CI: add dependency check

2022-12-04 22:25:04 +01:00 · 2022-12-04 22:25:04 +01:00 · 709ace5d4f
parent b7595a371d
commit 709ace5d4f
1 changed files with 6 additions and 0 deletions
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@ -30,6 +30,12 @@ pipeline:
    when:
      event: [pull_request]

+  dependency_check:
+    image: registry.gitlab.com/gitlab-ci-utils/docker-dependency-check:latest
+    commands:
+      - /usr/share/dependency-check/bin/dependency-check.sh --scan "./" --format ALL --project "$CI_REPO" --failOnCVSS 0
+      - if [ $(grep -c "vulnerabilities" dependency-check-report.json) -gt 0 ]; then exit 2; fi
+
  package:
    image: gitnet.fr/deblan/devenv
    volumes: