Add dependency review step to workflows

This commit is contained in:
arkon 2022-04-13 18:34:33 -04:00
parent 2a070c0b1e
commit 07a9fd061d
2 changed files with 14 additions and 2 deletions

View File

@ -5,6 +5,9 @@ on:
- '**.md' - '**.md'
- 'app/src/main/res/**/strings.xml' - 'app/src/main/res/**/strings.xml'
permissions:
contents: read
jobs: jobs:
build: build:
name: Build app name: Build app
@ -12,11 +15,14 @@ jobs:
steps: steps:
- name: Clone repo - name: Clone repo
uses: actions/checkout@v2 uses: actions/checkout@v3
- name: Validate Gradle Wrapper - name: Validate Gradle Wrapper
uses: gradle/wrapper-validation-action@v1 uses: gradle/wrapper-validation-action@v1
- name: Dependency Review
uses: actions/dependency-review-action@v1
- name: Set up JDK 11 - name: Set up JDK 11
uses: actions/setup-java@v1 uses: actions/setup-java@v1
with: with:

View File

@ -6,6 +6,9 @@ on:
tags: tags:
- v* - v*
permissions:
contents: read
jobs: jobs:
build: build:
name: Build app name: Build app
@ -19,11 +22,14 @@ jobs:
all_but_latest: true all_but_latest: true
- name: Clone repo - name: Clone repo
uses: actions/checkout@v2 uses: actions/checkout@v3
- name: Validate Gradle Wrapper - name: Validate Gradle Wrapper
uses: gradle/wrapper-validation-action@v1 uses: gradle/wrapper-validation-action@v1
- name: Dependency Review
uses: actions/dependency-review-action@v1
- name: Set up JDK 11 - name: Set up JDK 11
uses: actions/setup-java@v1 uses: actions/setup-java@v1
with: with: