GenAIExamples/.github/workflows/dependency-review.yml

# Copyright (C) 2024 Intel Corporation
# SPDX-License-Identifier: Apache-2.0

name: "Dependency Review"
on: [pull_request]

permissions:
  contents: read
jobs:
  dependency-review:
    runs-on: ubuntu-latest
    permissions:
      pull-requests: write
    steps:
      - name: "Checkout Repository"
        uses: actions/checkout@v4
      - name: Dependency Review
        uses: actions/dependency-review-action@v4
        with:
          comment-summary-in-pr: "always"
          fail-on-severity: "low"
          warn-only: true
          show-openssf-scorecard: false