From 1f1fc98d426833b5b9e2af73954fdc6827dab636 Mon Sep 17 00:00:00 2001
From: "HARVEYNASH\\minh.tranquang" <minh.tranquang@nashtechglobal.com>
Date: Tue, 6 Aug 2024 12:15:50 +0700
Subject: [PATCH] #759 Create webhook

---
 .github/workflows/owasp-dependency-check-ci.yaml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/owasp-dependency-check-ci.yaml b/.github/workflows/owasp-dependency-check-ci.yaml
index 052569fc21..ea938f33e1 100644
--- a/.github/workflows/owasp-dependency-check-ci.yaml
+++ b/.github/workflows/owasp-dependency-check-ci.yaml
@@ -24,4 +24,9 @@ jobs:
             fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
         - uses: ./.github/workflows/actions
         - name: OWASP Dependency Check
-          run: mvn org.owasp:dependency-check-maven:check
\ No newline at end of file
+          run: mvn clean package org.owasp:dependency-check-maven:aggregate --file src/pom.xml -Dfmt.skip=true -DskipTests=true -fae -B -Dorg.slf4j.simpleLogger.defaultLogLevel=WARN -DfailBuildOnCVSS=7
+        - name: Upload scan results to GitHub Code Scanning
+          if: ${{ always() }}
+          uses: github/codeql-action/upload-sarif@v2
+          with:
+            sarif_file: target/dependency-check-report.sarif
\ No newline at end of file