diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 200f805fa..b4b41c557 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -26,6 +26,12 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v3
+ - name: Dependency Review
+ uses: actions/dependency-review-action@v4
+ with:
+ vulnerability-check: true
+ license-check: false
+ comment-summary-in-pr: on-failure
- name: Set up JDK
uses: actions/setup-java@v3
with:
diff --git a/cve-suppressions.xml b/cve-suppressions.xml
deleted file mode 100644
index 439089144..000000000
--- a/cve-suppressions.xml
+++ /dev/null
@@ -1,25 +0,0 @@
-
-
-
-
-
-
-
- CVE-2021-0341
-
-
- CVE-2023-0833
-
-
- CVE-2023-35116
-
-
- CVE-2023-3782
-
-
- CVE-2023-4586
-
-
- CVE-2023-51074
-
-
diff --git a/logbook-parent/pom.xml b/logbook-parent/pom.xml
index 3696d302f..16a922c9d 100644
--- a/logbook-parent/pom.xml
+++ b/logbook-parent/pom.xml
@@ -547,25 +547,6 @@
false
-
- org.owasp
- dependency-check-maven
- 8.4.3
-
-
-
- check
-
-
-
-
- 0.0
- false
-
- cve-suppressions.xml
-
-
-
org.apache.maven.plugins
maven-shade-plugin
@@ -636,10 +617,6 @@
org.jacoco
jacoco-maven-plugin
-
- org.owasp
- dependency-check-maven
-