Skip to content

Upgraded vulnerable dependency #23

Upgraded vulnerable dependency

Upgraded vulnerable dependency #23

name: Build and test with Gradle
on: [workflow_dispatch, workflow_call, push, pull_request]
jobs:
build:
runs-on: ${{ matrix.os }}
permissions:
security-events: write
actions: read
contents: read
strategy:
fail-fast: false
matrix:
java: [ '17', '21' ]
os: [ 'ubuntu-latest' ]
name: Java ${{ matrix.Java }}
steps:
- uses: actions/checkout@v3
with:
fetch-depth: '1'
- name: Setup java
uses: actions/setup-java@v2
with:
distribution: 'zulu'
java-version: ${{ matrix.java }}
- name: "Build and test"
shell: bash
run: |
java -version
javac -version
./gradlew --no-daemon check -x spotBugsMain -x shadowJar
- name: Publish Build
uses: actions/upload-artifact@v4
if: failure()
with:
name: build-${{ github.run_number }}-${{ matrix.java }}
path: ${{ github.workspace }}
gradle-scan:
name: Snyk gradle scan
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run Snyk to check build.gradle for vulnerabilities
uses: snyk/actions/gradle-jdk17@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
command: test
args: --severity-threshold=high --org=f310ee2f-5552-444d-84ee-ec8c44c33adb