Test add snyk

Author: JPechberty

.github/workflows/qa.yml

@@ -37,4 +37,8 @@ jobs:
         run: mvn -B checkstyle:checkstyle --file pom.xml
       - name: Run PMD Check
         if: success() || failure()
-        run: mvn -B pmd:pmd --file pom.xml
+        run: mvn -B pmd:pmd --file pom.xml
+      - name: Run Snyk to check for vulnerabilities
+        uses: snyk/actions/maven@master
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_KEY }}

pom.xml

@@ -153,6 +153,19 @@
                     </execution>
                 </executions>
             </plugin>
+            <plugin>
+                <groupId>com.github.spotbugs</groupId>
+                <artifactId>spotbugs-maven-plugin</artifactId>
+                <version>4.8.6.0</version>
+                <executions>
+                    <execution>
+                        <phase>verify</phase>
+                        <goals>
+                            <goal>check</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
         </plugins>
     </build>
 </project>