try #2

	# This workflow submits dependency information to GitHub's dependency graph
	# for analysis by security features like Dependabot, security advisories, and supply chain reports.
	# It runs on the default branch to ensure accurate dependency information is submitted.
	#
	# Source: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-automatic-dependency-submission-for-your-repository

	name: Dependency submission

	on:
	push:
	branches:
	- main

	permissions:
	contents: read

	jobs:
	dependency-submission:
	permissions:
	contents: write
	runs-on: ubuntu-latest
	steps:
	- name: 'Checkout Repository'
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

	- name: Set up JDK
	uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
	with:
	distribution: temurin
	java-version-file: .java-version

	- name: Setup Gradle
	uses: gradle/actions/setup-gradle@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1
	with:
	dependency-graph: generate-and-submit

	- name: Generate dependency submission
	run: \|
	# Run a task that resolves dependencies across all subprojects
	# This ensures the dependency graph captures all dependencies used in the project
	./gradlew dependencies

Provide feedback