From b01b8bded2779d4624a72a8e7955ef21868683f3 Mon Sep 17 00:00:00 2001
From: dolorsfg <43985184+dolorsfg@users.noreply.github.com>
Date: Thu, 13 Jun 2024 15:58:23 +0200
Subject: [PATCH] Add dependency review

---
 .github/workflows/maven-build.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/workflows/maven-build.yml b/.github/workflows/maven-build.yml
index 54055394f..0baec020d 100644
--- a/.github/workflows/maven-build.yml
+++ b/.github/workflows/maven-build.yml
@@ -28,5 +28,13 @@ jobs:
           cache: maven
       - name: Submit Dependency Snapshot
         uses: advanced-security/maven-dependency-submission-action@v3
+      - name: Dependency review:  
+        uses: actions/dependency-review-action@v4
+        # Commonly enabled options, see https://github.com/actions/dependency-review-action#configuration-options for all available options.
+        with:
+          comment-summary-in-pr: always
+           fail-on-severity: high
+           deny-licenses: GPL-1.0-or-later, LGPL-2.0-or-later
+        #   retry-on-snapshot-warnings: true        
       - name: Build with Maven Wrapper
         run: ./mvnw -B package