---
name: OSV-Scanner PR Scan

on:
  pull_request:
  workflow_dispatch:

permissions: {}

jobs:
  scan-pr:
    permissions:
      # Require writing security events to upload SARIF file to security tab
      security-events: write
      # Only need to read contents
      contents: read
      actions: read

    # yamllint disable rule:line-length
    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@19ec1116569a47416e11a45848722b1af31a857b"  # v1.9.0