Skip to content

Bump @types/react-dom from 18.2.7 to 18.2.8 in /client #43

Bump @types/react-dom from 18.2.7 to 18.2.8 in /client

Bump @types/react-dom from 18.2.7 to 18.2.8 in /client #43

name: 'Dependency Review'
# When a PR is made and the dependencies change, check for vulnerabilities and that the
# licenses are permissive (not GPL).
on:
pull_request:
paths:
- 'server/requirements*.txt'
- 'client/package*.json'
workflow_dispatch:
permissions:
contents: read
pull-requests: write
jobs:
dependency-review:
name: 'Review Dependencies'
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v3
- name: 'Dependency Review'
uses: actions/dependency-review-action@v3
with:
comment-summary-in-pr: true
fail-on-severity: high
# We only want permissive licenses to allow
# people to take this project and run with it
deny-licenses: GPL-1.0-or-later