Update build.yml

planetlevel · Dec 10, 2024 · 10b0785 · 10b0785
1 parent e59d19d
commit 10b0785
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -24,6 +24,29 @@ jobs:
     - name: Build with Maven
       run: mvn -B package -DskipTests --file pom.xml
 
+    - uses: AppThreat/dep-scan-action@master
+      with:
+        src: /github/workspace
+        report_file: /github/workspace/reports/depscan.json
+        profile: generic
+        # Must equal "I have sponsored OWASP-dep-scan." for action to run. Required.
+        thank_you: "I have sponsored OWASP-dep-scan."
+      env:
+        VDB_HOME: ${{ github.workspace }}/db
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+#    - uses: AppThreat/dep-scan-action@master
+#      with:
+#        thank_you: "I have sponsored OWASP-dep-scan."
+#      env:
+#        VDB_HOME: ${{ github.workspace }}/db
+#        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+#    - uses: actions/upload-artifact@v4
+#      with:
+#        name: reports
+#        path: reports
+
 
     # Run Contrast SCA to analyze security open source libraries
     - name: Contrast SCA Action