Create dependency-review.yml (#122)

+ Configure Dependency Review Dependency review helps you understand dependency changes and the security impact of these changes at every pull request. It provides an easily understandable visualization of dependency changes with a rich diff on the "Files Changed" tab of a pull request. The warning for .github/workflows/dependency-review.yml is expected. https://coveord.atlassian.net/browse/DEF-657 J:DEF-657
coveo · Apr 28, 2023 · d370bb7 · d370bb7
1 parent 0f4b553
commit d370bb7
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -0,0 +1,18 @@
+name: 'Dependency Review'
+
+on:
+    pull_request:
+        branches:
+            - master
+
+permissions:
+    contents: read
+    pull-requests: write
+
+jobs:
+    dependency-Review:
+        name: Review
+        uses: coveo/public-actions/.github/workflows/dependency-review.yml@main
+        with:
+            public: true
+            distributed: true