Add workflows permission for Renovate #50

	# workflows/cve-scanning.yml

	name: CVE Scanning for Maven

	on:
	push:
	branches:
	- main

	# Cancel previous jobs
	concurrency:
	group: cve-scan-${{ github.ref }}
	cancel-in-progress: true

	jobs:
	depchecktest:
	runs-on: ubuntu-latest
	name: depecheck_test
	steps:
	- name: Checkout
	uses: actions/checkout@v5
	- name: Setup JDK 21
	uses: actions/setup-java@v5
	with:
	java-version: '21'
	distribution: 'temurin'
	- name: Build with Maven
	run: mvn -B clean package -DskipTests
	working-directory: .
	- name: Depcheck
	uses: dependency-check/Dependency-Check_Action@main
	id: Depcheck
	env:
	JAVA_HOME: /opt/jdk
	with:
	project: ${{github.repository}}
	path: '.'
	format: 'HTML'
	args: >
	--suppression ./allow-list.xml
	--failOnCVSS 7
	--enableRetired
	--exclude */-javadoc.jar
	--exclude */-sources.jar
	--out ./reports
	- name: Upload Test results
	if: ${{ always() }}
	uses: actions/upload-artifact@v4
	with:
	name: Depcheck report
	path: ${{github.workspace}}/reports

Provide feedback