mirror of
https://github.com/alex289/CleanArchitecture.git
synced 2025-06-29 18:21:08 +00:00
56 lines
1.3 KiB
YAML
56 lines
1.3 KiB
YAML
name: Dependency Check
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
schedule:
|
|
- cron: '0 0 1 * *'
|
|
|
|
env:
|
|
solutionFile: CleanArchitecture.sln
|
|
projectName: CleanArchitecture
|
|
|
|
jobs:
|
|
checkLicenses:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Install .NET Core
|
|
uses: actions/setup-dotnet@v4
|
|
with:
|
|
dotnet-version: |
|
|
9.x.x
|
|
|
|
- name: Restore dependencies
|
|
run: dotnet restore
|
|
|
|
- name: Check for license issues
|
|
run: |
|
|
dotnet new tool-manifest
|
|
dotnet tool install --local liz.tool
|
|
dotnet liz "${{ env.solutionFile }}" --blacklist .github/license-blacklist.json --suppress-progressbar
|
|
|
|
checkVulnerabilities:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Check for vulnerabilities
|
|
uses: dependency-check/Dependency-Check_Action@main
|
|
id: depcheck
|
|
with:
|
|
project: ${{ env.projectName }}
|
|
path: "**/*.csproj"
|
|
format: "HTML"
|
|
out: "reports"
|
|
args: >
|
|
--failOnCVSS "7"
|
|
|
|
- name: Upload test results
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: Dependency Check Report
|
|
path: ${{github.workspace}}/reports
|