honeymoose
/
org.hl7.fhir.core
mirror of https://github.com/hapifhir/org.hl7.fhir.core.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Create owasp.yml

This commit is contained in:
dotasek 2023-07-13 15:45:31 -04:00 committed by GitHub
parent 8cf4a62f32
commit a91749760e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 32 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
.github/workflows/owasp.yml vendored Normal file
View File

@ -0,0 +1,32 @@
name: "OWASP"
on:
schedule:
- cron: '0 0 * * *'
workflow_dispatch:
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- run: |
mvn -DskipTests install -P OWASP_CHECK
- run: |
mvn -DskipTests dependency-check:aggregate -P OWASP_CHECK
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v2
with:
# Path to SARIF file relative to the root of the repository
sarif_file: target/dependency-check-report.sarif
# Optional category for the results
# Used to differentiate multiple results for one commit
category: OWASP-analysis