---
name: 'Dependency Review'
# yamllint disable-line rule:truthy
on:
  pull_request:
    branches:
      - '*'


permissions:
  contents: read

jobs:
  dependency-review:
    runs-on: ubuntu-latest
    steps:
      - name: 'Checkout Repository'
        uses: actions/checkout@v4
      - name: 'Dependency Review'
        uses: actions/dependency-review-action@v4
        with:
          allow-ghsas: GHSA-f4w6-3rh6-6q4q