name: Dependency Review
"on":
pull_request:
branches: [main]
permissions:
contents: read
pull-requests: write
jobs:
dependency-review:
name: Dependency Review
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v5
- name: Dependency Review
uses: actions/dependency-review-action@774d14bf50b7a2e2460f9f49e25c52503ecab125 # v4
with:
# Fail the build if there are any vulnerabilities
fail-on-severity: low
# Allow licenses (you can restrict this if needed)
allow-licenses: MIT, Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, 0BSD