Skip to content
Dependabot PR Review

chore(deps): bump the prod-deps group across 1 directory with 7 updates #927

Sign in to view logs

chore(deps): bump the prod-deps group across 1 directory with 7 updates

chore(deps): bump the prod-deps group across 1 directory with 7 updates #927

Workflow file for this run

.github/workflows/dependabot-pr-review.yml at 47d2d5f
# This workflow enables dependency scans on pull requests.
# When changes in dependencies are detected, it will raise an error
# if any vulnerabilities or invalid licenses are introduced.
# See for more info: https://github.com/actions/dependency-review-action
name: 'Dependabot PR Review'
on: [pull_request_target]
permissions:
contents: read
jobs:
dependency-review:
runs-on: ubuntu-24.04
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: 'Dependency Review'
uses: actions/dependency-review-action@v4
with:
# fails when moderate vulnerabilities are detected
fail-on-severity: moderate