github
diff --git a/‎CHANGELOG.md
+1-1 b/‎CHANGELOG.md
+1-1
diff --git a/‎lib/analyze-action-post.js
+14 b/‎lib/analyze-action-post.js
+14
diff --git a/‎lib/analyze-action-post.js.map
+1-1 b/‎lib/analyze-action-post.js.map
+1-1
diff --git a/‎lib/analyze.js
+9 b/‎lib/analyze.js
+9
diff --git a/‎lib/analyze.js.map
+1-1 b/‎lib/analyze.js.map
+1-1
diff --git a/‎lib/dependency-caching.js
+12 b/‎lib/dependency-caching.js
+12
diff --git a/‎lib/dependency-caching.js.map
+1-1 b/‎lib/dependency-caching.js.map
+1-1
diff --git a/‎src/analyze-action-post.ts
+17 b/‎src/analyze-action-post.ts
+17
diff --git a/‎src/analyze.ts
+11 b/‎src/analyze.ts
+11
@@ -4,7 +4,7 @@ See the [releases page](https://github.com/github/codeql-action/releases) for th
 
 ## [UNRELEASED]
 
-No user facing changes.
+- Dependency caching should now cache more dependencies for Java `build-mode: none` extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
 
 ## 3.28.11 - 07 Mar 2025
 
 
@@ -3,13 +3,16 @@
  * It will run after the all steps in this job, in reverse order in relation to
  * other `post:` hooks.
  */
+import * as fs from "fs";
+
 import * as core from "@actions/core";
 
 import * as actionsUtil from "./actions-util";
 import { getGitHubVersion } from "./api-client";
 import { getCodeQL } from "./codeql";
 import { getConfig } from "./config-utils";
 import * as debugArtifacts from "./debug-artifacts";
+import { getJavaTempDependencyDir } from "./dependency-caching";
 import { EnvVar } from "./environment";
 import { getActionsLogger } from "./logging";
 import { checkGitHubVersionInRange, getErrorMessage } from "./util";
@@ -38,6 +41,20 @@ async function runWrapper() {
         );
       }
     }
+
+    // If we analysed Java in build-mode: none, we may have downloaded dependencies
+    // to the temp directory. Clean these up so they don't persist unnecessarily
+    // long on self-hosted runners.
+    const javaTempDependencyDir = getJavaTempDependencyDir();
+    if (fs.existsSync(javaTempDependencyDir)) {
+      try {
+        fs.rmSync(javaTempDependencyDir, { recursive: true });
+      } catch (error) {
+        logger.info(
+          `Failed to remove temporary Java dependencies directory: ${getErrorMessage(error)}`,
+        );
+      }
+    }
   } catch (error) {
     core.setFailed(
       `analyze post-action step failed: ${getErrorMessage(error)}`,
 
@@ -11,6 +11,7 @@ import { getApiClient } from "./api-client";
 import { setupCppAutobuild } from "./autobuild";
 import { CodeQL, getCodeQL } from "./codeql";
 import * as configUtils from "./config-utils";
+import { getJavaTempDependencyDir } from "./dependency-caching";
 import { addDiagnostic, makeDiagnostic } from "./diagnostics";
 import {
   DiffThunkRange,
@@ -166,6 +167,16 @@ export async function runExtraction(
         ) {
           await setupCppAutobuild(codeql, logger);
         }
+
+        // The Java `build-mode: none` extractor places dependencies (.jar files) in the
+        // database scratch directory by default. For dependency caching purposes, we want
+        // a stable path that caches can be restored into and that we can cache at the
+        // end of the workflow (i.e. that does not get removed when the scratch directory is).
+        if (language === Language.java && config.buildMode === BuildMode.None) {
+          process.env["CODEQL_EXTRACTOR_JAVA_OPTION_BUILDLESS_DEPENDENCY_DIR"] =
+            getJavaTempDependencyDir();
+        }
+
         await codeql.extractUsingBuildMode(config, language);
       } else {
         await codeql.extractScannedLanguage(config, language);