From 69bdd1f21d8c3641c892f767ff3594bad34e2bae Mon Sep 17 00:00:00 2001 From: Takashi Masuda Date: Tue, 1 Oct 2024 18:44:38 +0900 Subject: [PATCH] Introduce Dependency Review workflow --- .github/workflows/dependency_review.yml | 32 +++++++++++++++++++++++++ README.md | 1 + 2 files changed, 33 insertions(+) create mode 100644 .github/workflows/dependency_review.yml diff --git a/.github/workflows/dependency_review.yml b/.github/workflows/dependency_review.yml new file mode 100644 index 0000000..c1e4893 --- /dev/null +++ b/.github/workflows/dependency_review.yml @@ -0,0 +1,32 @@ +# ## Summary +# +# Run Dependency Review, which is GitHub Advanced Security a feature + +# ## Usage +# +# name: Dependency Review +# +# on: [pull_request] +# +# jobs: +# dependency_review: +# uses: route06/actions/.github/workflows/dependency_review.yml@v2 + +# ## Reference +# +# https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review + +name: Dependency Review + +on: + workflow_call: + +jobs: + dependency_review: + runs-on: ubuntu-latest + timeout-minutes: 10 + permissions: + contents: read + steps: + - uses: actions/checkout@v4 + - uses: actions/dependency-review-action@v4 diff --git a/README.md b/README.md index 1073812..eabccf7 100644 --- a/README.md +++ b/README.md @@ -14,6 +14,7 @@ ROUTE06内外から使われることを想定したGitHub ActionsのReusable Wo * [codeql.yml](./.github/workflows/codeql.yml) * [create_gh_discussion.yml](./.github/workflows/create_gh_discussion.yml) * [create_gh_issue.yml](./.github/workflows/create_gh_issue.yml) +* [dependency_review.yml](./.github/workflows/dependency_review.yml) * [get_last_discussion_url.yml](./.github/workflows/get_last_discussion_url.yml) * [gh_discussion_comment_to_slack.yml](./.github/workflows/gh_discussion_comment_to_slack.yml) * [notify_slack_on_ci_failed.yml](./.github/workflows/notify_slack_on_ci_failed.yml)