[maven-release-plugin] prepare release vuu-parent-0.9.106 #837

	name: Maven CVE Scanning

	on:
	push:
	paths:
	- "**/pom.xml"
	- "allow-list.xml"
	- ".github/workflows/cve-scanning.yml"

	jobs:

	depchecktest:
	runs-on: ubuntu-latest

	env:
	OSS_INDEX_USERNAME: ${{ secrets.OSS_INDEX_USERNAME }}
	OSS_INDEX_API_KEY: ${{ secrets.OSS_INDEX_API_KEY }}

	steps:
	- name: Checkout
	uses: actions/checkout@v6

	- name: Build project with Maven
	run: mvn clean install -DskipTests

	- name: Run OWASP Dependency-Check on Maven subprojects
	if: ${{ env.OSS_INDEX_USERNAME != '' && env.OSS_INDEX_API_KEY != '' }}
	uses: dependency-check/Dependency-Check_Action@2ba636726705b0f74f126ebeaacaf2ad4600b967
	id: Depcheck
	with:
	project: "vuu"
	path: "vuu"
	format: "HTML"
	out: "reports" # this is the default, no need to specify unless you wish to override it
	args: >
	--ossIndexUsername ${{ env.OSS_INDEX_USERNAME }}
	--ossIndexPassword ${{ env.OSS_INDEX_API_KEY }}
	--suppression allow-list.xml
	--failOnCVSS 7
	--enableRetired

	- name: Upload Test results
	if: ${{ always() }}
	uses: actions/upload-artifact@v5
	with:
	name: Depcheck report
	path: ${{ github.workspace }}/reports

Provide feedback