Run dependency-check daily

commit-id:9684bd9e
This commit is contained in:
Paul Campbell 2022-10-05 22:10:17 +01:00
parent 48303c9e61
commit 5f5dcbced7
2 changed files with 30 additions and 1 deletions

10
.github/workflows/dependency-check.yml vendored Normal file
View file

@ -0,0 +1,10 @@
on:
schedule:
- cron: '30 5 * * *'
jobs:
test_dependencies:
runs-on: ubuntu-latest
steps:
- name: check dependencies
run: mvn dependency-check:check

21
pom.xml
View file

@ -12,12 +12,13 @@
</parent> </parent>
<artifactId>kemitix-trello</artifactId> <artifactId>kemitix-trello</artifactId>
<version>2.0.2</version> <version>2.0.3</version>
<properties> <properties>
<tiles-maven-plugin.version>2.18</tiles-maven-plugin.version> <tiles-maven-plugin.version>2.18</tiles-maven-plugin.version>
<kemitix-tiles.version>2.10.0</kemitix-tiles.version> <kemitix-tiles.version>2.10.0</kemitix-tiles.version>
<dependency-check-maven.version>7.2.1</dependency-check-maven.version>
<trello-java-wrapper.version>0.14</trello-java-wrapper.version> <trello-java-wrapper.version>0.14</trello-java-wrapper.version>
<jackson.version>2.14.0-rc1</jackson.version> <jackson.version>2.14.0-rc1</jackson.version>
<httpmime.version>4.5.13</httpmime.version> <httpmime.version>4.5.13</httpmime.version>
@ -103,6 +104,24 @@
</tiles> </tiles>
</configuration> </configuration>
</plugin> </plugin>
<plugin>
<groupId>org.owasp</groupId>
<artifactId>dependency-check-maven</artifactId>
<version>${dependency-check-maven.version}</version>
<configuration>
<skipProvidedScope>true</skipProvidedScope>
<skipRuntimeScope>true</skipRuntimeScope>
<skipTestScope>true</skipTestScope>
<failBuildOnCVSS>7</failBuildOnCVSS>
</configuration>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins> </plugins>
</build> </build>