Add Fleet Management > Agents view #137
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # π Dependency Review Workflow | |
| # | |
| # β‘ Overview: | |
| # This GitHub Action scans dependency manifest files modified in a Pull Request (PR) | |
| # to detect any declared or updated packages with known vulnerabilities. | |
| # | |
| # π« Automatic PR Blocking: | |
| # If this workflow is marked as required, PRs introducing known-vulnerable packages | |
| # will be blocked from merging, helping maintain a secure codebase. | |
| # | |
| # π Resources: | |
| # - ποΈ Source repository: https://github.com/actions/dependency-review-action | |
| # - π Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement | |
| # | |
| # π Key Features: | |
| # - π Scans dependency manifest files for changes in PRs. | |
| # - π‘οΈ Surfaces known-vulnerable versions of dependencies. | |
| # - π¨ Automatically blocks insecure dependency additions when configured. | |
| name: 'Dependency Review' | |
| on: [pull_request] | |
| concurrency: | |
| group: pr-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| dependency-review: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 'Checkout Repository' | |
| uses: actions/checkout@v4 | |
| - name: 'Dependency Review' | |
| uses: actions/dependency-review-action@v4 |