Merge pull request finos#806 from finos/fix-private-to-private-contri…

…butions feat: support secure interactions with private repositories 🔒
Psingle20 · Nov 20, 2024 · 6444224 · 6444224
2 parents d607655 + b408cae
commit 6444224
Show file tree

Hide file tree

Showing 5 changed files with 254 additions and 125 deletions.
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -9,13 +9,13 @@ jobs:
   dependency-review:
     runs-on: ubuntu-latest
     steps:
-     - name: 'Checkout Repository'
-       uses: actions/checkout@v4
-     - name: Dependency Review
-       uses: actions/dependency-review-action@v4
-       with:
-        comment-summary-in-pr: always
-        fail-on-severity: high
-        allow-licenses: MIT, Apache-2.0, BSD-3-Clause, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL-2.0, MPL-1.0, MPL-1.1, MPL-2.0
-        fail-on-scopes: development, runtime
-        allow-dependencies-licenses: 'pkg:npm/caniuse-lite'
+      - name: 'Checkout Repository'
+        uses: actions/checkout@v4
+      - name: Dependency Review
+        uses: actions/dependency-review-action@v4
+        with:
+          comment-summary-in-pr: always
+          fail-on-severity: high
+          allow-licenses: MIT, Apache-2.0, BSD-3-Clause, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL-2.0, MPL-1.0, MPL-1.1, MPL-2.0, Zlib
+          fail-on-scopes: development, runtime
+          allow-dependencies-licenses: 'pkg:npm/caniuse-lite'