From 9885d0c74cca15bb0f8128ee7a4018cbac4d6c32 Mon Sep 17 00:00:00 2001 From: Federico Builes Date: Thu, 6 Apr 2023 21:33:35 +0200 Subject: [PATCH] Remove default values in action.yml --- action.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/action.yml b/action.yml index c7dad3e5c..86e4221b7 100644 --- a/action.yml +++ b/action.yml @@ -1,3 +1,5 @@ +# Avoid using default values for options here since they will +# end up overriding external configurations. name: 'Dependency Review' description: 'Prevent the introduction of dependencies with known vulnerabilities' author: 'GitHub' @@ -9,11 +11,9 @@ inputs: fail-on-severity: description: Don't block PRs below this severity. Possible values are `low`, `moderate`, `high`, `critical`. required: false - default: 'low' fail-on-scopes: description: Dependency scopes to block PRs on. Comma-separated list. Possible values are 'unknown', 'runtime', and 'development' (e.g. "runtime, development") required: false - default: 'runtime' base-ref: description: The base git ref to be used for this check. Has a default value when the workflow event is `pull_request` or `pull_request_target`. Must be provided otherwise. required: false