DSL Update #11

	name: CVE Scanning

	on:
	workflow_dispatch:
	push:
	branches:
	- main
	paths:
	- 'pom.xml'
	- 'CVE-suppressions.xml'
	- '.github/workflows/cve-scanning.yml'
	pull_request:
	paths:
	- 'pom.xml'
	- 'CVE-suppressions.xml'
	- '.github/workflows/cve-scanning.yml'

	# Cancel previous jobs
	concurrency:
	group: ${{ github.workflow }}-${{ github.event.pull_request.number \|\| github.ref }}
	cancel-in-progress: true

	jobs:
	depcheck:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4
	- uses: ./.github/actions/maven-build
	with:
	run-tests: false
	- name: CVE scanning
	uses: dependency-check/Dependency-Check_Action@1.1.0
	env:
	JAVA_HOME: /opt/jdk
	with:
	project: ${{github.repository}}
	path: '.'
	format: 'HTML'
	out: 'reports'
	args: >
	--suppression CVE-suppressions.xml
	--failOnCVSS 7
	- name: Upload results
	uses: actions/upload-artifact@v4
	with:
	name: CVE Scan Report
	path: ${{github.workspace}}/reports

Provide feedback