diff --git a/dependency-graph/dependency-review.yml b/dependency-graph/dependency-review.yml new file mode 100644 index 0000000..6e46018 --- /dev/null +++ b/dependency-graph/dependency-review.yml @@ -0,0 +1,11 @@ +name: 'Dependency Review' +on: [pull_request] + +jobs: + dependency-review: + runs-on: ubuntu-latest + steps: + - name: 'Checkout Repository' + uses: actions/checkout@v3 + - name: 'Dependency Review' + uses: github/dependency-review-action@main diff --git a/dependency-graph/properties/dependency-review.properties.json b/dependency-graph/properties/dependency-review.properties.json new file mode 100644 index 0000000..e8a14a1 --- /dev/null +++ b/dependency-graph/properties/dependency-review.properties.json @@ -0,0 +1,17 @@ +{ + "name": "Dependency Review", + "creator": "GitHub", + "description": "Scans Pull Requests on each push for the introduction and/or resolution of vulnerable depdendencies to the repository", + "iconName": "octicon mark-github", + "categories": [ + "Dependency Graph", + "Dependency Review", + "Go", + "Java", + "JavaScript", + "TypeScript", + "Python", + "Ruby", + "Actions", + "PHP"] +}