-
Notifications
You must be signed in to change notification settings - Fork 0
32 lines (26 loc) · 1.08 KB
/
dependency_review.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
name: 'Dependency Review'
on: [ pull_request ]
permissions:
contents: read
jobs:
dependency_review:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v4
# Configuration Options: https://github.com/actions/dependency-review-action/blob/main/README.md#configuration-options
# Examples: https://github.com/actions/dependency-review-action/blob/main/docs/examples.md
- name: Dependency Review
id: dependency_review
uses: actions/dependency-review-action@v3
- name: Get Dependency Review
env:
GH_TOKEN: ${{ github.token }}
run: |
BASE_REF="${{ steps.dependency_review.with.base_ref || github.event.pull_request.base.sha }}"
HEAD_REF="${{ steps.dependency_review.with.head_ref || github.event.pull_request.head.sha }}"
REPO="${{ github.repository }}"
gh api \
-H "Accept: application/vnd.github+json" \
-H "X-GitHub-Api-Version: 2022-11-28" \
"/repos/$REPO/dependency-graph/compare/$BASE_REF...$HEAD_REF"