Merge pull request #180 from doubleSlashde/bugfix/fix_dependency_check

Death111 · web-flow · commit dbed3d6f83d5 · 2025-03-10T22:04:28.000+01:00
use dependency check action for faster execution (and to make it work)
diff --git a/.github/workflows/mavenCi.yml b/.github/workflows/mavenCi.yml
@@ -15,7 +15,6 @@ on:
 jobs:
 
   build-analyze:
-
     runs-on: ubuntu-latest
 
     env:
@@ -55,18 +54,35 @@ jobs:
         uses: github/codeql-action/analyze@v3
 
   dependency-check:
-
-    runs-on: ubuntu-latest
-
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Set up JDK 17
-        uses: actions/setup-java@v4
-        with:
-          java-version: '17'
-          distribution: 'corretto'
-          cache: maven
-
-      - name: dependencyCheck
-        run:  mvn dependency-check:check
+      runs-on: ubuntu-latest
+      steps:
+        - name: Checkout
+          uses: actions/checkout@v4
+        - name: Set up JDK 17
+          uses: actions/setup-java@v4
+          with:
+            java-version: '17'
+            distribution: 'corretto'
+            cache: maven
+        - name: Build
+          run: mvn -V -B clean package
+        - name: Depcheck
+          uses: dependency-check/Dependency-Check_Action@main
+          id: Depcheck
+          env:
+            # actions/setup-java@v1 changes JAVA_HOME so it needs to be reset to match the depcheck image
+            JAVA_HOME: /opt/jdk
+          with:
+            project: 'KeepTime'
+            path: '.'
+            format: 'HTML'
+            out: 'reports' # this is the default, no need to specify unless you wish to override it
+            args: >
+              --failOnCVSS 8.9
+              --enableRetired
+        - name: Upload Test results
+          if: always()
+          uses: actions/upload-artifact@v4
+          with:
+            name: Depcheck report
+            path: ${{github.workspace}}/reports
