Update codeql-analysis.yml

Author: ThomasJejkal

.github/workflows/codeql-analysis.yml

@@ -109,6 +109,10 @@ jobs:
 
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@v2
+        with:
+          allow-licenses: MIT, Apache-2.0, ISC, BSD-2-Clause, 0BSD, NOASSERTION
+          base-ref: ${{ github.event.pull_request.base.sha || 'main' }}
+          head-ref: ${{ github.event.pull_request.head.sha || github.ref }}
 
       - name: Scan the image and upload dependency results
         uses: anchore/sbom-action@v0