ci: Adding Dependency Workflow #1

	---
	name: 'Dependency Review'
	on: # yamllint disable-line rule:truthy
	pull_request:
	branches:
	- 'main'
	workflow_dispatch: {}

	permissions:
	contents: 'read'

	jobs:
	dependency-review:
	name: 'Dependency Review'
	runs-on: 'ubuntu-latest'
	permissions:
	contents: 'read'
	pull-requests: 'write'
	steps:
	- name: 'Harden Runner'
	uses: 'step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6' # v2.8.1
	with:
	egress-policy: 'audit'

	- name: 'Checkout the repository'
	uses: 'actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332' # v4.1.7

	- name: 'Dependency Review'
	uses: 'actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c' # v4.3.4
	with:
	comment-summary-in-pr: true
	fail-on-severity: 'low'
	fail-on-scopes: 'runtime,development,unknown'
	show-openssf-scorecard: true
	vulnerability-check: true
	warn-on-openssf-scorecard-level: 7
	warn-only: false
	...

Provide feedback