Skip to content

chore(commons): migrate hugegraph-commons #1665

chore(commons): migrate hugegraph-commons

chore(commons): migrate hugegraph-commons #1665

name: "3rd-party"
on:
push:
branches:
- /^release-.*$/
pull_request:
permissions:
contents: read
jobs:
dependency-check:
runs-on: ubuntu-latest
env:
USE_STAGE: 'true' # Whether to include the stage repository.
SCRIPT_DEPENDENCY: install-dist/scripts/dependency
steps:
- name: Checkout source
uses: actions/checkout@v4
- name: Set up JDK 11
uses: actions/setup-java@v3
with:
java-version: '11'
distribution: 'adopt'
- name: use staged maven repo settings
if: ${{ env.USE_STAGE == 'true' }}
run: |
cp $HOME/.m2/settings.xml /tmp/settings.xml
mv -vf .github/configs/settings.xml $HOME/.m2/settings.xml
- name: mvn install
run: |
mvn install -Dmaven.test.skip=true -ntp
- name: generate current dependencies
run: |
bash $SCRIPT_DEPENDENCY/regenerate_known_dependencies.sh current-dependencies.txt
- name: check third dependencies
run: |
bash $SCRIPT_DEPENDENCY/check_dependencies.sh
dependency-review:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v4
- name: 'Dependency Review'
uses: actions/dependency-review-action@v3
# Refer: https://github.com/actions/dependency-review-action
with:
# TODO: reset critical to low before releasing
fail-on-severity: critical
# Action will fail if dependencies don't match the list
#allow-licenses: Apache-2.0, MIT
#deny-licenses: GPL-3.0, AGPL-1.0, AGPL-3.0, LGPL-2.0, CC-BY-3.0