Skip to content

use fill deadline buffer from env #2441

use fill deadline buffer from env

use fill deadline buffer from env #2441

name: "Dependency Review"
on: [pull_request]
permissions:
contents: read
jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: "Checkout Repository"
uses: actions/checkout@v4
- name: "Dependency Review"
uses: actions/dependency-review-action@v4
with:
fail-on-severity: high
# Comma-separated list of GHSA IDs to allow.
# We allow @openzeppelin/[email protected] critical vulnerabilities
# because they are not exploitable in our usage of the package.
allow-ghsas: GHSA-fg47-3c2x-m2wr, GHSA-88g8-f5mf-f5rj, GHSA-3h5v-q93c-6h6q