diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml new file mode 100644 index 0000000..601dda3 --- /dev/null +++ b/.github/workflows/dependency-review.yml @@ -0,0 +1,35 @@ +# Submits a dependency graph and performs dependency review on every pull request +name: Dependency review for pull requests + +on: + pull_request: + +permissions: + contents: write + +jobs: + dependency-submission: + runs-on: ubuntu-latest + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Set up the JDK used to run Gradle + uses: actions/setup-java@v4 + with: + distribution: 'temurin' + java-version: '17' + + - name: Generate and submit dependency graph for the PR + uses: gradle/actions/dependency-submission@v3 + with: + build-scan-publish: true + build-scan-terms-of-service-url: "https://gradle.com/terms-of-service" + build-scan-terms-of-service-agree: "yes" + + dependency-review: + needs: dependency-submission + runs-on: ubuntu-latest + steps: + - name: Perform dependency review + uses: actions/dependency-review-action@v4 diff --git a/.github/workflows/dependency-submission.yml b/.github/workflows/dependency-submission.yml new file mode 100644 index 0000000..012fa53 --- /dev/null +++ b/.github/workflows/dependency-submission.yml @@ -0,0 +1,30 @@ +# Submits a dependency graph on every push to 'main' +name: Dependency Submission + +on: + push: + branches: + - main + +permissions: + contents: write + +jobs: + dependency-submission: + runs-on: ubuntu-latest + steps: + - name: Checkout sources + uses: actions/checkout@v4 + + - name: Set up the JDK used to run Gradle + uses: actions/setup-java@v4 + with: + distribution: 'temurin' + java-version: '17' + + - name: Generate and submit dependency graph + uses: gradle/actions/dependency-submission@v3 + with: + build-scan-publish: true + build-scan-terms-of-service-url: "https://gradle.com/terms-of-service" + build-scan-terms-of-service-agree: "yes"