Update oss_pygoat-devsecops-basic.yml

emmanuel-knafo · web-flow · commit de8a92f879c0 · 2024-05-27T18:42:58.000-04:00
diff --git a/.github/workflows/oss_pygoat-devsecops-basic.yml b/.github/workflows/oss_pygoat-devsecops-basic.yml
@@ -169,6 +169,17 @@ jobs:
       #   with:
       #      name: Depcheck report
       #      path: ${{github.workspace}}/reports
+      - name: Dependency Review
+        uses: actions/dependency-review-action@v4.3.2
+        with:
+          # Token for the repository. Can be passed in using `{{ secrets.GITHUB_TOKEN }}`.
+          repo-token: ${{ github.token }} # optional, default is ${{ github.token }}
+          # A boolean to determine if license checks should be performed
+          license-check: true # optional
+          # A boolean to determine if vulnerability checks should be performed
+          vulnerability-check: true # optional          
+          # Show a summary of the OpenSSF Scorecard scores.
+          show-openssf-scorecard: true # optional          
   test-run_devopsshield_scan_linux:
     name: Run DevOps Shield Scan Linux
     needs:
