dependency-check action for Maven

finos / code-scanning

How to protect FINOS hosted projects from security threats and license compliance issues

Apache License 2.0

8 stars 5 forks source link

Closed josspo closed 1 year ago

josspo commented 1 year ago

Create allow-list.xml to work with the new github action

maoo commented 1 year ago

The action seems to work, good stuff!

For next PR, make sure to write a clear and comprehensive description of what you did:

Updated GitHub Action for maven to use the OWASP Dependency Check Action
Created a dedicate file to manage suppressions (or list of ignored libraries) only for the maven project

I've also updated the title, please have a look. TY!