chore: dep review workflow whitelist

jaybuidl · jaybuidl · commit 3e1118d5f0c6 · 2025-02-03T21:13:13.000Z
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -2,12 +2,12 @@
 #
 # This Action will scan dependency manifest files that change as part of a Pull Request,
 # surfacing known-vulnerable versions of the packages declared or updated in the PR.
-# Once installed, if the workflow run is marked as required, 
+# Once installed, if the workflow run is marked as required,
 # PRs introducing known-vulnerable packages will be blocked from merging.
 #
 # Source repository: https://github.com/actions/dependency-review-action
 name: 'Dependency Review'
-on: 
+on:
   merge_group:
   pull_request:
 
@@ -25,6 +25,7 @@ jobs:
           egress-policy: block
           allowed-endpoints: >
             api.github.com:443
+            api.deps.dev:443
             github.com:443
             pipelinesghubeus2.actions.githubusercontent.com:443
             acghubeus1.actions.githubusercontent.com:443
