DISABLE_MAVEN_DEPENDENCY_SUBMISSION variable for build_maven_package.yml

Upgraded build_maven_package workflow to version 1.0.1 As a fix to : advanced-security/maven-dependency-submission-action#65 As 'advanced-security/maven-dependency-submission-action' is an optional step, now it is possible to skip it with a variable (I set it on account level, so all my workflows are affected)
fugerit-org · Feb 17, 2024 · bdec053 · bdec053
1 parent 7b53ae4
commit bdec053
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 2 deletions.
diff --git a/.github/workflows/build_maven_package.yml b/.github/workflows/build_maven_package.yml
@@ -1,6 +1,6 @@
 # CI with maven build and scan
 #
-# version 1.0.0
+# version 1.0.1
 #
 # see : https://universe.fugerit.org/src/docs/conventions/workflows/build_maven_package.html
 
@@ -67,4 +67,6 @@ jobs:
 
       # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
       - name: Update dependency graph
-        uses: advanced-security/[email protected]
+        # if DISABLE_MAVEN_DEPENDENCY_SUBMISSION is set to true, skip this step
+        if: ${{ vars.DISABLE_MAVEN_DEPENDENCY_SUBMISSION != 'true' }}
+        uses: advanced-security/maven-dependency-submission-action@main
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Changed
 
+- Upgraded build_maven_package workflow to version 1.0.1, (accespt DISABLE_MAVEN_DEPENDENCY_SUBMISSION)
 - [Workflow review and transition to node 20](https://github.com/fugerit-org/fj-universe/issues/29)
 
 ## [0.4.2] - 2023-11-24