deps: bump the production-dependencies group with 2 updates #4

	# 'Dependency Review' Reusable Workflow
	#
	# Note: Override the default configuration by providing a './.github/dependency-review.yml' in your repo.

	name: 'Dependency Review'

	on:
	pull_request:
	workflow_call:

	permissions:
	contents: read
	pull-requests: write

	jobs:
	dependency-review:
	runs-on: ubuntu-latest
	steps:
	- name: 'Checkout Repository'
	uses: actions/checkout@v4

	- name: 'Check for configuration file'
	id: config
	env:
	GH_TOKEN: ${{ github.token }}
	run: \|
	set -e
	if [ -f "./.github/dependency-review.yml" ]; then
	echo "Found local configuration file"

	echo "config=./.github/dependency-review.yml" >> $GITHUB_STATE

	else
	echo "No local configuration file found"
	echo "Using configuration file from advanced-security/reusable-workflows repository"

	echo "config=advanced-security/reusable-workflows/.github/dependency-review.yml@main" >> $GITHUB_STATE

	fi

	- name: 'Dependency Review'
	uses: actions/dependency-review-action@v4
	with:
	config-file: ${{ steps.config.outputs.config }}
	comment-summary-in-pr: "always"

Provide feedback