Kirs
2 years ago
committed by
GitHub
2 changed files with 73 additions and 0 deletions
@ -0,0 +1,48 @@
|
||||
# |
||||
# Licensed to the Apache Software Foundation (ASF) under one or more |
||||
# contributor license agreements. See the NOTICE file distributed with |
||||
# this work for additional information regarding copyright ownership. |
||||
# The ASF licenses this file to You under the Apache License, Version 2.0 |
||||
# (the "License"); you may not use this file except in compliance with |
||||
# the License. You may obtain a copy of the License at |
||||
# |
||||
# http://www.apache.org/licenses/LICENSE-2.0 |
||||
# |
||||
# Unless required by applicable law or agreed to in writing, software |
||||
# distributed under the License is distributed on an "AS IS" BASIS, |
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
# See the License for the specific language governing permissions and |
||||
# limitations under the License. |
||||
# |
||||
|
||||
name: OWASP Dependency Check |
||||
|
||||
on: |
||||
push: |
||||
pull_request: |
||||
paths: |
||||
- '**/pom.xml' |
||||
env: |
||||
MAVEN_OPTS: -Dmaven.wagon.httpconnectionManager.ttlSeconds=25 -Dmaven.wagon.http.retryHandler.count=3 |
||||
|
||||
jobs: |
||||
build: |
||||
runs-on: ubuntu-latest |
||||
steps: |
||||
- uses: actions/checkout@v2 |
||||
with: |
||||
submodules: true |
||||
- name: Set up JDK 8 |
||||
uses: actions/setup-java@v2 |
||||
with: |
||||
java-version: 8 |
||||
distribution: 'adopt' |
||||
- name: Run OWASP Dependency Check |
||||
run: ./mvnw -B clean install verify dependency-check:check -DskipDepCheck=false -Dmaven.test.skip=true -Dcheckstyle.skip=true |
||||
- name: Upload report |
||||
uses: actions/upload-artifact@v3 |
||||
if: ${{ cancelled() || failure() }} |
||||
continue-on-error: true |
||||
with: |
||||
name: dependency report |
||||
path: target/dependency-check-report.html |
||||
Loading…
Reference in new issue