chore: detekt workflow pins, readme updates, mit license

Signed-off-by: Sam Gammon <sam@elide.ventures>

.github/workflows/module.detekt.yml

@@ -11,6 +11,9 @@ on:
   schedule:
      - cron: '29 21 * * 0'
 
+permissions:
+  contents: read
+
 env:
   DETEKT_RELEASE_TAG: v1.15.0
 
@@ -24,8 +27,14 @@ jobs:
       contents: read
       security-events: write
     steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0
+      with:
+        egress-policy: audit
     - name: "Setup: Checkout"
-      uses: actions/checkout@v3
+      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      with:
+        fetch-depth: 0
     - name: "Setup: Detekt download URL"
       id: detekt_info
       env:
@@ -55,7 +64,6 @@ jobs:
 
         DETEKT_DOWNLOAD_URL=$(jq --raw-output '.data.repository.release.releaseAssets.nodes[0].downloadUrl' gh_response.json)
         echo "download_url=$DETEKT_DOWNLOAD_URL" >> $GITHUB_OUTPUT
-
     # Sets up the detekt cli
     - name: "Setup: Detekt"
       run: |
@@ -67,13 +75,11 @@ jobs:
           --output $dest/detekt
         chmod a+x $dest/detekt
         echo $dest >> $GITHUB_PATH
-
     # Performs static analysis using Detekt
     - name: "Checks: Detekt"
       continue-on-error: true
       run: |
         detekt --input ${{ github.workspace }} --report sarif:${{ github.workspace }}/detekt.sarif.json
-
     # Modifies the SARIF output produced by Detekt so that absolute URIs are relative
     # This is so we can easily map results onto their source files
     # This can be removed once relative URI support lands in Detekt: https://git.io/JLBbA
@@ -86,10 +92,9 @@ jobs:
             '. | ( .runs[].results[].locations[].physicalLocation.artifactLocation.uri |= if test($github_workspace) then .[($github_workspace | length | . + 1):] else . end )' \
             ${{ github.workspace }}/detekt.sarif.json
         )" > ${{ github.workspace }}/detekt.sarif.json
-
     # Uploads results to GitHub repository using the upload-sarif action
     - name: "Report: Upload SARIF"
-      uses: github/codeql-action/upload-sarif@v2
+      uses: github/codeql-action/upload-sarif@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5
       with:
         # Path to SARIF file relative to the root of the repository
         sarif_file: ${{ github.workspace }}/detekt.sarif.json

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022, Elide Project Authors (see NOTICE).
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -1,6 +1,15 @@
 
 # Planetscale Connector/J
 
+[![CI](https://github.com/elide-dev/planetscale-java/actions/workflows/on.push.yml/badge.svg)](https://github.com/elide-dev/planetscale-java/actions/workflows/on.push.yml)
+[![codecov](https://codecov.io/gh/elide-dev/planetscale-java/graph/badge.svg?token=MRUx3BHbMG)](https://codecov.io/gh/elide-dev/planetscale-java)
+[![Java 21](https://img.shields.io/badge/Java-20-blue.svg?logo=oracle)](https://openjdk.org/projects/jdk/21/)
+[![Kotlin](https://img.shields.io/badge/Kotlin-1.9.20-blue.svg?logo=kotlin)](http://kotlinlang.org)
+[![GraalVM](https://img.shields.io/badge/GraalVM-23.x.x-blue.svg?logo=oracle)](https://www.graalvm.org/)
+[![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=elide-dev_planetscale-java&metric=security_rating)](https://sonarcloud.io/summary/new_code?id=elide-dev_planetscale-java)
+[![Reliability Rating](https://sonarcloud.io/api/project_badges/measure?project=elide-dev_planetscale-java&metric=reliability_rating)](https://sonarcloud.io/summary/new_code?id=elide-dev_planetscale-java)
+[![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=elide-dev_planetscale-java&metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=elide-dev_planetscale-java)
+
 > **Note**
 > Under construction; use at your own risk
 
@@ -261,6 +270,8 @@ The following devops features are baked into the library's code or process:
 
 - **Testing:** The library has reasonable [test coverage][8], and can be mocked under the hood with [H2][9].
 
+- **Analysis:** Linting and static analysis with [CodeQL][16], [Detekt][17], and [ktlint][18].
+
 - **Integrity:** Dependencies are locked, hash-sealed and signature-checked. We also ship [SBOMs][15] with each release.
 
 - **Provenance:** [SLSA provenance][10] is issued during the release process, and releases are published to
@@ -280,7 +291,13 @@ The following devops features are baked into the library's code or process:
 - **Humans:** We are friendly people who are open to contributions, and we adopt a
   [Code of Conduct](./CODE_OF_CONDUCT.md) which encourages good faith collaboration.
 
-- **License:** TBD, open source.
+- **License:** [MIT license](./LICENSE).
+
+
+### Build caching
+
+This library uses [Buildless][19] to cache build artifacts and accelerate builds. This cache project is public, so
+open-source contributors can use it, too. No setup is needed.
 
 
 Made with ❤️ by [Elide](https://elide.dev)
@@ -300,3 +317,7 @@ Made with ❤️ by [Elide](https://elide.dev)
 [13]: https://developercertificate.org/
 [14]: ./.github/CLA.md
 [15]: https://spdx.dev/
+[16]: https://securitylab.github.com/tools/codeql
+[17]: https://detekt.github.io/detekt/
+[18]: https://ktlint.github.io/
+[19]: https://less.build/