From f176ff532f9e182fb65ea08a798f407d9e5ba8a9 Mon Sep 17 00:00:00 2001
From: Colin Adler <colin1adler@gmail.com>
Date: Fri, 17 May 2024 11:55:30 -0500
Subject: [PATCH] ci: re-pin `actions/dependency-review-action` back to a
 release (#13309)

---
 .github/workflows/ci.yaml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 49ad712b7d..0033192555 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -916,8 +916,7 @@ jobs:
         uses: actions/checkout@v4
       - name: "Dependency Review"
         id: review
-        # TODO: Replace this with the latest release once https://github.com/actions/dependency-review-action/pull/761 is merged.
-        uses: actions/dependency-review-action@82ab8f69c78827a746628706b5d2c3f87231fd4c
+        uses: actions/dependency-review-action@v4.3.2
         with:
           allow-licenses: Apache-2.0, BSD-2-Clause, BSD-3-Clause, CC0-1.0, ISC, MIT, MIT-0, MPL-2.0
           allow-dependencies-licenses: "pkg:golang/github.com/pelletier/go-toml/v2"