gradle/actions
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit
Some checks failed
CI-integ-test-full / caching-integ-tests (push) Failing after 32s
Details
CI-integ-test-full / other-integ-tests (push) Failing after 29m15s
Details
Update Wrapper checksums file / Update checksums (push) Failing after 1m50s
Details
CI-codeql / Analyze (javascript-typescript) (push) Failing after 1m22s
Details

Browse Source
This commit is contained in:
Sebastiaan de Schaetzen
2024-09-25 17:07:42 +02:00
commit b3863e10a2
202 changed files with 944555 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
dependency-submission/README.md Normal file
View File

@@ -0,0 +1,35 @@
## The `dependency-submission` action
Generates and submits a dependency graph for a Gradle project, allowing GitHub to alert about reported vulnerabilities in your project dependencies.
The following workflow will generate a dependency graph for a Gradle project and submit it immediately to the repository via the
Dependency Submission API. For most projects, this default configuration should be all that you need.
Simply add this as a new workflow file to your repository (eg `.github/workflows/dependency-submission.yml`).
```yaml
name: Dependency Submission
on:
push:
branches: ['main']
permissions:
contents: write
jobs:
dependency-submission:
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v4
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: 17
- name: Generate and submit dependency graph
uses: gradle/actions/dependency-submission@v4
```
See the [full action documentation](../docs/dependency-submission.md) for more advanced usage scenarios.