includeNodeModules: false
+        querySuite: 'Recommended'
+        timeout: '1800'
+        ram: '16384'
+        addProjectDirToScanningExclusionList: true
+    - task: Semmle@1
+      displayName: Code QL for Java
+      inputs:
+        sourceCodeDirectory: '$(Build.SourcesDirectory)/jdtls.ext'
+        language: 'java'
+        querySuite: 'Recommended'
+        timeout: '1800'
+        ram: '16384'
+        addProjectDirToScanningExclusionList: true
+    - task: PostAnalysis@1
       displayName: 'Post Analysis'
       inputs:
         CredScan: true
+        Semmle: true
+        SemmleBreakOn: 'Error'
+        ToolLogsNotFoundAction: 'Standard'
 
   - job: ci
-    dependsOn: cred_scan
     displayName: VS Code Maven CI
     pool:
       vmImage: 'ubuntu-latest'

jdtls.ext/pom.xml

@@ -74,7 +74,7 @@
         <repository>
             <id>photon</id>
             <layout>p2</layout>
-            <url>http://download.eclipse.org/releases/photon</url>
+            <url>https://download.eclipse.org/releases/photon</url>
         </repository>
         <repository>
             <id>oss.sonatype.org</id>
@@ -86,17 +86,17 @@
         <repository>
             <id>LSP4J</id>
             <layout>p2</layout>
-            <url>http://download.eclipse.org/lsp4j/updates/releases/0.5.0/</url>
+            <url>https://download.eclipse.org/lsp4j/updates/releases/0.5.0/</url>
         </repository>
         <repository>
             <id>JDT.LS</id>
             <layout>p2</layout>
-            <url>http://download.eclipse.org/jdtls/snapshots/repository/latest/</url>
+            <url>https://download.eclipse.org/jdtls/snapshots/repository/latest/</url>
         </repository>
         <repository>
             <id>JBOLL.TOOLS</id>
             <layout>p2</layout>
-            <url>http://download.jboss.org/jbosstools/updates/m2e-extensions/m2e-apt/1.5.0-2018-05-16_00-46-30-H11</url>
+            <url>https://download.jboss.org/jbosstools/updates/m2e-extensions/m2e-apt/1.5.0-2018-05-16_00-46-30-H11</url>
         </repository>
     </repositories>
 </project>