actions/dependency-review-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
15 Commits 1 Branch 0 Tags
ac46ae2e5bf1384cdbdab75057711d3c7d336cd4
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Lane Seppala ac46ae2e5b Merge pull request #16 from actions/dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-5.18.0 
Bump @typescript-eslint/eslint-plugin from 5.17.0 to 5.18.0
2022-04-04 17:02:50 -06:00
__tests__
initial commit
2022-03-31 18:31:39 +02:00
.github
initial commit
2022-03-31 18:31:39 +02:00
dist
initial commit
2022-03-31 18:31:39 +02:00
scripts
initial commit
2022-03-31 18:31:39 +02:00
src
initial commit
2022-03-31 18:31:39 +02:00
.eslintignore
initial commit
2022-03-31 18:31:39 +02:00
.eslintrc.json
initial commit
2022-03-31 18:31:39 +02:00
.gitattributes
initial commit
2022-03-31 18:31:39 +02:00
.gitignore
initial commit
2022-03-31 18:31:39 +02:00
.prettierignore
initial commit
2022-03-31 18:31:39 +02:00
.prettierrc.json
initial commit
2022-03-31 18:31:39 +02:00
action.yml
initial commit
2022-03-31 18:31:39 +02:00
CODE_OF_CONDUCT.md
initial commit
2022-03-31 18:31:39 +02:00
CODEOWNERS
initial commit
2022-03-31 18:31:39 +02:00
CONTRIBUTING.md
initial commit
2022-03-31 18:31:39 +02:00
jest.config.js
initial commit
2022-03-31 18:31:39 +02:00
LICENSE
initial commit
2022-03-31 18:31:39 +02:00
package-lock.json
Bump @typescript-eslint/eslint-plugin from 5.17.0 to 5.18.0
2022-04-04 22:59:44 +00:00
package.json
Bump @typescript-eslint/eslint-plugin from 5.17.0 to 5.18.0
2022-04-04 22:59:44 +00:00
README.md
initial commit
2022-03-31 18:31:39 +02:00
SECURITY.md
initial commit
2022-03-31 18:31:39 +02:00
tsconfig.json
initial commit
2022-03-31 18:31:39 +02:00

README.md

dependency-review-action

This Action scans your pull requests for vulnerabilities introduced when adding or updating your project's dependencies. A check in your Pull Requests will let notify you of the results.

Screen Shot 2022-03-31 at 1 10 51 PM

Installation

  1. Add a new YAML workflow to your .github/workflows folder:
name: 'Dependency Review'
on: [pull_request]

permissions:
  contents: read

jobs:
  dependency-review:
    runs-on: ubuntu-latest
    steps:
      - name: 'Checkout Repository'
        uses: actions/checkout@v3
      - name: 'Dependency Review'
        uses: actions/dependency-review-action@v1

Getting help

If you have bug reports, questions or suggestions please create a new issue.

Contributing

We are grateful for any contributions made to this project.

Please read CONTRIBUTING.MD to get started.

License

This project is released under the MIT License.

Description
Mirror of github.com/actions/dependency-review-action
Readme 51 MiB
Languages
TypeScript 98.2%
Ruby 1.7%
JavaScript 0.1%