diff --git a/.github/workflows/quality-monitor.yml b/.github/workflows/quality-monitor.yml index b1a6d48a6..8c5ed052c 100644 --- a/.github/workflows/quality-monitor.yml +++ b/.github/workflows/quality-monitor.yml @@ -24,10 +24,16 @@ jobs: uses: stCarolas/setup-maven@v5 with: maven-version: 3.9.9 + - name: Cache the NVD database + uses: actions/cache@v4 + with: + path: ~/.m2/repository/org/owasp/dependency-check-data + key: dependency-check - name: Build with Maven env: BROWSER: chrome-container - run: mvn -V --color always -ntp clean verify -Pci | tee maven.log + NVD_API_KEY: ${{ secrets.NVD_API_KEY }} + run: mvn -V --color always -ntp clean verify -Pci -Powasp | tee maven.log - name: Extract pull request number uses: jwalton/gh-find-current-pr@v1 id: pr @@ -39,14 +45,14 @@ jobs: config: > { "tests": { - "name": "Tests", "tools": [ { "id": "test", "name": "Tests", "pattern": "**/target/*-reports/TEST*.xml" } - ] + ], + "name": "Tests" }, "analysis": [ { @@ -78,6 +84,17 @@ jobs: "pattern": "**/maven.log" } ] + }, + { + "name": "Vulnerabilities", + "id": "vulnerabilities", + "icon": "shield", + "tools": [ + { + "id": "owasp-dependency-check", + "pattern": "**/target/dependency-check-report.json" + } + ] } ], "coverage": [