Merge pull request #2010 from arjundashrath/main

varunsh-coder · web-flow · commit 4af02341b1bd · 2023-03-19T13:00:00.000-07:00
Trim comments
diff --git a/testfiles/addworkflow/expected-dependency-review.yml b/testfiles/addworkflow/expected-dependency-review.yml
@@ -1,9 +1,11 @@
 # Dependency Review Action
 #
-# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
+# This Action will scan dependency manifest files that change as part of a Pull Request,
+# surfacing known-vulnerable versions of the packages declared or updated in the PR.
+# Once installed, if the workflow run is marked as required, 
+# PRs introducing known-vulnerable packages will be blocked from merging.
 #
 # Source repository: https://github.com/actions/dependency-review-action
-# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
 name: 'Dependency Review'
 on: [pull_request]
 
diff --git a/workflow-templates/dependency-review.yml b/workflow-templates/dependency-review.yml
@@ -1,9 +1,11 @@
 # Dependency Review Action
 #
-# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
+# This Action will scan dependency manifest files that change as part of a Pull Request,
+# surfacing known-vulnerable versions of the packages declared or updated in the PR.
+# Once installed, if the workflow run is marked as required, 
+# PRs introducing known-vulnerable packages will be blocked from merging.
 #
 # Source repository: https://github.com/actions/dependency-review-action
-# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
 name: 'Dependency Review'
 on: [pull_request]
 

Original file line number	Diff line number	Diff line change
`@@ -1,9 +1,11 @@`
`1`	`1`	`# Dependency Review Action`
`2`	`2`	`#`
`3`		`-# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.`
	`3`	`+# This Action will scan dependency manifest files that change as part of a Pull Request,`
	`4`	`+# surfacing known-vulnerable versions of the packages declared or updated in the PR.`
	`5`	`+# Once installed, if the workflow run is marked as required,`
	`6`	`+# PRs introducing known-vulnerable packages will be blocked from merging.`
`4`	`7`	`#`
`5`	`8`	`# Source repository: https://github.com/actions/dependency-review-action`
`6`		`-# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement`
`7`	`9`	`name: 'Dependency Review'`
`8`	`10`	`on: [pull_request]`
`9`	`11`