unleash.unleash/.github/workflows/dependency-review.yml

name: Dependency review

on:
  pull_request:

permissions:
  contents: read
  pull-requests: write

jobs:
  license_review:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Dependency review
        uses: actions/dependency-review-action@v4
        with:
          fail-on-severity: moderate
          # 
          deny-licenses: GPL-1.0, GPL-2.0, GPL-3.0, LGPL-2.1, LGPL-3.0, MPL-2.0, AGPL-3.0
          comment-summary-in-pr: always