Unlimit97 patch 1

.github/workflows/bd_ss_main.yml

@@ -0,0 +1,74 @@
+name: CI-BlackDuck-SCA
+
+on:
+  push:
+    branches: [main, master, develop, stage, release]
+  pull_request:
+    branches: [main, master, develop, stage, release]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Source
+        uses: actions/checkout@v4
+
+      - name: Black Duck SCA Full Scan
+        id: black-duck-full-scan
+        if: ${{ github.event_name != 'pull_request' }}
+        uses: blackduck-inc/black-duck-security-scan@v2
+        env:
+          DETECT_PROJECT_NAME: ${{ github.event.repository.name }}
+        with:
+          blackducksca_url: ${{ vars.BLACKDUCK_URL }}
+          blackducksca_token: ${{ secrets.BLACKDUCK_TOKEN }}
+          blackducksca_scan_full: true
+          blackducksca_scan_failure_severities: 'BLOCKER,CRITICAL'
+          # blackducksca_waitForScan: false
+          # detect_search_depth: 2
+          # detect_args: '--detect.diagnostic=true'
+          # detect_config_path: '/Users/Config/application.properties'
+          # blackducksca_fixpr_enabled: true
+          # blackducksca_fixpr_maxCount: 5
+          # blackducksca_fixpr_filter_severities: 'CRITICAL,HIGH'
+          # blackducksca_fixpr_useUpgradeGuidance: 'SHORT_TERM,LONG_TERM'
+          # github_token: ${{ secrets.GITHUB_TOKEN }}
+          # blackducksca_reports_sarif_create: true
+          # blackducksca_reports_sarif_file_path: '/Users/tmp/report.sarif.json'
+          # blackducksca_reports_sarif_severities: 'CRITICAL,HIGH'
+          # blackducksca_reports_sarif_groupSCAIssues: true
+          # blackducksca_upload_sarif_report: true
+          # github_token: ${{ secrets.GITHUB_TOKEN }}
+          mark_build_status: 'success'
+          # blackducksca_policy_badges_create: true
+          # blackducksca_policy_badges_maxCount: 5
+          # project_directory: ${{ vars.PROJECT_DIRECTORY }}
+          # include_diagnostics: true
+          # network_ssl_trustAll: true
+          # network_ssl_cert_file: '/Users/Config/cert.pem'
+
+      - name: Black Duck SCA PR Scan
+        id: black-duck-pr-scan
+        if: ${{ github.event_name == 'pull_request' }}
+        uses: blackduck-inc/black-duck-security-scan@v2
+        env:
+          DETECT_PROJECT_NAME: ${{ github.event.repository.name }}
+        with:
+          blackducksca_url: ${{ vars.BLACKDUCK_URL }}
+          blackducksca_token: ${{ secrets.BLACKDUCK_TOKEN }}
+          blackducksca_scan_full: false
+          blackducksca_prComment_enabled: true
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          # blackducksca_policy_badges_create: true
+          # blackducksca_policy_badges_maxCount: 5
+          # project_directory: ${{ vars.PROJECT_DIRECTORY }}
+          # include_diagnostics: true
+          mark_build_status: 'success'
+          # network_ssl_trustAll: true
+          # network_ssl_cert_file: '/Users/Config/cert.pem'
+
+      # - name: cmdLine
+      #   id: cmdLine
+      #   run: |
+      #     EXIT_CODE=${{ steps.black-duck-full-scan.outputs.status }}
+

pom.xml

@@ -11,12 +11,32 @@
     <url>https://jitpack.io/#jitpack/maven-simple/0.1</url>
 
     <dependencies>
+
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
             <version>4.13.1</version>
             <scope>test</scope>
         </dependency>
+
+        <dependency>
+          <groupId>ch.qos.logback</groupId>
+          <artifactId>logback-core</artifactId>
+          <version>1.1.0</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-core</artifactId>
+            <version>5.3.18</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-context</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>                 
+
     </dependencies>
 
     <build>