Add dependency review action

platformsh · Dec 16, 2024 · 30fb185 · 30fb185
1 parent 802f483
commit 30fb185
Showing 1 changed file with 9 additions and 8 deletions.
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -1,21 +1,22 @@
-name: Secret scanning
+name: Security
+on: [pull_request]
 
-on:
-  push:
-    branches:
-  pull_request:
-    branches:
+permissions:
+  contents: read
 
 jobs:
-  scan:
+  check:
     runs-on: ubuntu-latest
 
     steps:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
-      - name: Scan for secrets
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v4
+
+      - name: 'Scan for secrets'
         uses: trufflesecurity/trufflehog@main
         with:
           extra_args: --only-verified