Skip to content

chore: add Dependency Review GitHub Action #61

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Sep 17, 2025
Merged

chore: add Dependency Review GitHub Action #61

merged 2 commits into from
Sep 17, 2025

Conversation

@absis
Copy link
Contributor

@absis absis commented Sep 17, 2025

The dependency review action scans your pull requests for dependency changes and raises an error if any new dependencies have known vulnerabilities. Once installed, if the workflow run is marked as required, pull requests introducing known vulnerable packages will be blocked from merging.

@absis absis self-assigned this Sep 17, 2025
@linear
Copy link

linear bot commented Sep 17, 2025

DEVOPS-980 Implement dependency review action on aave repos

@absis absis requested review from alexmance, foodaka and grothem and removed request for JoaquinBattilana, foodaka and grothem September 17, 2025 15:09
@codecov
Copy link

codecov bot commented Sep 17, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 97.10%. Comparing base (af5d2e1) to head (6320e2c).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main      #61   +/-   ##
=======================================
  Coverage   97.10%   97.10%           
=======================================
  Files          16       16           
  Lines         518      518           
=======================================
  Hits          503      503           
  Misses         15       15
Flag Coverage Δ
move 97.10% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

alexmance
alexmance previously approved these changes Sep 17, 2025
View reviewed changes
Copy link
Contributor

@alexmance alexmance left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

alexmance
alexmance approved these changes Sep 17, 2025
View reviewed changes
Copy link
Contributor

@alexmance alexmance left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@alexmance alexmance merged commit a8d3cc3 into main Sep 17, 2025
20 checks passed
@alexmance alexmance deleted the francesc/devops-980-implement-dependency-review-action-on-aave-repos branch September 17, 2025 15:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alexmance alexmance alexmance approved these changes

@mpsc0x mpsc0x mpsc0x approved these changes

@meng-xu-cs meng-xu-cs Awaiting requested review from meng-xu-cs meng-xu-cs is a code owner

@matchv matchv Awaiting requested review from matchv matchv is a code owner

Assignees

@absis absis

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@absis @alexmance @mpsc0x