New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): Included dependency review #406
chore(deps): Included dependency review #406
Conversation
> Dependency Review GitHub Action in your repository to enforce dependency reviews on your pull requests. > The action scans for vulnerable versions of dependencies introduced by package version changes in pull requests, > and warns you about the associated security vulnerabilities. > This gives you better visibility of what's changing in a pull request, > and helps prevent vulnerabilities being added to your repository. https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
small request
5c86ca0
to
32e84f3
Compare
@cpanato A friendly ping. |
@naveensrinivasan can you add the tag as a comment like you did for the other PR? just to keep consistent thanks |
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
32e84f3
to
3bd3594
Compare
@cpanato Thanks took care of it! |
Signed-off-by: Batuhan Apaydın <batuhan.apaydin@trendyol.com>
https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveensrinivasan 172697+naveensrinivasan@users.noreply.github.com