Skip to content

Bump vitest from 1.2.1 to 1.2.2 #11

Bump vitest from 1.2.1 to 1.2.2

Bump vitest from 1.2.1 to 1.2.2 #11

name: 'Dependency Review'
# When a PR is made and the dependencies change, check for vulnerabilities and that the
# licenses are permissive (not GPL).
on:
pull_request:
paths:
- 'package*.json'
workflow_dispatch:
permissions:
contents: read
pull-requests: write
jobs:
dependency-review:
name: 'Review Dependencies'
runs-on: ubuntu-latest
if: github.repository == 'usepa/haztrak'
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v3
- name: 'Dependency Review'
uses: actions/dependency-review-action@v3
with:
comment-summary-in-pr: true
fail-on-severity: high
# We only want permissive licenses to allow
# people to take this project and run with it
deny-licenses: GPL-1.0-or-later