diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
index 1c7e92714d..29840ea3d5 100644
--- a/.github/workflows/pr.yaml
+++ b/.github/workflows/pr.yaml
@@ -69,6 +69,13 @@ jobs:
       - name: Check that make fakes has been run
         run: git diff --no-ext-diff --exit-code
 
+  ci-dependency-review:
+    name: CI Dependency Review
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
+
   build-push-image:
     name: CI Build Image
     uses: ./.github/workflows/build-push-image.yaml