Skip to content

Fix OWASP dependency-check resolution failure in multi-module build#15

Merged
brunoborges merged 4 commits into
mainfrom
copilot/fix-dependency-security-scan-another-one
Feb 13, 2026
Merged

Fix OWASP dependency-check resolution failure in multi-module build#15
brunoborges merged 4 commits into
mainfrom
copilot/fix-dependency-security-scan-another-one

Conversation

Copilot AI commented Feb 13, 2026

Copy link
Copy Markdown
Contributor

The dependency-check workflow fails when analyzing jlib-inspector-agent because it cannot resolve the jlib-inspector-common dependency. Running org.owasp:dependency-check-maven:check as a separate Maven invocation after install loses the reactor context needed for inter-module dependency resolution.

Changes

  • Combine clean install and dependency-check:check into single Maven invocation
  • Apply to both security.yml and ci.yml workflows for consistency

Before

- name: Build and install modules
  run: ./mvnw clean install -DskipTests -B
- name: Run OWASP Dependency Check
  run: |
    ./mvnw org.owasp:dependency-check-maven:check \
      -Dformat=ALL -DfailBuildOnCVSS=7 \
      -DnvdApiKey=${{ secrets.NVD_API_KEY }} -B

After

- name: Build modules and run dependency check
  run: |
    ./mvnw clean install org.owasp:dependency-check-maven:check \
      -DskipTests \
      -Dformat=ALL -DfailBuildOnCVSS=7 \
      -DnvdApiKey=${{ secrets.NVD_API_KEY }} -B

This ensures the plugin executes within the reactor build where all modules are available.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

  • dlcdn.apache.org
    • Triggering command: /usr/bin/wget wget --quiet REDACTED -O /tmp/tmp.9C4Jzt2MTD/apache-maven-4.0.0-rc-5-bin.zip (dns block)
    • Triggering command: /usr/bin/wget wget --quiet REDACTED -O /tmp/tmp.fJwgpUYh9E/apache-maven-4.0.0-rc-5-bin.zip (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

Original prompt

Fix the failing GitHub Actions workflow Dependency Security Scan
Analyze the workflow logs, identify the root cause of the failure, and implement a fix.
Job ID: 63451692159
Job URL: https://github.com/brunoborges/jlib-inspector/actions/runs/21964802762/job/63451692159


✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

Copilot AI and others added 3 commits February 13, 2026 04:16
Co-authored-by: brunoborges <129743+brunoborges@users.noreply.github.com>
Co-authored-by: brunoborges <129743+brunoborges@users.noreply.github.com>
Co-authored-by: brunoborges <129743+brunoborges@users.noreply.github.com>
@brunoborges brunoborges marked this pull request as ready for review February 13, 2026 04:19
Copilot AI changed the title [WIP] Fix failing GitHub Actions workflow Dependency Security Scan Fix OWASP dependency-check resolution failure in multi-module build Feb 13, 2026
Copilot AI requested a review from brunoborges February 13, 2026 04:20
@brunoborges brunoborges merged commit 4521f74 into main Feb 13, 2026
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants