Bump actions/checkout from 4.1.0 to 4.1.1 #133
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Dependency Review | |
| on: pull_request | |
| # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#concurrency | |
| # Concurrent workflows are grouped by the PR or branch that triggered them | |
| # (github.ref) and the name of the workflow (github.workflow). The | |
| # 'cancel-in-progress' option then make sure that only one workflow is running | |
| # at a time. This doesn't prevent new jobs from running, rather it cancels | |
| # already running jobs before scheduling new jobs. | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }}-${{ github.event_name == 'pull_request' || github.sha }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| dependency-review: | |
| name: Dependency Review | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout tree | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| - name: Dependency Review | |
| uses: actions/dependency-review-action@6c5ccdad469c9f8a2996bfecaec55a631a347034 # v3.1.0 |