Skip to content

Bump anchore/scan-action from 3.6.4 to 4.0.0 #3885

Bump anchore/scan-action from 3.6.4 to 4.0.0

Bump anchore/scan-action from 3.6.4 to 4.0.0 #3885

name: "Dependency Review"
on: [pull_request]
permissions:
contents: read
jobs:
dependency-review:
runs-on: ubuntu-22.04
permissions:
contents: read
pull-requests: write
steps:
- name: "Checkout Repository"
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: "Dependency Review"
uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # v4.3.3
with:
config-file: "nginxinc/k8s-common/dependency-review-config.yml@main"