Skip to content

Added mao's scanning actions from FINOS security scanning #48

Added mao's scanning actions from FINOS security scanning

Added mao's scanning actions from FINOS security scanning #48

Workflow file for this run

name: Maven CVE Scanning
on:
pull_request:
paths:
- 'pom.xml'
- '.github/workflows/cve-scanning.yml'
push:
paths:
- 'pom.xml'
- '.github/workflows/cve-scanning.yml'
schedule:
# Run every day at 5am and 5pm
- cron: '0 5,17 * * *'
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'adopt'
- name: Build with Maven
run: mvn install org.owasp:dependency-check-maven:check -DskipTests -DfailBuildOnCVSS=8 -DsuppressionFile=".github/workflows/allow-list.xml"