From aa2b6b7b4ae196bea1563bdc0f86a9e86ea85041 Mon Sep 17 00:00:00 2001
From: OliverGiertz <oliver@vanityontour.de>
Date: Wed, 11 Mar 2026 09:10:29 +0000
Subject: [PATCH] fix(security-scan): set continue-on-error on Dependency
 Review step

Dependency Review requires GitHub Dependency Graph, which is not available
for iOS/SPM repos where packages are embedded in .xcodeproj. Marking as
non-blocking so CI does not fail on unsupported repo types.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .github/workflows/repo-pipeline.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/repo-pipeline.yml b/.github/workflows/repo-pipeline.yml
index 3cf8408..3f13834 100644
--- a/.github/workflows/repo-pipeline.yml
+++ b/.github/workflows/repo-pipeline.yml
@@ -173,6 +173,7 @@ jobs:
 
       - name: Dependency Review
         if: ${{ github.event_name == 'pull_request' }}
+        continue-on-error: true
         uses: actions/dependency-review-action@v4
 
   ai-review: