Skip to content

Bump actions/attest-build-provenance from 1.1.2 to 1.2.0 #330

Bump actions/attest-build-provenance from 1.1.2 to 1.2.0

Bump actions/attest-build-provenance from 1.1.2 to 1.2.0 #330

name: 'Dependency Review'
on: [pull_request]
permissions:
contents: read
jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v4
- name: 'Dependency Review'
uses: actions/dependency-review-action@v4
with:
allow-dependencies-licenses: 'pkg:pypi/cwe2'
deny-licenses: GPL-2.0-only, GPL-2.0-or-later, GPL-3.0, GPL-3.0-or-later, LGPL-2.1-only, LGPL-2.1-or-later, LGPL-3.0-only, LGPL-3.0-or-later