Maven Dependency Check #78

	---
	name: Maven Dependency Check

	on:
	schedule:
	- cron: "0 0 * * 0"
	workflow_dispatch:

	permissions: {}

	env:
	MAVEN_OPTS: >
	-Dhttps.protocols=TLSv1.2
	-Dmaven.repo.local=.m2/repository
	-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=WARN
	-Dorg.slf4j.simpleLogger.showDateTime=true
	-Djava.awt.headless=true
	MAVEN_CLI_OPTS: >
	--batch-mode
	--errors
	--fail-at-end
	--show-version
	-DinstallAtEnd=true
	-DdeployAtEnd=true

	jobs:
	build:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	- name: Set up JDK
	uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
	with:
	distribution: temurin
	java-version: 21
	- name: Dependency Check with Maven
	working-directory: xml
	env:
	NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
	shell: bash
	run: \|
	# shellcheck disable=SC2086
	./mvnw ${MAVEN_CLI_OPTS} -DdependencyCheck.NVDApiKey=${NVD_API_KEY} dependency-check:aggregate
	- name: Upload artifacts
	uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
	with:
	name: ${{ github.workflow }}
	path: xml/target/
	- name: Clean up
	working-directory: xml
	shell: bash
	run: rm "${HOME}/.m2/settings.xml"

Provide feedback