From 76ec7220e56c13f267eaecdeaa58a6973f38a600 Mon Sep 17 00:00:00 2001
From: =?utf8?q?J=C3=A9r=C3=B4me=20Benoit?= <jerome.benoit@sap.com>
Date: Thu, 7 Sep 2023 14:48:29 +0200
Subject: [PATCH] build(ci): add dependency review step
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jérôme Benoit <jerome.benoit@sap.com>
---
 .github/workflows/ci.yml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 3ce95224..736af2eb 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -18,6 +18,8 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v3
       - uses: pnpm/action-setup@v2
         with:
           version: 8
@@ -58,6 +60,8 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v3
       - uses: pnpm/action-setup@v2
         with:
           version: 8
-- 
2.34.1