Dependency review improvements

Author: mabar

.github/workflows/dependency-review.yaml

@@ -1,15 +1,17 @@
 name: "Dependency Review"
 
 on:
-  pull_request:
+  pull_request_target:
     types: [ "opened", "synchronize", "edited", "reopened" ]
-    paths-ignore:
-      - "docs/**"
+    paths:
+      - "*"
+      - ".github/**"
   push:
     branches:
       - "**"
-    paths-ignore:
-      - "docs/**"
+    paths:
+      - "*"
+      - ".github/**"
 
 concurrency:
   group: "${{ github.workflow }}-${{ github.ref }}"
@@ -30,9 +32,18 @@ jobs:
     steps:
       - name: "Checkout"
         uses: "actions/checkout@v4"
+        with:
+          ref: "${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.ref }}"
 
       - name: "Dependency Review"
         uses: "actions/dependency-review-action@v4"
+        id: "dependency-review"
         with:
-          base-ref: "${{ github.event.before }}"
-          head-ref: "${{ github.sha }}"
+          base-ref: "${{ github.event_name == 'push' && github.event.before || '' }}"
+          head-ref: "${{ github.event_name == 'push' && github.sha || '' }}"
+
+      - name: "Show Review Results"
+        if: "${{ always() }}"
+        run: |
+          echo "Licenses Denied: ${{ steps.dependency-review.outputs.licenses_denied }}"
+          echo "Vulnerabilities: ${{ steps.dependency-review.outputs.vulnerabilities }}"