Added dependency review action (#14844)

openvinotoolkit · Dec 29, 2022 · 1ef17c5 · 1ef17c5
1 parent 13c8b4f
commit 1ef17c5
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 0 deletions.
diff --git a/.github/dependency_review.yml b/.github/dependency_review.yml
@@ -0,0 +1,11 @@
+fail-on-severity: 'low'
+allow-licenses:
+  - 'BSD-3-Clause'
+  - 'MIT'
+  - 'Apache-2.0'
+fail-on-scopes:
+  - 'runtime'
+  - 'development'
+  - 'unknown'
+license-check: true
+vulnerability-check: true
diff --git a/.github/workflows/dependency_review.yml b/.github/workflows/dependency_review.yml
@@ -0,0 +1,17 @@
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Clone OpenVINO
+        uses: actions/checkout@v3
+
+      - name: Dependency Review
+        uses: actions/dependency-review-action@v3
+        with:
+          config-file: './.github/dependency_review.yml'