.github/workflows/depsreview: new check (#3156)

Dependency Review GitHub Action in your repository to enforce dependency Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
author: Naveen <172697+naveensrinivasan@users.noreply.github.com> 2022-07-26 17:27:42 -0500
committer: GitHub <noreply@github.com> 2022-07-27 00:27:42 +0200
commit: da9d03669ac84e25e303cf11114203051e1454da (patch)
tree: 97ab00f0bd31da389fb8d99be9cf36b033e45773 /.github
parent: ae971e66e6b41b3eb70621133438577ea9c01c0a (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/.github/workflows/depsreview.yaml b/.github/workflows/depsreview.yaml
new file mode 100644
index 000000000..1a53f9013
--- /dev/null
+++ b/.github/workflows/depsreview.yaml
@@ -0,0 +1,19 @@
+# Copyright 2020 syzkaller project authors. All rights reserved.
+# Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
+
+# GitHub workflow reference:
+# https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout Repository'
+        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@a9c83d3af6b9031e20feba03b904645bb23d1dab
author	Naveen <172697+naveensrinivasan@users.noreply.github.com>	2022-07-26 17:27:42 -0500
committer	GitHub <noreply@github.com>	2022-07-27 00:27:42 +0200
commit	da9d03669ac84e25e303cf11114203051e1454da (patch)
tree	97ab00f0bd31da389fb8d99be9cf36b033e45773 /.github
parent	ae971e66e6b41b3eb70621133438577ea9c01c0a (diff)