dependency check testing

SasanLabs · Jan 30, 2025 · ce21ccd · ce21ccd
1 parent 80bcd9e
commit ce21ccd
Showing 1 changed file with 24 additions and 52 deletions.
diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml
@@ -1,59 +1,31 @@
-name: Dependency Security Scan
+name: Security Check
 
 on:
+  push:
+    branches: [ main ]
   pull_request:
-    branches:
-      - master
-      - develop
+    branches: [ main ]
 
 jobs:
-  dependency-check:
-    name: OWASP Dependency Check
+  security:
     runs-on: ubuntu-latest
-
     steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      ## 🔹 Java 8 (Spring Boot) Dependency Check
-      - name: Set up JDK 8
-        uses: actions/setup-java@v3
-        with:
-          distribution: 'temurin'
-          java-version: '8'
-
-      - name: Run OWASP Dependency Check for Java (Spring Boot)
-        uses: dependency-check/Dependency-Check_Action@main
-        with:
-          project: "VulnerableApp Java Dependencies"
-          path: "./"
-          format: "HTML"
-          output: "dependency-check-report"
-          failOnCVSS: 7  # Fail build if vulnerabilities CVSS >= 7
-
-      - name: Upload Java Dependency Check Report
-        uses: actions/upload-artifact@v4
-        with:
-          name: Java-Dependency-Check-Report
-          path: dependency-check-report
-
-      ## 🔹 ReactJS / JavaScript / TypeScript Dependency Check
-      - name: Setup Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: 18
-
-      - name: Install Dependencies
-        run: npm install
-
-      - name: Run NPM Audit (Detect Vulnerabilities)
-        run: npm audit --audit-level=high || true  # Ensures it doesn't fail the pipeline
-
-      - name: Save NPM Audit Report
-        run: npm audit --json > npm-audit-report.json
-
-      - name: Upload NPM Audit Report
-        uses: actions/upload-artifact@v4
-        with:
-          name: NPM-Audit-Report
-          path: npm-audit-report.json
+    - uses: actions/checkout@v2
+
+    - name: Set up JDK
+      uses: actions/setup-java@v2
+      with:
+        java-version: '11'
+        distribution: 'adopt'
+
+    - name: Grant execute permission for gradlew
+      run: chmod +x gradlew
+
+    - name: Run dependency check
+      run: ./gradlew dependencyCheckAnalyze
+
+    - name: Upload dependency check report
+      uses: actions/upload-artifact@v2
+      with:
+        name: dependency-check-report
+        path: build/reports/dependency-check-report.html