Fixed broken GHA and updated installation instructions

Workiva / dependency_validator

A tool to help you find missing, under-promoted, over-promoted, and unused dependencies.

Other

56 stars 18 forks source link

Closed matthewnitschke-wk closed 1 month ago

matthewnitschke-wk commented 1 month ago

The best practice suggestion is to install dependency_validator globally, instead of including it within the pubspec.yaml as a dev_dependency

Updated the readme to explain the best practice installation method, installing it globally
Fixed gha bug where sbom was failing due to being ran twice

aviary3-wk commented 1 month ago

No security relevant content was detected by automated scans.

Review PR for security impact; comment "security review required" if needed or unsure
Verify aviary.yaml coverage of security relevant code

Questions or Comments? Reach out on Slack: #support-infosec.

robbecker-wf commented 1 month ago

QA+1 CI passes and sbom attached still @Workiva/release-management-p