File tree Expand file tree Collapse file tree 2 files changed +4
-2
lines changed Expand file tree Collapse file tree 2 files changed +4
-2
lines changed Original file line number Diff line number Diff line change 3333
3434 - name : Generate DependencyCheck report
3535 run : ./gradlew dependencyCheckAggregate
36+ env :
37+ ORG_GRADLE_PROJECT_OWASP_API_KEY : ${{ secrets.ORG_GRADLE_PROJECT_OWASP_API_KEY }}
3638 - name : upload-sarif-4
3739 uses : github/codeql-action/upload-sarif@v2
3840 with :
3941 sarif_file : ./build/reports/owasp-dependency-check/dependency-check-report.sarif
40-
Original file line number Diff line number Diff line change @@ -9,7 +9,7 @@ plugins {
99 id ' ca.cutterslade.analyze' ' 1.9.1'
1010 id ' io.spring.dependency-management' ' 1.1.4' false
1111 id ' org.springframework.boot' ' 3.2.0' false
12- id ' org.owasp.dependencycheck' ' 8.4.3 '
12+ id ' org.owasp.dependencycheck' ' 9.0.2 '
1313 id ' com.diffplug.spotless' ' 6.23.3'
1414 id ' com.bmuschko.docker-spring-boot-application' ' 9.4.0' false
1515}
@@ -201,6 +201,7 @@ allprojects {
201201dependencyCheck {
202202 outputDirectory = " $buildDir /reports/owasp-dependency-check"
203203 formats = [ReportGenerator.Format . SARIF . toString()]
204+ nvd. apiKey = project. findProperty(" OWASP_API_KEY"
204205}
205206
206207def static readEnvFile (path = " .env"
You can’t perform that action at this time.
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
0 commit comments