From 440fda33a9f22a22413b80bcc7fd697d2382b9cd Mon Sep 17 00:00:00 2001 From: Kevin Lalumiere Date: Wed, 27 Sep 2023 09:48:00 -0400 Subject: [PATCH] Make Dependency Review less verbose (#22) The comment summary in PR `on-failure` is a good compromise between `never` and `always`. See [the description](https://github.com/actions/dependency-review-action/blob/main/action.yml#L48) that I copy-pasted and [the documentation of the option `comment-summary-in-pr`](https://github.com/actions/dependency-review-action#configuration-options). J:IDXINFRA-1706 --- .github/workflows/dependency-review.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 5752b96..1965488 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -12,10 +12,10 @@ on: type: boolean default: true comment-summary-in-pr: - description: A boolean to determine if the report should be posted as a comment in the PR itself. + description: Determines if the summary is posted as a comment in the PR itself. Setting this to `always` or `on-failure` requires you to give the workflow the write permissions for pull-requests required: false - type: boolean - default: true + default: on-failure + type: string jobs: dependency-review: