feat: add dependency review action scan

Signed-off-by: Emilien Escalle <[email protected]>

.github/workflows/continuous-integration.yml

@@ -27,10 +27,15 @@ on:
         required: false
         default: true
       code-ql:
-        description: "Code QL analysis language. See https://github.com/github/codeql-action."
+        description: "Code QL analysis language. See <https://github.com/github/codeql-action>."
         type: string
         required: false
         default: "typescript"
+      dependency-review:
+        description: "Enable dependency review scan. See <https://github.com/actions/dependency-review-action>."
+        type: boolean
+        required: false
+        default: true
       test:
         description: "Optional flag to enable test."
         type: boolean
@@ -62,6 +67,16 @@ jobs:
           languages: ${{ inputs.code-ql }}
       - uses: github/codeql-action/[email protected]
 
+  dependency-review:
+    name: 🛡️ Dependency Review
+    if: github.event_name == 'pull_request' && inputs.checks == true && inputs.dependency-review
+    permissions:
+      contents: read
+    runs-on: "ubuntu-latest"
+    steps:      
+      - uses: hoverkraft-tech/ci-github-common/actions/[email protected]
+      - uses: actions/dependency-review-action@v4
+
   setup:
     name: ⚙️ Setup
     runs-on: "ubuntu-latest"