From cb8035ab40053751f1895883b6b3259eb7c3757b Mon Sep 17 00:00:00 2001 From: dotasek Date: Tue, 10 Dec 2024 15:43:36 -0500 Subject: [PATCH 1/2] WIP on master --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1e959ba88..b15e1e514 100644 --- a/pom.xml +++ b/pom.xml @@ -312,7 +312,7 @@ org.owasp dependency-check-maven - 8.2.1 + 11.1.1 cve-suppression.xml From 89a80f62e71798b477d56f51a386192ed9cfd413 Mon Sep 17 00:00:00 2001 From: dotasek Date: Tue, 10 Dec 2024 16:58:48 -0500 Subject: [PATCH 2/2] Use NVD_API_KEY --- .github/workflows/owasp.yml | 10 ++++++++-- pom.xml | 1 + 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/owasp.yml b/.github/workflows/owasp.yml index 238b77a4a..8625e3162 100644 --- a/.github/workflows/owasp.yml +++ b/.github/workflows/owasp.yml @@ -17,10 +17,16 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 - - run: | + - env: + NVD_API_KEY: + ${{ secrets.NVD_API_KEY }} + run: | mvn -DskipTests install -P OWASP_CHECK - - run: | + - env: + NVD_API_KEY: + ${{ secrets.NVD_API_KEY }} + run: | mvn -DskipTests dependency-check:aggregate -P OWASP_CHECK - name: Upload SARIF file diff --git a/pom.xml b/pom.xml index b15e1e514..117ed0031 100644 --- a/pom.xml +++ b/pom.xml @@ -314,6 +314,7 @@ dependency-check-maven 11.1.1 + NVD_API_KEY cve-suppression.xml