[ITSEC-2280] Fix the dependency review action (#247)

immutable-art · web-flow · commit 0bb8c0182e99 · 2024-10-11T13:37:29.000+08:00
* ITSEC-2280 Add Dependency Review job; Add SBOM signing.

* ITSEC-2280 Update CODEOWNERS to include Product Security on .github

* ITSEC-2280: Fix the dependency review action

Signed-off-by: immutable-art &lt;138187673+immutable-art@users.noreply.github.com&gt;

---------

Signed-off-by: immutable-art &lt;138187673+immutable-art@users.noreply.github.com&gt;
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -102,6 +102,10 @@ jobs:
       with:
         # Possible values: "critical", "high", "moderate", "low"
         fail-on-severity: critical
+
+        # Address https://github.com/actions/dependency-review-action/issues/456
+        base-ref: ${{ github.event.pull_request.base.sha || github.event.repository.default_branch }}
+        head-ref: ${{ github.event.pull_request.head.sha || github.ref }}
   publish:
     name: Publish to NPM (dry run)
     runs-on: ubuntu-latest
