From bb806f471bae7378a39db8f532e22cded78b1f68 Mon Sep 17 00:00:00 2001 From: Kevin Lalumiere Date: Mon, 25 Sep 2023 18:45:59 -0400 Subject: [PATCH] Make Dependency Review less verbose The comment summary in PR `on-failure` is a good compromise between `never` and `always`. See [the description](https://github.com/actions/dependency-review-action/blob/main/action.yml#L48) that I copy-pasted and [the documentation of the option `comment-summary-in-pr`](https://github.com/actions/dependency-review-action#configuration-options). J:IDXINFRA-1706 --- .github/workflows/dependency-review.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 5752b96..1965488 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -12,10 +12,10 @@ on: type: boolean default: true comment-summary-in-pr: - description: A boolean to determine if the report should be posted as a comment in the PR itself. + description: Determines if the summary is posted as a comment in the PR itself. Setting this to `always` or `on-failure` requires you to give the workflow the write permissions for pull-requests required: false - type: boolean - default: true + default: on-failure + type: string jobs: dependency-review: