Skip to content

fix: CSP headers and deps alerts #292

fix: CSP headers and deps alerts

fix: CSP headers and deps alerts #292

Workflow file for this run

# Copyright 2025 AGNTCY Contributors (https://github.com/agntcy)
# SPDX-License-Identifier: Apache-2.0
---
name: dependency
on:
# Review dependencies on pull requests to the default branch
pull_request:
branches: ["main"]
# Declare default permissions as read-only
permissions: read-all
jobs:
dependency-review:
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- name: 🔒 harden runner
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
with:
egress-policy: audit
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4.1.7
- name: 🔂 dependency review
uses: actions/dependency-review-action@595b5aeba73380359d98a5e087f648dbb0edce1b # v4.7.3
with:
fail-on-severity: "high"
deny-licenses: "AGPL-1.0, AGPL-3.0"
comment-summary-in-pr: true
warn-on-openssf-scorecard-level: 3