@@ -204,30 +204,19 @@ jobs:
204204 steps :
205205 - name : checkout
206206 uses : actions/checkout@v4.1.0
207- - name : Gitleaks
208- continue-on-error : true
209- # You may pin to the exact commit or the version.
210- # uses: gitleaks/gitleaks-action@e6dab246340401bf53eec993b8f05aebe80ac636
211- uses : gitleaks/gitleaks-action@v2.3.4
212- env :
213- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
214- # GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}} # Only required for Organizations, not personal accounts.
215- - name : Depcheck
216- uses : dependency-check/Dependency-Check_Action@main
217- id : Depcheck
218- with :
219- project : ' test'
220- path : ' .'
221- format : ' HTML'
222- out : ' reports' # this is the default, no need to specify unless you wish to override it
223- args : >
224- --failOnCVSS 7
225- --enableRetired
226- name : Upload Test results
227- uses : actions/upload-artifact@master
207+ # - name: Gitleaks
208+ # continue-on-error: true
209+ # # You may pin to the exact commit or the version.
210+ # # uses: gitleaks/gitleaks-action@e6dab246340401bf53eec993b8f05aebe80ac636
211+ # uses: gitleaks/gitleaks-action@v2.3.4
212+ # env:
213+ # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
214+ # #GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}} # Only required for Organizations, not personal accounts.
215+ - name : Dependency Review
216+ uses : actions/dependency-review-action@v4.3.2
228217 with :
229- name : Depcheck report
230- path : ${{github.workspace}}/reports
218+ base-ref : ${{ github.ref }}
219+ head-ref : ${{ github.sha }}
231220 test-run_devopsshield_scan_linux :
232221 name : Run DevOps Shield Scan Linux
233222 needs :
0 commit comments