Skip to content

Scorecard

Scorecard #2

name: "Dependency Review"
on: [pull_request]
# Declare default permissions as read only.
permissions: read-all
jobs:
dependency-review:
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- name: "Checkout Repository"
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- name: "Dependency Review"
uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.4.0
with:
fail-on-severity: high
comment-summary-in-pr: true