Skip to content

[meta]: Bump crowdin/github-action from 1.11.0 to 1.12.0 #56

[meta]: Bump crowdin/github-action from 1.11.0 to 1.12.0

[meta]: Bump crowdin/github-action from 1.11.0 to 1.12.0 #56

name: 'Dependency Review'
on: [pull_request, workflow_dispatch]
permissions:
contents: read
jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v3
- name: 'Dependency Review'
uses: actions/dependency-review-action@v3
with:
# Possible values: "critical", "high", "moderate", "low"
# fail-on-severity: critical
#
# Possible values in comma separated list: "unknown", "runtime", or "development"
fail-on-scopes: unknown, runtime, development
#
# Possible values: Any available git ref
base-ref: ${{ github.event.pull_request.base.ref || github.ref }}
head-ref: ${{ github.event.pull_request.head.ref || github.ref }}
#
# You can only include one of these two options: `allow-licenses` and `deny-licenses`. These options are not supported on Enterprise Server.
#
# Possible values: Any `spdx_id` value(s) from https://docs.github.com/en/rest/licenses
# allow-licenses: GPL-3.0, BSD-3-Clause, MIT
#
# Possible values: Any `spdx_id` value(s) from https://docs.github.com/en/rest/licenses
# deny-licenses: LGPL-2.0, BSD-2-Clause