gradle/actions
1
0
Fork 0
mirror of https://github.com/gradle/actions synced 2024-11-23 18:02:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
actions/dependency-submission
History
daz add58192d1
Some checks are pending
CI-check-and-unit-test / check-format-and-unit-test (push) Waiting to run
Details
CI-codeql / Analyze (javascript-typescript) (push) Waiting to run
Details
CI-init-script-check / test-init-scripts (push) Waiting to run
Details
CI-integ-test / build-distribution (push) Waiting to run
Details
CI-integ-test / caching-integ-tests (push) Blocked by required conditions
Details
CI-integ-test / other-integ-tests (push) Blocked by required conditions
Details
CI-update-dist / update-dist (push) Waiting to run
Details
Improve parameter description for 'cache-cleanup'
2024-08-05 10:54:56 -06:00
..
action.yml Improve parameter description for 'cache-cleanup' 2024-08-05 10:54:56 -06:00
README.md Update docs for v4 release 2024-08-03 16:39:51 -06:00

README.md

The dependency-submission action

Generates and submits a dependency graph for a Gradle project, allowing GitHub to alert about reported vulnerabilities in your project dependencies.

The following workflow will generate a dependency graph for a Gradle project and submit it immediately to the repository via the Dependency Submission API. For most projects, this default configuration should be all that you need.

Simply add this as a new workflow file to your repository (eg .github/workflows/dependency-submission.yml).

name: Dependency Submission

on:
  push:
    branches: ['main']

permissions:
  contents: write

jobs:
  dependency-submission:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout sources
      uses: actions/checkout@v4
    - name: Setup Java
      uses: actions/setup-java@v4
      with:
        distribution: 'temurin'
        java-version: 17
    - name: Generate and submit dependency graph
      uses: gradle/actions/dependency-submission@v4

See the full action documentation for more advanced usage scenarios.