Skip to content

Dependency License Scanning #59

Dependency License Scanning

Dependency License Scanning #59

Workflow file for this run

name: Dependency License Scanning
on:
workflow_dispatch:
schedule:
- cron: '0 0 * * 0' # At 00:00 on Sunday
permissions:
contents: read
jobs:
fossa:
name: Fossa
runs-on: ubuntu-latest
if: github.event.repository.fork == false
steps:
- name: Checkout
# https://github.com/actions/checkout/releases
# v3.3.0
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c
with:
# we don't know what commit the last tag was it's safer to get entire repo so previousStableVersion resolves
fetch-depth: 0
- name: Set up JDK 11
# https://github.com/coursier/setup-action/releases
# v1.3.0
uses: coursier/setup-action@70323223454ac2a9eb2de46f389b4d045cbcdea5
with:
jvm: temurin:1.11
- name: Cache Coursier cache
# https://github.com/coursier/cache-action/releases/
# v6.4.3
uses: coursier/cache-action@d1039466d0812d6370649b9afb02bbf5f646bacf
- name: FOSSA policy check
run: |-
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/fossa-cli/master/install-latest.sh | bash
fossa analyze
env:
FOSSA_API_KEY: "${{secrets.FOSSA_API_KEY}}"