build(deps): bump actions/dependency-review-action from 4.3.3 to 4.3.… #89

	name: POP - poutine on poutine

	on:
	push:
	branches: [ main ]
	paths:
	- .github/workflows/**
	- action.yml

	pull_request:
	branches: [ main ]
	paths:
	- .github/workflows/**
	- action.yml
	- '!README.md'
	- '!LICENSE'
	- '!docs/**'
	- '!.github/**'

	permissions: {}

	jobs:
	pop:
	runs-on: ubuntu-latest
	permissions:
	security-events: write
	contents: read
	steps:
	- uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
	with:
	disable-sudo: true
	egress-policy: audit
	allowed-endpoints: >
	github.com:443
	api.github.com:443
	codeload.github.com:443
	objects.githubusercontent.com:443
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
	- uses: boostsecurityio/poutine-action@main # Dogfood the latest action
	name: "Run poutine on poutine's own codebase"
	id: self-test
	- name: Upload SARIF file
	uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
	with:
	sarif_file: results.sarif

Provide feedback