From 07a9fd061d5f9a9b64c09e595154dddbb733e639 Mon Sep 17 00:00:00 2001 From: arkon Date: Wed, 13 Apr 2022 18:34:33 -0400 Subject: [PATCH] Add dependency review step to workflows --- .github/workflows/build_pull_request.yml | 8 +++++++- .github/workflows/build_push.yml | 8 +++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_pull_request.yml b/.github/workflows/build_pull_request.yml index 10de7be4f0..06ca19e33f 100644 --- a/.github/workflows/build_pull_request.yml +++ b/.github/workflows/build_pull_request.yml @@ -5,6 +5,9 @@ on: - '**.md' - 'app/src/main/res/**/strings.xml' +permissions: + contents: read + jobs: build: name: Build app @@ -12,11 +15,14 @@ jobs: steps: - name: Clone repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Validate Gradle Wrapper uses: gradle/wrapper-validation-action@v1 + - name: Dependency Review + uses: actions/dependency-review-action@v1 + - name: Set up JDK 11 uses: actions/setup-java@v1 with: diff --git a/.github/workflows/build_push.yml b/.github/workflows/build_push.yml index c65b2bb326..050976d2c6 100644 --- a/.github/workflows/build_push.yml +++ b/.github/workflows/build_push.yml @@ -6,6 +6,9 @@ on: tags: - v* +permissions: + contents: read + jobs: build: name: Build app @@ -19,11 +22,14 @@ jobs: all_but_latest: true - name: Clone repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Validate Gradle Wrapper uses: gradle/wrapper-validation-action@v1 + - name: Dependency Review + uses: actions/dependency-review-action@v1 + - name: Set up JDK 11 uses: actions/setup-java@v1 with: