Skip to content

Commit

Permalink
ci: Add Dependency Review workflow (#37)
Browse files Browse the repository at this point in the history
# Pull Request

## Description

This change introduces a new GitHub Actions workflow for dependency
review. The workflow, named "Dependency Review," is triggered on pull
requests and runs on the latest Ubuntu environment.

The workflow consists of two main steps:
1. Checking out the repository using `actions/checkout@v4`
2. Running the dependency review action using
`actions/dependency-review-action@v4`

This addition enhances the project's security by automatically reviewing
dependencies in pull requests, helping to identify and mitigate
potential vulnerabilities or issues related to project dependencies.

fixes #34
  • Loading branch information
JackPlowman authored Sep 27, 2024
1 parent acc59f1 commit 6f20397
Showing 1 changed file with 16 additions and 0 deletions.
16 changes: 16 additions & 0 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
name: Dependency Review

on: [pull_request]

permissions:
contents: read

jobs:
dependency-review:
name: Dependency Review
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@v4
- name: Dependency Review
uses: actions/dependency-review-action@v4

0 comments on commit 6f20397

Please sign in to comment.