Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): Included dependency review #4771

Merged
merged 2 commits into from Jun 18, 2022
Merged

chore(deps): Included dependency review #4771

merged 2 commits into from Jun 18, 2022

Conversation

naveensrinivasan
Copy link
Contributor

Dependency Review GitHub Action in your repository to enforce dependency
reviews on your pull requests.
The action scans for vulnerable versions of dependencies introduced by package version
changes in pull requests,
and warns you about the associated security vulnerabilities.
This gives you better visibility of what's changing in a pull request,
and helps prevent vulnerabilities being added to your repository.

https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveen 172697+naveensrinivasan@users.noreply.github.com

naveensrinivasan and others added 2 commits June 3, 2022 22:01
@naveensrinivasan
chore(deps): Included dependency review
e72ccfc 
> Dependency Review GitHub Action in your repository to enforce dependency
> reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version
> changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.

https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
@jasonsaayman
Merge branch 'v1.x' into Dependency-GitHub
0c7a994
@jasonsaayman jasonsaayman merged commit 6ac313a into axios:v1.x Jun 18, 2022
@redpeacock78 redpeacock78 mentioned this pull request Oct 5, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@naveensrinivasan @jasonsaayman