diff --git a/.github/workflows/owasp.yml b/.github/workflows/owasp.yml index 450ac3ce9..ef866e57b 100644 --- a/.github/workflows/owasp.yml +++ b/.github/workflows/owasp.yml @@ -33,8 +33,9 @@ jobs: - name: Generate DependencyCheck report run: ./gradlew dependencyCheckAggregate + env: + ORG_GRADLE_PROJECT_OWASP_API_KEY: ${{ secrets.ORG_GRADLE_PROJECT_OWASP_API_KEY }} - name: upload-sarif-4 uses: github/codeql-action/upload-sarif@v2 with: sarif_file: ./build/reports/owasp-dependency-check/dependency-check-report.sarif - diff --git a/build.gradle b/build.gradle index 46a55d4b6..5557d7f7e 100644 --- a/build.gradle +++ b/build.gradle @@ -9,7 +9,7 @@ plugins { id 'ca.cutterslade.analyze' version '1.9.1' id 'io.spring.dependency-management' version '1.1.4' apply false id 'org.springframework.boot' version '3.2.0' apply false - id 'org.owasp.dependencycheck' version '8.4.3' + id 'org.owasp.dependencycheck' version '9.0.2' id 'com.diffplug.spotless' version '6.23.3' id 'com.bmuschko.docker-spring-boot-application' version '9.4.0' apply false } @@ -201,6 +201,7 @@ allprojects { dependencyCheck { outputDirectory = "$buildDir/reports/owasp-dependency-check" formats = [ReportGenerator.Format.SARIF.toString()] + nvd.apiKey = project.findProperty("OWASP_API_KEY") } def static readEnvFile(path = ".env") {