chore(deps): bump actions/dependency-review-action from 3 to 4 (#326) #516

	name: Node.js CI

	on: [push, pull_request]

	jobs:
	dependency-review:
	name: Dependency Review
	if: github.event_name == 'pull_request'
	runs-on: ubuntu-latest
	permissions:
	contents: read
	steps:
	- name: Check out repo
	uses: actions/checkout@v4
	with:
	persist-credentials: false

	- name: Dependency review
	uses: actions/dependency-review-action@v4

	test:
	runs-on: ubuntu-latest

	permissions:
	contents: read

	strategy:
	matrix:
	node-version: [14, 16, 18, 20]

	steps:
	- name: Check out repo
	uses: actions/checkout@v4
	with:
	persist-credentials: false

	- name: Setup Node ${{ matrix.node-version }}
	uses: actions/setup-node@v4
	with:
	node-version: ${{ matrix.node-version }}

	- name: Install dependencies
	run: npm i --ignore-scripts

	- name: Run tests
	run: npm test

	automerge:
	name: Automerge Dependabot PRs
	if: >
	github.event_name == 'pull_request' &&
	github.event.pull_request.user.login == 'dependabot[bot]'
	needs: test
	permissions:
	pull-requests: write
	contents: write
	runs-on: ubuntu-latest
	steps:
	- uses: fastify/github-action-merge-dependabot@v3
	with:
	github-token: ${{ secrets.GITHUB_TOKEN }}
	target: minor

Provide feedback