From 85171ac13f1a5fe92604ae13bd09e6a2bb641299 Mon Sep 17 00:00:00 2001
From: kyle <kylechen@amazon.com>
Date: Fri, 6 Oct 2023 08:35:18 -0700
Subject: [PATCH] chore(repo): dependency reviewer github action

---
 .github/dependency-review-config.yml     | 14 ++++++++++++++
 .github/workflows/dependency_review.yaml | 17 +++++++++++++++++
 2 files changed, 31 insertions(+)
 create mode 100644 .github/dependency-review-config.yml
 create mode 100644 .github/workflows/dependency_review.yaml

diff --git a/.github/dependency-review-config.yml b/.github/dependency-review-config.yml
new file mode 100644
index 0000000000..e7f32487a2
--- /dev/null
+++ b/.github/dependency-review-config.yml
@@ -0,0 +1,14 @@
+allow_licenses:
+  - "0BSD"
+  - "Apache-2.0"
+  - "BSD-1-Clause"
+  - "BSD-2-Clause-FreeBSD"
+  - "BSD-2-Clause"
+  - "BSD-3-Clause-Attribution"
+  - "BSD-3-Clause"
+  - "BSD-Source-Code"
+  - "bzip2-1.0.6"
+  - "CC0-1.0"
+  - "curl"
+  - "ISC"
+  - "MIT"
diff --git a/.github/workflows/dependency_review.yaml b/.github/workflows/dependency_review.yaml
new file mode 100644
index 0000000000..0a173c1144
--- /dev/null
+++ b/.github/workflows/dependency_review.yaml
@@ -0,0 +1,17 @@
+name: "Dependency Review"
+on:
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: "Checkout Repository"
+        uses: actions/checkout@v4
+      - name: "Dependency Review"
+        uses: actions/dependency-review-action@v3
+        with:
+          config-file: "./.github/dependency-review-config.yml"