added acion trigger #26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: 'Dependency Review' | |
| on: [ pull_request, pull_request_target ] | |
| permissions: | |
| contents: read | |
| jobs: | |
| dependency_review: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| dependency_graph_results: ${{ steps.get_dependency_review.outputs.dependency_graph_results }} | |
| steps: | |
| - name: 'Checkout Repository' | |
| uses: actions/checkout@v4 | |
| # Configuration Options: https://github.com/actions/dependency-review-action/blob/main/README.md#configuration-options | |
| # Examples: https://github.com/actions/dependency-review-action/blob/main/docs/examples.md | |
| - name: Dependency Review | |
| id: dependency_review | |
| uses: actions/dependency-review-action@v3 | |
| - name: Get Dependency Review | |
| id: get_dependency_review | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| printenv | |
| # Default to the Dependency Review action arguments for base_ref/head_ref if they were provided. | |
| # Fallback to the GitHub event pull_request base sha/head sha. | |
| BASE_REF="${{ steps.dependency_review.with.base_ref || github.event.pull_request.base.sha }}" | |
| HEAD_REF="${{ steps.dependency_review.with.head_ref || github.event.pull_request.head.sha }}" | |
| # Get a diff of the dependencies between commits | |
| # References: https://docs.github.com/en/rest/dependency-graph/dependency-review?apiVersion=2022-11-28#get-a-diff-of-the-dependencies-between-commits | |
| gh api -H "Accept: application/vnd.github+json" -H "X-GitHub-Api-Version: 2022-11-28" \ | |
| "/repos/${{ github.repository }}/dependency-graph/compare/$BASE_REF...$HEAD_REF" \ | |
| > "dependency-graph-compare-$BASE_REF-$HEAD_REF.json" | |
| # add filepath to environment and output for later artifact upload and later use by other actions | |
| echo "dependency_graph_results=dependency-graph-compare-$BASE_REF-$HEAD_REF.json" >> $GITHUB_ENV | |
| echo "dependency_graph_results=dependency-graph-compare-$BASE_REF-$HEAD_REF.json" >> $GITHUB_OUTPUT | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: dependency_graph_results | |
| path: ${{ env.dependency_graph_results }} |