Skip to content

build(deps): bump org.owasp:dependency-check-maven from 9.0.8 to 9.0.9 #9

build(deps): bump org.owasp:dependency-check-maven from 9.0.8 to 9.0.9

build(deps): bump org.owasp:dependency-check-maven from 9.0.8 to 9.0.9 #9

# Produce a software bill of materials (SBOM) and ensure that the licenses of the dependencies are compatible
# with the project
name: License compatibility checks
on: push
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'temurin'
cache: maven
- name: Produce SBOM in CycloneDX format
run: mvn cyclonedx:makeAggregateBom
- name: Produce concise license report
run: /usr/bin/python3 scripts/license-check.py --sbom target/bom.json --report
- name: Check license compliance
run: /usr/bin/python3 scripts/license-check.py --sbom target/bom.json --enforce resources/allowed-licenses.txt