Skip to content

2.4.0

Marketplace
Marketplace
Compare
Choose a tag to compare
@sarahkemi sarahkemi released this 23 Sep 20:14
· 1250 commits to main since this release
v2.4.0
375c537
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

We've added a new configuration option:

  • allow-ghsas: Specify a list of various GitHub Advisory IDs you want the action to skip and not fail on.
  dependency-review:
    runs-on: ubuntu-latest
    steps:
      - name: 'Checkout Repository'
        uses: actions/checkout@v3
      - name: 'Dependency Review'
        uses: actions/dependency-review-action@v2
        with: 
          allow-ghsas: 'GHSA-abcd-1234-5679, GHSA-efgh-1234-5679'
Assets 2
Loading