From 4e8b0024895f9a923c8e52ddcb97d1d1843407fd Mon Sep 17 00:00:00 2001
From: Wayne Starr <me@racer159.com>
Date: Mon, 20 May 2024 08:59:48 -0600
Subject: [PATCH] add dependency review workflow

---
 .github/workflows/dependency-review.yaml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 .github/workflows/dependency-review.yaml

diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml
new file mode 100644
index 0000000..5fdd1b2
--- /dev/null
+++ b/.github/workflows/dependency-review.yaml
@@ -0,0 +1,15 @@
+name: Dependency Review
+on: pull_request
+
+permissions:
+  contents: read
+
+jobs:
+  validate:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.4
+
+      - name: Dependency Review
+        uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2