Skip to content

Dependency Check

Dependency Check #4

name: Dependency Check
on:
schedule:
- cron: "34 14 * * 2"
workflow_dispatch:
jobs:
dep-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/cache@v3
with:
path: ~/.gradle
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}
restore-keys: |
${{ runner.os }}-gradle-
- uses: ruby/setup-ruby@v1
with:
ruby-version: .tool-versions
bundler-cache: true
- run: |
bundle install
gem install bundler-audit
bundle-audit update
- uses: actions/setup-java@v3
with:
distribution: "temurin"
java-version: "17"
- run: chmod +x gradlew
- run: ./gradlew dependencyCheckAggregate
- uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: reports/dependency-check-report.sarif