Skip to content

CVE Scanning for Gradle #344

CVE Scanning for Gradle

CVE Scanning for Gradle #344

name: CVE Scanning for Gradle
on:
schedule:
- cron: '0 8,18 * * 1-5'
pull_request:
branches: [ main ]
paths:
- '**/build.gradle'
- 'allow-list.xml'
- '.github/workflows/cve-scanning-gradle.yml'
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
- name: Build with Gradle
run: ./gradlew build
- name: CVEs
run: ./gradlew dependencyCheckAggregate