build(ci): add dependency review step

author Jérôme Benoit <jerome.benoit@sap.com>

Thu, 7 Sep 2023 12:48:29 +0000 (14:48 +0200)

committer Jérôme Benoit <jerome.benoit@sap.com>

Thu, 7 Sep 2023 12:48:29 +0000 (14:48 +0200)
author Jérôme Benoit <jerome.benoit@sap.com>
Thu, 7 Sep 2023 12:48:29 +0000 (14:48 +0200)
committer Jérôme Benoit <jerome.benoit@sap.com>
Thu, 7 Sep 2023 12:48:29 +0000 (14:48 +0200)
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml

index 3ce95224edc0a42a8d039f1a0b5773bab763c3dd..736af2eb8d3954fb81851bc2f00d1558657b5232 100644 (file)
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -18,6 +18,8 @@ jobs:
        - uses: actions/checkout@v4
          with:
            fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v3
        - uses: pnpm/action-setup@v2
          with:
            version: 8
@@ -58,6 +60,8 @@ jobs:
        - uses: actions/checkout@v4
          with:
            fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v3
        - uses: pnpm/action-setup@v2
          with:
            version: 8
author	Jérôme Benoit <jerome.benoit@sap.com>
	Thu, 7 Sep 2023 12:48:29 +0000 (14:48 +0200)
committer	Jérôme Benoit <jerome.benoit@sap.com>
	Thu, 7 Sep 2023 12:48:29 +0000 (14:48 +0200)