Skip to content

Bump ossf/scorecard-action from 2.2.0 to 2.3.1 #64

Bump ossf/scorecard-action from 2.2.0 to 2.3.1

Bump ossf/scorecard-action from 2.2.0 to 2.3.1 #64

Workflow file for this run

name: Dependencies
on:
push:
branches: [ main ]
tags: [ "v*.*.*" ]
schedule:
- cron: "39 5 1,15 * *"
pull_request:
branches: [ main ]
permissions: read-all
jobs:
submit-dependencies:
permissions:
contents: write # required to submit dependencies report
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: gradle/wrapper-validation-action@56b90f209b02bf6d1deae490e9ef18b21a389cd4 # v1.1.0
- name: Set up JDK
uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0 # v3.13.0
with:
java-version: '17'
distribution: 'adopt'
- name: Setup Gradle
uses: gradle/gradle-build-action@842c587ad8aa4c68eeba24c396e15af4c2e9f30a # v2.9.0
with:
dependency-graph: generate-and-submit
gradle-home-cache-cleanup: true
- name: Generate dependency report
env:
DEPENDENCY_GRAPH_INCLUDE_CONFIGURATIONS: runtimeClasspath
DEPENDENCY_GRAPH_INCLUDE_PROJECTS: "^:(?!(buildSrc|test-)).*"
run: ./gradlew allDeps --configuration runtimeClasspath