Skip to content

Bump actions/checkout from 3.6.0 to 4.1.1 #2

Bump actions/checkout from 3.6.0 to 4.1.1

Bump actions/checkout from 3.6.0 to 4.1.1 #2

name: 'Dependency Graph'
on: [pull_request]
permissions:
contents: read
jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: 'Checkout Repository'
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Maven Dependency Tree Dependency Submission
uses: advanced-security/maven-dependency-submission-action@bfd2106013da0957cdede0b6c39fb5ca25ae375e # v4.0.2
with:
token: ${{ secrets.GH_GRAPH_PUBLISH_TOKEN }}
- name: 'Dependency Review'
uses: actions/dependency-review-action@0efb1d1d84fc9633afcdaad14c485cbbc90ef46c # v2.5.1
with:
retry-on-snapshot-warnings: true