Update cve-scanning.yml

finos · Jun 28, 2023 · 4ed1cb6 · 4ed1cb6
1 parent 106f9a9
commit 4ed1cb6
Showing 1 changed file with 21 additions and 11 deletions.
diff --git a/.github/workflows/cve-scanning.yml b/.github/workflows/cve-scanning.yml
@@ -8,17 +8,27 @@ on:
       - '.github/workflows/cve-scanning.yml'
 
 jobs:
-   scan:
+  depchecktest:
     runs-on: ubuntu-latest
+    name: depecheck_test
     steps:
-      - uses: actions/checkout@v3
-      - name: Set up JDK 1.16
-        uses: actions/setup-java@v1
-        with:
-          java-version: 1.16
-      - name: Dependency Check
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Build project with Maven
+        run: mvn clean install
+      - name: Depcheck
         uses: dependency-check/Dependency-Check_Action@1.1.0
-        env:
-          JAVA_HOME: /opt/jdk
-      - name: Build with Maven
-        run: mvn clean install org.owasp:dependency-check-maven:check -DfailBuildOnCVSS=10 -DsuppressionFile="allow-list.xml"
+        id: Depcheck
+        with:
+          project: 'vuu'
+          path: '.'
+          format: 'HTML'
+          out: 'reports' # this is the default, no need to specify unless you wish to override it
+          args: >
+            --failOnCVSS 7
+            --enableRetired
+      - name: Upload Test results
+        uses: actions/upload-artifact@master
+        with:
+           name: Depcheck report
+           path: ${{github.workspace}}/reports