microsoft/hve-core
Publicmirrored fromhttps://github.com/microsoft/hve-coreAvailable
.github/workflows/dependency-review.yml
29lines · modecode
| 1 | name: Dependency Review |
| 2 | |
| 3 | on: |
| 4 | pull_request: |
| 5 | branches: [ main, develop ] |
| 6 | workflow_call: |
| 7 | |
| 8 | permissions: |
| 9 | contents: read |
| 10 | |
| 11 | jobs: |
| 12 | dependency-review: |
| 13 | name: Review Dependencies |
| 14 | runs-on: ubuntu-latest |
| 15 | permissions: |
| 16 | contents: read |
| 17 | pull-requests: write |
| 18 | |
| 19 | steps: |
| 20 | - name: Checkout code |
| 21 | uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4.2.2 |
| 22 | with: |
| 23 | persist-credentials: false |
| 24 | |
| 25 | - name: Dependency Review |
| 26 | uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.3.4 |
| 27 | with: |
| 28 | fail-on-severity: moderate |
| 29 | comment-summary-in-pr: always |
| 30 | |