Skip to content

Dependency-Check

Dependency-Check #124

name: Dependency-Check
on:
schedule:
- cron: '0 17 * * FRI'
workflow_dispatch:
inputs:
additionalGradleOptions:
description: 'Additional Gradle options'
required: false
default: ''
jobs:
dependency-check:
name: Dependency-Check
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '11'
- name: Validate Gradle wrapper
uses: gradle/wrapper-validation-action@v1
- name: Cache Dependency-Check Data
uses: actions/cache@v3
with:
path: dependency-check
key: dependency-check-8.4.2-data
- name: Run Dependency-Check Analysis
uses: gradle/gradle-build-action@v2
with:
arguments: '--no-daemon dependencyCheckAggregate ${{ github.event.inputs.additionalGradleOptions }}'
cache-read-only: false
- name: Upload report
uses: actions/upload-artifact@v3
if: ${{ always() }}
with:
name: reports
path: build/reports/dependency-check
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
if: github.ref == 'refs/heads/master'
with:
sarif_file: build/reports/dependency-check/dependency-check-report.sarif