From 70208713236776b6c9a308799d5ce0c10251447c Mon Sep 17 00:00:00 2001 From: Vlado Kragujevski <50583818+vladokrsymphony@users.noreply.github.com> Date: Fri, 8 Aug 2025 08:08:55 +0200 Subject: [PATCH 1/7] Use NVD API key --- .github/workflows/cve-scanning-gradle.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/cve-scanning-gradle.yml b/.github/workflows/cve-scanning-gradle.yml index f5285e64c..c290f4bcf 100644 --- a/.github/workflows/cve-scanning-gradle.yml +++ b/.github/workflows/cve-scanning-gradle.yml @@ -24,4 +24,6 @@ jobs: run: ./gradlew build - name: CVEs run: ./gradlew dependencyCheckAggregate + env: + NVD_API_KEY: ${{ secrets.NVD_API_KEY }} From 4999bc77f768739e64fa80e28dbd84d8a18edc56 Mon Sep 17 00:00:00 2001 From: Vlado Kragujevski <50583818+vladokrsymphony@users.noreply.github.com> Date: Fri, 8 Aug 2025 08:22:05 +0200 Subject: [PATCH 2/7] Set nvd api key as command argument --- .github/workflows/cve-scanning-gradle.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/cve-scanning-gradle.yml b/.github/workflows/cve-scanning-gradle.yml index c290f4bcf..8d733a0a7 100644 --- a/.github/workflows/cve-scanning-gradle.yml +++ b/.github/workflows/cve-scanning-gradle.yml @@ -22,8 +22,11 @@ jobs: distribution: 'temurin' - name: Build with Gradle run: ./gradlew build + - run: echo "Key length: ${#NVD_API_KEY}" + env: + NVD_API_KEY: ${{ secrets.NVD_API_KEY }} - name: CVEs - run: ./gradlew dependencyCheckAggregate + run: ./gradlew dependencyCheckAggregate -Dnvd.api.key=$NVD_API_KEY env: NVD_API_KEY: ${{ secrets.NVD_API_KEY }} From 73d28c131573080c3cd0b30d07fda7929fa8945f Mon Sep 17 00:00:00 2001 From: Vlado Kragujevski <50583818+vladokrsymphony@users.noreply.github.com> Date: Fri, 8 Aug 2025 08:33:15 +0200 Subject: [PATCH 3/7] Fix CVE scan --- .github/workflows/cve-scanning-gradle.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.github/workflows/cve-scanning-gradle.yml b/.github/workflows/cve-scanning-gradle.yml index 8d733a0a7..295032e58 100644 --- a/.github/workflows/cve-scanning-gradle.yml +++ b/.github/workflows/cve-scanning-gradle.yml @@ -22,9 +22,6 @@ jobs: distribution: 'temurin' - name: Build with Gradle run: ./gradlew build - - run: echo "Key length: ${#NVD_API_KEY}" - env: - NVD_API_KEY: ${{ secrets.NVD_API_KEY }} - name: CVEs run: ./gradlew dependencyCheckAggregate -Dnvd.api.key=$NVD_API_KEY env: From b8eb7606d6f52f3261cd5ebefd310a5d08fa2f0d Mon Sep 17 00:00:00 2001 From: Vlado Kragujevski <50583818+vladokrsymphony@users.noreply.github.com> Date: Fri, 8 Aug 2025 08:42:37 +0200 Subject: [PATCH 4/7] check nvd api key --- .github/workflows/cve-scanning-gradle.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/cve-scanning-gradle.yml b/.github/workflows/cve-scanning-gradle.yml index 295032e58..92459d546 100644 --- a/.github/workflows/cve-scanning-gradle.yml +++ b/.github/workflows/cve-scanning-gradle.yml @@ -20,6 +20,10 @@ jobs: with: java-version: '17' distribution: 'temurin' + - name: Check NVD API Key + run: echo "Key length: ${#NVD_API_KEY}" + env: + NVD_API_KEY: ${{ secrets.NVD_API_KEY }} - name: Build with Gradle run: ./gradlew build - name: CVEs From 400900f0d89c39f1197a1d27e62dbfd96bfc0f12 Mon Sep 17 00:00:00 2001 From: Vlado Kragujevski <50583818+vladokrsymphony@users.noreply.github.com> Date: Fri, 8 Aug 2025 08:48:24 +0200 Subject: [PATCH 5/7] fix the check of nvd api key --- .github/workflows/cve-scanning-gradle.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/cve-scanning-gradle.yml b/.github/workflows/cve-scanning-gradle.yml index 92459d546..d6fcdb5b9 100644 --- a/.github/workflows/cve-scanning-gradle.yml +++ b/.github/workflows/cve-scanning-gradle.yml @@ -21,7 +21,8 @@ jobs: java-version: '17' distribution: 'temurin' - name: Check NVD API Key - run: echo "Key length: ${#NVD_API_KEY}" + shell: bash + run: echo "Key length: ${#NVD_API_KEY}" || echo "Could not determine key length" env: NVD_API_KEY: ${{ secrets.NVD_API_KEY }} - name: Build with Gradle From d92d07ceb0243cccfdcf1cc250ddfe9134d43d0c Mon Sep 17 00:00:00 2001 From: Vlado Kragujevski <50583818+vladokrsymphony@users.noreply.github.com> Date: Fri, 8 Aug 2025 08:54:54 +0200 Subject: [PATCH 6/7] fix syntax error --- .github/workflows/cve-scanning-gradle.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cve-scanning-gradle.yml b/.github/workflows/cve-scanning-gradle.yml index d6fcdb5b9..2b7ab6a7c 100644 --- a/.github/workflows/cve-scanning-gradle.yml +++ b/.github/workflows/cve-scanning-gradle.yml @@ -22,7 +22,7 @@ jobs: distribution: 'temurin' - name: Check NVD API Key shell: bash - run: echo "Key length: ${#NVD_API_KEY}" || echo "Could not determine key length" + run: echo "Key length: ${#NVD_API_KEY}" \|\| echo "Could not determine key length" env: NVD_API_KEY: ${{ secrets.NVD_API_KEY }} - name: Build with Gradle From 88069ba3762904e12e4bd716896ab054d7f42ce9 Mon Sep 17 00:00:00 2001 From: Vlado Kragujevski <50583818+vladokrsymphony@users.noreply.github.com> Date: Fri, 8 Aug 2025 08:58:12 +0200 Subject: [PATCH 7/7] fix syntax error --- .github/workflows/cve-scanning-gradle.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/cve-scanning-gradle.yml b/.github/workflows/cve-scanning-gradle.yml index 2b7ab6a7c..a3dd87cb7 100644 --- a/.github/workflows/cve-scanning-gradle.yml +++ b/.github/workflows/cve-scanning-gradle.yml @@ -22,7 +22,8 @@ jobs: distribution: 'temurin' - name: Check NVD API Key shell: bash - run: echo "Key length: ${#NVD_API_KEY}" \|\| echo "Could not determine key length" + run: | + echo "Key length: ${#NVD_API_KEY}" || echo "Could not determine key length" env: NVD_API_KEY: ${{ secrets.NVD_API_KEY }} - name: Build with Gradle