Shows a working setup for using the Black Duck CoPilot integration to analyze the risk of project dependencies
The .github/workflows/workflow.yml file has been modified to upload generated dependency data to Black Duck CoPilot:
- name: Set up Java (CoPilot)
uses: actions/setup-java@v1
with:
java-version: 1.8
- name: Upload to CoPilot
if: github.event_name == 'push' || github.event_name == 'pull_request'
run: bash <(curl -s https://copilot-test.blackducksoftware.com/ci/githubactions/scripts/upload)