build(deps): Bump actions/dependency-review-action from 4.3.2 to 4.3.4 #271

	---
	name: PR Dependency Review
	on: [pull_request]

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	permissions:
	contents: read

	jobs:
	dependency-review:
	runs-on: ubuntu-latest
	name: Scan for issues
	permissions:
	pull-requests: write
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
	with:
	disable-sudo: true
	egress-policy: block
	allowed-endpoints: >
	api.github.com:443
	github.com:443
	objects.githubusercontent.com:443
	proxy.golang.org:443
	sum.golang.org:443

	- name: Checkout Repository
	uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6

	- name: Dependency Review
	uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
	with:
	fail-on-severity: low
	license-check: true
	vulnerability-check: true
	comment-summary-in-pr: on-failure
	allow-licenses: Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, MPL-2.0, MIT

Provide feedback