Skip to content

Bump org.owasp:dependency-check-maven from 8.4.3 to 9.0.0 #261

Bump org.owasp:dependency-check-maven from 8.4.3 to 9.0.0

Bump org.owasp:dependency-check-maven from 8.4.3 to 9.0.0 #261

Workflow file for this run

# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
name: Java CI with Maven
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK 21
uses: actions/setup-java@v3
with:
java-version: '21'
distribution: 'temurin'
cache: maven
- name: Check for tabs
run: |
find "(" -name "*.java" -or -name "*.xml" -or -name "*.yaml" -or -name "*.yml" -or -name "*.txt" -or -name "*.md" ")" -exec grep -Pl "\t" {} \; > matches.txt
grep "" matches.txt && exit 1 || echo "No tab found!"
- name: Check for CRLF
run: |
find "(" -name "*.java" -or -name "*.xml" -or -name "*.yaml" -or -name "*.yml" -or -name "*.txt" -or -name "*.md" ")" -exec grep -Plz "\r\n" {} \; > matches.txt
grep "" matches.txt && exit 1 || echo "No CRLF found!"
- name: Check for trailing spaces
run: |
find "(" -name "*.java" -or -name "*.xml" -or -name "*.yaml" -or -name "*.yml" -or -name "*.txt" -or -name "*.md" ")" -exec grep -Pl " $" {} \; > matches.txt
grep "" matches.txt && exit 1 || echo "No trailing space found!"
- name: Build with Maven
env:
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
run: |
# Build our fork of the NVD CVE client
git clone https://github.com/maddie480/Open-Vulnerability-Project.git
cd Open-Vulnerability-Project
./gradlew publishToMavenLocal --info
cd ..
mvn -B verify -Prelease --file pom.xml
- name: Upload target folder as artifact
if: always()
uses: actions/upload-artifact@v3
with:
name: target
path: target