Skip to content
Dependency review

Bump actions/dependency-review-action from 4.8.0 to 4.8.1 #1274

Sign in to view logs

Bump actions/dependency-review-action from 4.8.0 to 4.8.1

Bump actions/dependency-review-action from 4.8.0 to 4.8.1 #1274

Workflow file for this run

.github/workflows/dependency-review.yml at e35721a
name: Dependency review
on: [pull_request]
permissions: read-all
jobs:
dependency-review:
name: Dependency review
runs-on: ubuntu-latest
steps:
- uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.github.com:443
api.securityscorecards.dev:443
github.com:443
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
- uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a
with:
allow-ghsas: GHSA-pq67-6m6q-mj2v # urllib3