Skip to content

Bump github/codeql-action from 3.26.9 to 3.26.10 in the github-actions group #856

Bump github/codeql-action from 3.26.9 to 3.26.10 in the github-actions group

Bump github/codeql-action from 3.26.9 to 3.26.10 in the github-actions group #856

name: Dependency Review
permissions: read-all
on: [pull_request]
jobs:
dependency-review:
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
api.deps.dev:443
api.github.com:443
github.com:443
- name: Checkout Repository
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Dependency Review
uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
with:
license-check: false
comment-summary-in-pr: on-failure
retry-on-snapshot-warnings: true
retry-on-snapshot-warnings-timeout: 600