chore: updated dependency review settings

KittyChiu · web-flow · commit a2f0f970a549 · 2026-02-18T13:58:04.000+11:00
Updated dependency review configuration to fail only on high severity vulnerabilities and added comments for clarity.
diff --git a/.github/dependency-review-config.yml b/.github/dependency-review-config.yml
@@ -1,11 +1,14 @@
-fail-on-severity: moderate
+# Dependency review configuration for GitHub Well-Architected Framework
+# Optimized for static site operations - balancing security with maintenance effort
 
-comment-summary-in-pr: always
+# Only fail on high severity vulnerabilities (includes both high and critical severity levels)
+fail-on-severity: high
 
-# allow-licenses:
-#   - MIT
+# Always provide PR comments summarizing dependency changes
+comment-summary-in-pr: always
 
+# Only fail on runtime and unknown scope vulnerabilities
+# Development dependencies are excluded to reduce noise for this static site
 fail-on-scopes:
-  - development
   - runtime
   - unknown
