.github/workflows/dependency-review.yml - comdev - Git at Google

 name: Dependency Review

 on:
   pull_request:
     branches: ["main"]

 permissions: {}

 jobs:
   review:
     name: Dependency review
     runs-on: ubuntu-latest
     timeout-minutes: 10
     permissions:
       contents: read
       pull-requests: write

     steps:
       - name: Checkout
         uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           persist-credentials: false

       - name: Dependency review
         uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0
         with:
           fail-on-severity: moderate
           comment-summary-in-pr: on-failure
           deny-licenses: GPL-3.0, AGPL-3.0
	name: Dependency Review

	on:
	pull_request:
	branches: ["main"]

	permissions: {}

	jobs:
	review:
	name: Dependency review
	runs-on: ubuntu-latest
	timeout-minutes: 10
	permissions:
	contents: read
	pull-requests: write

	steps:
	- name: Checkout
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
	with:
	persist-credentials: false

	- name: Dependency review
	uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0
	with:
	fail-on-severity: moderate
	comment-summary-in-pr: on-failure
	deny-licenses: GPL-3.0, AGPL-3.0