Verify Dependencies – pull_request #601
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Dependency checks | |
| # | |
| # Description: | |
| # Verifies that dependencies are compatible with our project | |
| # by checking licenses and their security posture | |
| # | |
| # Triggers: | |
| # - pull_request | |
| on: | |
| pull_request: | |
| name: Verify Dependencies | |
| run-name: Verify Dependencies – ${{ github.event_name }} | |
| permissions: | |
| contents: read | |
| jobs: | |
| verify: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - name: Verify Contents | |
| uses: actions/dependency-review-action@bc41886e18ea39df68b1b1245f4184881938e050 # v4.7.2 | |
| with: | |
| config-file: './.github/dependency-review-config.yml' |