Files
hosts/.github/workflows/depsreview.yaml
dependabot[bot] 7441a6dc76 Bump actions/dependency-review-action from 4.7.3 to 4.8.0
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.7.3 to 4.8.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](595b5aeba7...56339e523c)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-version: 4.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-10-01 00:01:54 +00:00

18 lines
435 B
YAML

name: 'Dependency Review'
on: [pull_request]
permissions:
contents: read
jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: Clone repository
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
- name: Dependency Review
uses: actions/dependency-review-action@56339e523c0409420f6c2c9a2f4292bbb3c07dd3 # v4.8.0