use Dependency check action

> This action uses the docker image built every night > in https://github.com/dependency-check/DependencyCheck_Builder. > This image includes the updated vulnerabilities database > so there is no need to update it. Therefore, it speeds up the test. [https://github.com/dependency-check/Dependency-Check_Action] Signed-off-by: Manfred Hanke <[email protected]>
TNG · Dec 13, 2023 · dfa8674 · dfa8674
1 parent c2691c1
commit dfa8674
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -40,4 +40,12 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4
       - name: Check dependencies
-        run: ./mvnw --batch-mode --no-transfer-progress -e dependency-check:check -DnvdApiKey='${{ secrets.NVD_API_KEY }}'
+        uses: dependency-check/Dependency-Check_Action@main
+        id: Depcheck
+        with:
+          project: 'property-loader'
+          path: '.'
+          format: 'HTML'
+          args: >
+            --failOnCVSS 5
+            --nvdApiKey '${{ secrets.NVD_API_KEY }}'