mirror of
https://github.com/MichMich/MagicMirror.git
synced 2025-07-19 18:31:52 +00:00
719eca49fe
- node-ical use `0.18.0` instead of `^0.18.0` in `package.json` - cleanup `package-lock.json`
21 lines
585 B
YAML
21 lines
585 B
YAML
# This workflow scans your pull requests for dependency changes, and will raise an error if any vulnerabilities or invalid licenses are being introduced.
|
|
# For more information see: https://github.com/actions/dependency-review-action
|
|
|
|
name: "Review Dependencies"
|
|
|
|
on: [pull_request]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
dependency-review:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: "Checkout code"
|
|
uses: actions/checkout@v4
|
|
- name: "Dependency Review"
|
|
uses: actions/dependency-review-action@v4
|
|
with:
|
|
allow-ghsas: GHSA-8hc4-vh64-cxmj
|