Dependency Review triggers

[akhanhextech]

Description

Occasionally the GH Action for Dependency Review stays stuck waiting for the workflow to kick off. That may be correlated to rebases (like changing the base to main), but unclear. Making the following changes as potential fixes.

1. Adding "concurrency" config to cancel older runs. Just in case we're triggering several runs, causing a backlog.
2. Adding "edited" event as trigger, to make sure we trigger on rebase.

Testing

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit a8b4a40. Configure here.}

[cursor]

Unmentioned removal of labeled/unlabeled event triggers

Low Severity

The labeled and unlabeled pull request event triggers were removed, but the PR description only mentions adding the edited trigger and concurrency config — it doesn't mention removing any existing triggers. These triggers may have been used to allow re-running dependency review by toggling a label on a PR. This looks like an accidental removal during editing of the trigger list.

 

^{Reviewed by Cursor Bugbot for commit a8b4a40. Configure here.}