debedb · October 15, 2024 05:20
diff --git a/dependabot.yml b/dependabot.yml
 name: Scan for CVEs

 on:
  schedule:
    - cron: '0 * * * *'
    
  workflow_dispatch:
  repository_dispatch:
    types:
      - sync-prs

 jobs:
  gradle-scan:
    runs-on: ubuntu-latest

    steps:
      - name: 'Checkout Repository'
        uses: actions/checkout@v3

      - name: Set up JDK 17
        uses: actions/setup-java@v3
        with:
          distribution: 'temurin'
          java-version: 17

      - name: Gradle Dependency Submission
        uses: mikepenz/[email protected]
        with:
          gradle-project-path: "src/main/java"
          gradle-build-module: |-
            :

  python-scan:
    runs-on: ubuntu-latest

    steps:
      - name: 'Checkout Repository'
        uses: actions/checkout@v3

      - name: Set up Python
        uses: actions/setup-python@v4
        with:
          python-version: '3.x'

      - name: Install dependencies for Python
        run: |
          cd src/main/python
          python -m pip install --upgrade pip
          pip install -r requirements.txt

      - name: Install CycloneDX for Python
        run: |
          pip install cyclonedx-bom

      - name: Generate CycloneDX BOM for Python
        run: |
          cd src/main/python
          cyclonedx-py requirements -o bom.json

      - name: Upload Python BOM
        uses: actions/upload-artifact@v3
        with:
          name: python-bom
          path: src/main/python/bom.json

  node-scan:
    runs-on: ubuntu-latest

    steps:
      - name: 'Checkout Repository'
        uses: actions/checkout@v3

      - name: Set up Node.js
        uses: actions/setup-node@v3
        with:
          node-version: '18'

      - name: Install dependencies for Node.js
        run: |
          cd src/main/node
          npm install

      - name: Install CycloneDX for Node.js
        run: |
          cd src/main/node	
          npm install -g @cyclonedx/bom

      - name: Generate CycloneDX BOM for Node.js
        run: |
          cd src/main/node
          npx cyclonedx-bom -o bom.json

      - name: Upload Node.js BOM
        uses: actions/upload-artifact@v3
        with:
          name: node-bom
          path: src/main/node/bom.json
	name: Scan for CVEs

	on:
	schedule:
	- cron: '0 * * * *'

	workflow_dispatch:
	repository_dispatch:
	types:
	- sync-prs

	jobs:
	gradle-scan:
	runs-on: ubuntu-latest

	steps:
	- name: 'Checkout Repository'
	uses: actions/checkout@v3

	- name: Set up JDK 17
	uses: actions/setup-java@v3
	with:
	distribution: 'temurin'
	java-version: 17

	- name: Gradle Dependency Submission
	uses: mikepenz/[email protected]
	with:
	gradle-project-path: "src/main/java"
	gradle-build-module: \|-
	:

	python-scan:
	runs-on: ubuntu-latest

	steps:
	- name: 'Checkout Repository'
	uses: actions/checkout@v3

	- name: Set up Python
	uses: actions/setup-python@v4
	with:
	python-version: '3.x'

	- name: Install dependencies for Python
	run: \|
	cd src/main/python
	python -m pip install --upgrade pip
	pip install -r requirements.txt

	- name: Install CycloneDX for Python
	run: \|
	pip install cyclonedx-bom

	- name: Generate CycloneDX BOM for Python
	run: \|
	cd src/main/python
	cyclonedx-py requirements -o bom.json

	- name: Upload Python BOM
	uses: actions/upload-artifact@v3
	with:
	name: python-bom
	path: src/main/python/bom.json

	node-scan:
	runs-on: ubuntu-latest

	steps:
	- name: 'Checkout Repository'
	uses: actions/checkout@v3

	- name: Set up Node.js
	uses: actions/setup-node@v3
	with:
	node-version: '18'

	- name: Install dependencies for Node.js
	run: \|
	cd src/main/node
	npm install

	- name: Install CycloneDX for Node.js
	run: \|
	cd src/main/node
	npm install -g @cyclonedx/bom

	- name: Generate CycloneDX BOM for Node.js
	run: \|
	cd src/main/node
	npx cyclonedx-bom -o bom.json

	- name: Upload Node.js BOM
	uses: actions/upload-artifact@v3
	with:
	name: node-bom
	path: src/main/node/bom.json