Skip to content
Adhoc Build & UnitTests

Update dependency com.nimbusds:nimbus-jose-jwt to v10.4 #732

Sign in to view logs

Update dependency com.nimbusds:nimbus-jose-jwt to v10.4

Update dependency com.nimbusds:nimbus-jose-jwt to v10.4 #732

Workflow file for this run

.github/workflows/maven.yml at cf2ab5f
# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: Adhoc Build & UnitTests
on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up JDK 21
uses: actions/setup-java@v4
with:
java-version: '21'
distribution: 'temurin'
cache: maven
- name: Download dependencies
run: mvn dependency:collect --file pom.xml --batch-mode
- name: Package skipping tests
# This is useful not to clutter the package command with download logs
# `mvn dependency` has issues with multi-modules
# run: mvn dependency:resolve dependency:resolve-plugins --batch-mode
run: mvn package -DskipTests -Dspotless.skip --file pom.xml --batch-mode
- name: Java unit-tests
# Stick to `package` phase for consistency, and checking packaging is fine
run: mvn package --file pom.xml --batch-mode
# https://stackoverflow.com/questions/57498605/github-actions-share-workspace-artifacts-between-jobs
#- uses: actions/upload-artifact@v4
# with:
# name: pivotable-server
# path: server/target/*-exec.jar
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
# https://docs.sonarsource.com/sonarqube-cloud/advanced-setup/ci-based-analysis/github-actions-for-sonarcloud/
- name: SonarQubeScan
uses: SonarSource/sonarqube-scan-action@v5
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
# Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
- name: Update dependency graph
uses: advanced-security/maven-dependency-submission-action@df268dd1684fb95352aa463056e3cf41f9acb94b