A research GitHub Action to check for Unsafe Dependency Changes

[supatsara-wat]

We would like to recommend an action we created to help Open Source Projects, especially when dealing with code changes that might be unsafe when updating dependencies.

FYI - This project was flagged as having such PRs.

https://github.com/marketplace/actions/depsafe.

The code is fairly simple, and it simply flags whenever a require() function is being introduced, as it brings in external resources.

Asia and Raula. @raux

[dfahlander]

I think we will wait with introducing this until it becomes more stable. I suppose you should extend the checks in your source to not just look in .js files but also .ts, .tsx, .jsx, .svelte, etc and also check for import, not just require. Thanks anyway for the notice.