name: Dependency Review
"on":
pull_request:
branches: [main]
permissions:
contents: read
pull-requests: write
jobs:
dependency-review:
name: Dependency Review
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
- name: Dependency Review
uses: actions/dependency-review-action@45529485b5eb76184ced07362d2331fd9d26f03f # v4
with:
# Fail the build if there are any vulnerabilities
fail-on-severity: low
# Allow licenses (you can restrict this if needed)
allow-licenses: MIT, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, 0BSD