This release includes a couple of new features (thanks @WillDaSilva and @tspascoal):
- The Action now includes a summary of the vulnerabilities and licenses detected:
You can see a live example by visiting: https://github.com/future-funk/redesigned-custom-spood/actions/runs/2883016064
- You can now use the Action in events different to
pull_request. You just need to provide ahead-shaandbase-shain your config file:
name: Dependency Review
uses: actions/dependency-review-action@v2
with:
# You can pass any git refs here
# base-ref: ${{ your_base_ref }}
# head-ref: ${{ your_head_ref }}Contributors
tspascoal and WillDaSilva