Skip to content

deps(deps): Bump the 3d-animation group across 1 directory with 3 updates #56

deps(deps): Bump the 3d-animation group across 1 directory with 3 updates

deps(deps): Bump the 3d-animation group across 1 directory with 3 updates #56

name: Dependency Review
on:
pull_request:
branches: [main]
permissions: {}
jobs:
dependency-review:
name: Dependency Review
runs-on: ubuntu-latest
timeout-minutes: 5
permissions:
contents: read
pull-requests: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1
with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- name: Dependency Review
uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0
with:
fail-on-severity: low
vulnerability-check: true
license-check: true
fail-on-scopes: runtime, development, unknown
comment-summary-in-pr: always
retry-on-snapshot-warnings: true
retry-on-snapshot-warnings-timeout: 120
warn-only: false
show-openssf-scorecard: true
warn-on-openssf-scorecard-level: 3
allow-licenses: >-
MIT, ISC, Apache-2.0, BSD-2-Clause, BSD-3-Clause, 0BSD,
CC0-1.0, CC-BY-3.0, CC-BY-4.0, Unlicense, Python-2.0,
BlueOak-1.0.0, Artistic-2.0, Zlib, MPL-2.0