Share dependency-submission workflow

Previously the dependency-submission action was used in 2 different workflows,
one for dependency-submission on pushes to `main` and another for depenency-review.
This setup can lead to duplicate dependencies in the GitHub Dependency Insights,
due to some odd behaviour in handling dependency submission.

We now use a single workflow Job for all dependency-submission, and use the
dependency-review-action in the "wait for snapshot" mode.

This setup is now recommended in the docs for `gradle/actions/dependency-submission`.

Author: bigdaz

.github/workflows/dependency-review.yml

@@ -1,35 +1,17 @@
-# Submits a dependency graph and performs dependency review on every pull request
-name: Dependency review for pull requests
+name: Dependency Review
 
 on:
   pull_request:
 
 permissions:
-  contents: write
+  contents: read
 
 jobs:
-  dependency-submission:
-    runs-on: ubuntu-latest
-    steps:
-    - name: Checkout sources
-      uses: actions/checkout@v4
-
-    - name: Set up the JDK used to run Gradle
-      uses: actions/setup-java@v4
-      with:
-        distribution: 'temurin'
-        java-version: '17'
-
-    - name: Generate and submit dependency graph for the PR
-      uses: gradle/actions/dependency-submission@v4
-      with:
-        build-scan-publish: true
-        build-scan-terms-of-use-url: "https://gradle.com/help/legal-terms-of-use"
-        build-scan-terms-of-use-agree: "yes"
-  
   dependency-review:
-    needs: dependency-submission
     runs-on: ubuntu-latest
     steps:
     - name: Perform dependency review
       uses: actions/dependency-review-action@v4
+      with:
+        retry-on-snapshot-warnings: true
+        retry-on-snapshot-warnings-timeout: 600

.github/workflows/dependency-submission.yml

@@ -1,10 +1,9 @@
-# Submits a dependency graph on every push to 'main'
 name: Dependency Submission
 
 on:
   push:
-    branches:
-    - main
+    branches: [ 'main' ]
+  pull_request:
 
 permissions:
   contents: write