/DependencyCheck_Action

MIT LicenseMIT

Dependency check action

This action uses the docker image built every night in [link to build repo]. This image includes the updated vulnerabilities database so there is no need to update it. Therefore, it speeds up the test.

By now, the action receives three parameters. Project name, scanpath and report format, but more parameters can be added as optional

Example:


on: [push]

jobs:
  depchecktest:
    runs-on: ubuntu-latest
    name: depecheck_test
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Build project with Maven
        run: mvn clean install
      - name: Depcheck
        uses: javixeneize/DependencyCheck_Action@main
        id: Depcheck
        with:
          project: 'test'
          path: '.'
          format: 'HTML'    
      - name: Upload Test results
        uses: actions/upload-artifact@master
        with:
           name: Depcheck report
           path: ${{github.workspace}}/reports