.github/workflows/check-dependencies.yml - incubator-hugegraph - Git at Google

 name: "3rd-party"

 on:
   push:
     branches:
       - /^release-.*$/
   pull_request:

 permissions:
   contents: read

 jobs:
   dependency-check:
     runs-on: ubuntu-latest
     env:
       SCRIPT_DEPENDENCY: hugegraph-server/hugegraph-dist/scripts/dependency
     steps:
       - name: Checkout source
         uses: actions/checkout@v3
       - name: Set up JDK 11
         uses: actions/setup-java@v3
         with:
           java-version: '11'
           distribution: 'adopt'
       - name: mvn install
         run: |
           mvn install -DskipTests=true -ntp
       - name: generate current dependencies
         run: |
           bash $SCRIPT_DEPENDENCY/regenerate_known_dependencies.sh current-dependencies.txt
       - name: check third dependencies
         run: |
           bash $SCRIPT_DEPENDENCY/check_dependencies.sh

   dependency-review:
     runs-on: ubuntu-latest
     steps:
       - name: 'Checkout Repository'
         uses: actions/checkout@v3
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@v3
         # Refer: https://github.com/actions/dependency-review-action
         with:
           fail-on-severity: low
           # Action will fail if dependencies don't match the list
           #allow-licenses: Apache-2.0, MIT
           #deny-licenses: GPL-3.0, AGPL-1.0, AGPL-3.0, LGPL-2.0, CC-BY-3.0
	name: "3rd-party"

	on:
	push:
	branches:
	- /^release-.*$/
	pull_request:

	permissions:
	contents: read

	jobs:
	dependency-check:
	runs-on: ubuntu-latest
	env:
	SCRIPT_DEPENDENCY: hugegraph-server/hugegraph-dist/scripts/dependency
	steps:
	- name: Checkout source
	uses: actions/checkout@v3
	- name: Set up JDK 11
	uses: actions/setup-java@v3
	with:
	java-version: '11'
	distribution: 'adopt'
	- name: mvn install
	run: \|
	mvn install -DskipTests=true -ntp
	- name: generate current dependencies
	run: \|
	bash $SCRIPT_DEPENDENCY/regenerate_known_dependencies.sh current-dependencies.txt
	- name: check third dependencies
	run: \|
	bash $SCRIPT_DEPENDENCY/check_dependencies.sh

	dependency-review:
	runs-on: ubuntu-latest
	steps:
	- name: 'Checkout Repository'
	uses: actions/checkout@v3
	- name: 'Dependency Review'
	uses: actions/dependency-review-action@v3
	# Refer: https://github.com/actions/dependency-review-action
	with:
	fail-on-severity: low
	# Action will fail if dependencies don't match the list
	#allow-licenses: Apache-2.0, MIT
	#deny-licenses: GPL-3.0, AGPL-1.0, AGPL-3.0, LGPL-2.0, CC-BY-3.0