Include a GitHub workflow for vulnerability scanning #3

	on: [pull_request]

	jobs:
	depchecktest:
	runs-on: ubuntu-latest
	name: depecheck_test
	steps:
	- name: Checkout
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
	- name: Setup Java
	uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4
	with:
	distribution: temurin
	java-version: 17
	- name: Setup Gradle
	uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4
	- name: Call setup
	run: ./gradlew dependencies
	- name: Dependency Check
	uses: dependency-check/Dependency-Check_Action@3102a65fd5f36d0000297576acc56a475b0de98d
	env:
	# actions/setup-java changes JAVA_HOME, so it needs to be reset to match the depcheck image
	JAVA_HOME: /opt/jdk
	id: Depcheck
	with:
	project: 'iets3.opensource'
	format: 'HTML'
	out: 'reports'
	- name: Upload Test results
	uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
	with:
	name: Dependency Check Report
	path: ${{github.workspace}}/reports

Provide feedback