build(ci): make dependency review works on PRs

Signed-off-by: Jérôme Benoit <jerome.benoit@sap.com>

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 9ec012252124ee46a028c88024581cefde3a815d..a5bfe298373ae4e1a2337adf707c8eee120fb068 100644 (file)
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -19,11 +19,14 @@ jobs:
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
       - name: 'Dependency Review'
-        if: ${{ matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        if: ${{ github.event_name == 'push' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
         uses: actions/dependency-review-action@v3
         with:
-          base-ref: main
+          base-ref: ${{ github.ref_name }}
           head-ref: ${{ github.sha }}
+      - name: 'Pull Request Dependency Review'
+        if: ${{ github.event_name == 'pull_request' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        uses: actions/dependency-review-action@v3
       - uses: pnpm/action-setup@v2
         with:
           version: 8
@@ -65,11 +68,14 @@ jobs:
         with:
           fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
       - name: 'Dependency Review'
-        if: ${{ matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        if: ${{ github.event_name == 'push' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
         uses: actions/dependency-review-action@v3
         with:
-          base-ref: main
+          base-ref: ${{ github.ref_name }}
           head-ref: ${{ github.sha }}
+      - name: 'Pull Request Dependency Review'
+        if: ${{ github.event_name == 'pull_request' && matrix.os == 'ubuntu-latest' && matrix.node == '18.x' }}
+        uses: actions/dependency-review-action@v3
       - uses: pnpm/action-setup@v2
         with:
           version: 8