diff --git a/.github/workflows/depreview.yml b/.github/workflows/depreview.yml
new file mode 100644
index 0000000..ca976f8
--- /dev/null
+++ b/.github/workflows/depreview.yml
@@ -0,0 +1,17 @@
+# https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
+name: Dependency Review
+
+on:
+  pull_request:
+    branches: [main]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/dependency-review-action@v4