From 6d2a734c8b471e54e325f322d78d67eaf1d523be Mon Sep 17 00:00:00 2001
From: Michal Maciejewski <michal.mac@gmail.com>
Date: Sat, 30 Sep 2023 19:29:00 +0200
Subject: [PATCH] build: submit dependency graph when deploy-on-pr-merge

 Generate a complete dependency graph and submit the graph to the GitHub repository.
 The goal is to improve security alerts from dependabot, because dependabot is not able to compute the complete dependency graph.
---
 .github/workflows/deploy-on-pr-merge.yaml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/workflows/deploy-on-pr-merge.yaml b/.github/workflows/deploy-on-pr-merge.yaml
index 9e56e91d071..332a3dfe178 100644
--- a/.github/workflows/deploy-on-pr-merge.yaml
+++ b/.github/workflows/deploy-on-pr-merge.yaml
@@ -43,5 +43,10 @@ jobs:
           MAVEN_USERNAME: ${{ secrets.REPOMATSIM_USERNAME }}
           MAVEN_PASSWORD: ${{ secrets.REPOMATSIM_TOKEN }}
 
+      - name: Submit Dependency Graph
+        # Generate a complete dependency graph and submit the graph to the GitHub repository.
+        # The goal is to improve security alerts from dependabot, because dependabot is not able to compute the complete dependency graph.
+        uses: advanced-security/maven-dependency-submission-action@v3
+
     env:
       MAVEN_OPTS: -Xmx2g