vulnerability-check #31

	name: vulnerability-check
	on:
	schedule:
	# Run at UTC 16:00 every week (CST 00:00 AM)
	- cron: '0 16 * * 0'
	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	env:
	MAVEN_OPTS: -Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false -Dmaven.wagon.http.retryHandler.class=standard -Dmaven.wagon.http.retryHandler.count=3
	MAVEN_ARGS: --batch-mode --no-transfer-progress
	DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }}

	jobs:
	dependency-check:
	strategy:
	fail-fast: false
	max-parallel: 15
	matrix:
	java: [ 17 ]
	os: [ ubuntu-latest ]
	runs-on: ${{ matrix.os }}

	steps:
	- uses: actions/checkout@v4
	- name: Set up JDK ${{ matrix.java }}
	uses: actions/setup-java@v4
	with:
	distribution: corretto
	java-version: ${{ matrix.java }}
	- name: Cache Maven packages
	uses: actions/cache@v4
	with:
	path: ~/.m2
	key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
	restore-keys: ${{ runner.os }}-m2-
	- name: Do the dependency-check:check
	shell: bash
	run: mvn org.owasp:dependency-check-maven:check
	- name: Do the dependency-check:aggregate
	shell: bash
	run: mvn org.owasp:dependency-check-maven:aggregate
	- name: Convert UTC to East Asia Standard Time and Extract Date
	run: \|
	utc_time="${{ github.run_started_at }}"
	target_time=$(TZ=Asia/Shanghai date -d "$utc_time" +"%Y-%m-%d")
	echo "DATE_EAST_ASIA=$target_time" >> $GITHUB_ENV
	- name: Upload Artifact
	uses: actions/upload-artifact@v4
	with:
	name: vulnerability-check-result-${{ runner.os }}-${{ env.DATE_EAST_ASIA }}
	path: target/dependency-check-report.html
	retention-days: 15

Provide feedback