From 0624d5bac3cedc59bf9e3cfd3a9f05cde4574366 Mon Sep 17 00:00:00 2001
From: HelloFresh Github Actions Bot
 <hf-ghactions-bot@users.noreply.github.com>
Date: Mon, 2 Sep 2024 14:36:21 +0000
Subject: [PATCH] Update  Workflows [ci skip]

---
 .github/workflows/hf_pr-dependency-review.yml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 .github/workflows/hf_pr-dependency-review.yml

diff --git a/.github/workflows/hf_pr-dependency-review.yml b/.github/workflows/hf_pr-dependency-review.yml
new file mode 100644
index 0000000..2bf7b1d
--- /dev/null
+++ b/.github/workflows/hf_pr-dependency-review.yml
@@ -0,0 +1,18 @@
+# This workflow is centrally managed in
+# https://github.com/hellofresh/github-automation/blob/master/modules/repository/shared-workflows/pr-dependency-review.yml
+
+# This workflow is for dependency review. It is used to check vulnerability in dependencies before merging the PR.
+# It is managed by squad-application-security.
+
+---
+name: Dependency Review PR
+
+on: [pull_request]
+
+jobs:
+  pull_request_review:
+    permissions:
+      contents: read
+      pull-requests: write
+    name: Dependency Review
+    uses: hellofresh/ghas-rules/.github/workflows/dependency-review-reusable.yml@master