Changes to analyze using sonar.

.github/workflows/build.yml

@@ -24,15 +24,18 @@ jobs:
           path: ~/.sonar/cache
           key: ${{ runner.os }}-sonar
           restore-keys: ${{ runner.os }}-sonar
-      - name: Cache local Maven repository
+      - name: Cache Maven packages
         uses: actions/cache@v2
         with:
-          path: ~/.m2/repository
-          key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
-          restore-keys: |
-            ${{ runner.os }}-maven-
-      - name: Build
-        run: mvn --batch-mode clean org.jacoco:jacoco-maven-plugin:prepare-agent install
+          path: ~/.m2
+          key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+          restore-keys: ${{ runner.os }}-m2
+      - name: Build and analyze
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=BentoBoxWorld_BentoBox
+      - run: mvn --batch-mode clean org.jacoco:jacoco-maven-plugin:prepare-agent install
       - run: mkdir staging && cp target/*.jar staging
       - name: Save artifacts
         uses: actions/upload-artifact@v2

pom.xml

@@ -365,6 +365,7 @@
                         java.base/java.lang.reflect=ALL-UNNAMED
                         --add-opens
                         java.logging/java.util.logging=ALL-UNNAMED
+                        java.base/java.util.zip=ALL-UNNAMED
                         --illegal-access=permit
                     </argLine>
                 </configuration>