ci(StepSecurity): Add Dependency Review Workflow (#779)

## Security Fixes

### Add Dependency Review Workflow

The Dependency Review Workflow enforces dependency reviews on your pull requests. The action scans for vulnerable versions of dependencies introduced by package version changes in pull requests, and warns you about the associated security vulnerabilities. This gives you better visibility of what's changing in a pull request, and helps prevent vulnerabilities being added to your repository.

- [Github Guide about Dependency Review](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review)
- [Github Guide for Configuring Dependency Review Action](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-dependency-review#using-inline-configuration-to-set-up-the-dependency-review-action)

Co-authored-by: StepSecurity Bot <[email protected]>

Author: MaxymVlasov

.github/workflows/dependency-review.yml

@@ -0,0 +1,29 @@
+---
+
+# Dependency Review Action
+#
+# This Action will scan dependency manifest files that change as part of a
+# Pull Request, surfacing known-vulnerable versions of the packages declared
+# or updated in the PR.
+# Once installed, if the workflow run is marked as required,
+# PRs introducing known-vulnerable packages will be blocked from merging.
+#
+# Source repository: https://github.com/actions/dependency-review-action
+name: Dependency Review
+
+on:
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout Repository
+      # yamllint disable-line rule:line-length
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
+    - name: Dependency Review
+      # yamllint disable-line rule:line-length
+      uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019  # v4.5.0