GitVita
New repositoryImport repositoryNew issue
Your repositories Your dashboard Sign in

microsoft/hve-core

Public

mirrored fromhttps://github.com/microsoft/hve-coreAvailable

Watch0Fork0Star0
CodeCommitsIssuesPull requestsActionsInsightsSecurity
feat/centralized-version-bump

Branches

Tags

  • No tags available.
0Branches0Tags
Go to file
Add file
Code

Clone

HTTPS

Download ZIP

hve-core/.github/workflows

.github/workflows/dependency-review.yml

52lines · modecode

RawDownload
Latest commit unavailable.
1name: Dependency Review
2
3on:
4 pull_request:
5 branches: [ main, develop ]
6 workflow_call:
7
8permissions:
9 contents: read
10
11jobs:
12 dependency-review:
13 name: Review Dependencies
14 runs-on: ubuntu-latest
15 permissions:
16 contents: write # Elevated for Dependency Submission API (uv.lock)
17 pull-requests: write
18
19 steps:
20 - name: Checkout code
21 uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4.2.2
22 with:
23 persist-credentials: false
24
25 - name: Submit uv.lock dependencies # Skipped on fork PRs (read-only token)
26 if: github.event.pull_request.head.repo.full_name == github.repository
27 uses: advanced-security/component-detection-dependency-submission-action@b876b8cc341a53970394b33ea0ca4e86c25542de # v0.1.3
28 with:
29 detectorArgs: 'UvLock=EnableIfDefaultOff'
30
31 - name: Dependency Review
32 uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0
33 with:
34 fail-on-severity: moderate
35 comment-summary-in-pr: always
36 license-check: true
37 allow-licenses: >-
38 MIT, MIT-0, MIT-CMU, Apache-2.0,
39 BSD-2-Clause, BSD-3-Clause, ISC, 0BSD,
40 BlueOak-1.0.0, CC0-1.0, Unlicense,
41 CC-BY-4.0, CC-BY-3.0, PSF-2.0, Python-2.0,
42 HPND, LicenseRef-scancode-secret-labs-2011,
43 WTFPL, LicenseRef-scancode-unicode
44 # Packages with compound SPDX expressions containing GPL or MPL
45 # from bundled code; distributed licenses are permissive.
46 allow-dependencies-licenses: >-
47 pkg:pypi/lxml,
48 pkg:pypi/typing-extensions,
49 pkg:npm/dompurify,
50 pkg:npm/lunr-languages
51 show-openssf-scorecard: true
52 warn-on-openssf-scorecard-level: 3
53