From cd16b13ec2aa53baeffdfe02a33aff2f65d3a4c3 Mon Sep 17 00:00:00 2001
From: ForteScarlet <ForteScarlet@163.com>
Date: Tue, 6 Aug 2024 01:29:33 +0800
Subject: [PATCH] Update qodana_code_quality.yml

---
 .github/workflows/qodana_code_quality.yml | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/qodana_code_quality.yml b/.github/workflows/qodana_code_quality.yml
index 00f0e1b..c89013a 100644
--- a/.github/workflows/qodana_code_quality.yml
+++ b/.github/workflows/qodana_code_quality.yml
@@ -2,24 +2,31 @@ name: Qodana
 on:
   workflow_dispatch:
   pull_request:
-    branches-ignore:
-      - 'dependabot/**'
   push:
     branches:
       - dev/main
       - dev/master
       - main
       - master
-      - '!dependabot/**'
 
 jobs:
   qodana:
+    if: ${{ !startsWith(github.head_ref, 'dependabot/') }}
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+      checks: write
     steps:
       - uses: actions/checkout@v4
         with:
-          fetch-depth: 0
+          ref: ${{ github.event.pull_request.head.sha }}  # to check out the actual pull request commit, not the merge commit
+          fetch-depth: 0  # a full history is required for pull request analysis
       - name: 'Qodana Scan'
-        uses: JetBrains/qodana-action@v2023.3.2
+        uses: JetBrains/qodana-action@main
+        with:
+          upload-result: true
+          github-token: ${{ secrets.FORLIY_ACCESS_TOKEN }}
         env:
-          QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
+          QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }} # read the steps about it below
+          GITHUB_TOKEN: ${{ secrets.FORLIY_ACCESS_TOKEN }}