From db7c6d68e53efd4a01ccf5a8484f23501b150dd9 Mon Sep 17 00:00:00 2001
From: Louis Bompart <lbompart@coveo.com>
Date: Fri, 12 Jul 2024 14:37:58 +0200
Subject: [PATCH] chore: temporary lock dep-review-action on 4.3.3

4.3.4 introduce a new spdx parsing logic which I think blow stuff up.
Let's first solve the problem live, then see what we can/should do to update.
---
 .github/workflows/dependency-review.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index 9d1ffd7..dd36063 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -74,7 +74,7 @@ jobs:
             core.setFailure(`Could not determine configuration for inputs: ${inputs}`)
 
       - name: Scan
-        uses: actions/dependency-review-action@v4
+        uses: actions/dependency-review-action@v4.3.3
         with:
           comment-summary-in-pr: ${{ inputs.comment-summary-in-pr }}
           fail-on-severity: ${{ inputs.fail-on-severity }}