Skip to content
Submit Gradle dependencies

Submit Gradle dependencies #33

Sign in to view logs

Submit Gradle dependencies

Submit Gradle dependencies #33

Workflow file for this run

.github/workflows/submit-dependencies.yaml at 9480d06
# Dependency graph doesn't automatically detect all dependencies for ecosystems like Gradle.
# GitHub Actions adds your dependencies using the dependency submission API so you can receive Dependabot alerts for known vulnerabilities.
# https://docs.github.com/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api
name: Submit Gradle dependencies
on:
workflow_dispatch:
schedule:
- cron: '0 5 * * MON' # At 05:00 on Monday.
jobs:
submit-dependencies:
name: Dependencies
runs-on: ubuntu-latest
permissions:
contents: write # The Dependency Submission API requires write permission
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Java
uses: actions/setup-java@v3
with:
distribution: temurin
java-version: 17
- name: Setup Gradle to generate and submit dependency graphs
uses: gradle/gradle-build-action@v2.9.0
with:
dependency-graph: generate-and-submit
- name: Run a build, generating the dependency graph snapshot which will be submitted
run: ./gradlew build