From 445e572d403471313a3ba714f1721293e09709ba Mon Sep 17 00:00:00 2001
From: Mark Goddard <mark@stackhpc.com>
Date: Wed, 28 Jun 2023 15:27:49 +0100
Subject: [PATCH] CI: Add GitHub dependency review

Checks for vulnerabilities when dependencies are changed.
---
 .github/workflows/pull-request.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
index f74e0f4..d886bdf 100644
--- a/.github/workflows/pull-request.yml
+++ b/.github/workflows/pull-request.yml
@@ -91,3 +91,11 @@ jobs:
       - name: Stop active storage container
         run: make stop
         if: always()
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Dependency Review
+        uses: actions/dependency-review-action@v3