Downgrade dependency-review-action to version 4.3.3

[carstingaxion]

Description of the Change

Following the description at actions/dependency-review-action#809 (comment)

Version 4.3.4 does not work with invalid license names in the config and since that version,
SPDX expression licenses are considered invalid (see: actions/dependency-review-action#792).

In short, remove all SPDX expressions from the config!
Note that if you have packages that use SPDX expressions, this will report them as invalid,
as support is not yet implemented (see: actions/dependency-review-action#263).

In that case you need to downgrade to version 4.3.3 where SPDX expressions are handled as exact strings !!

Closes # Hopefully fixes the failing GitHub workflow run on invalid licenses, that aren't invalid in reality.

How to test the Change

Changelog Entry

Changed - Downgrade version of dependency-review-action to prevent false-positives.

Credits

Props @carstingaxion

Checklist:

• I agree to follow this project's Code of Conduct.
• I have updated the documentation accordingly.
• I have added tests to cover my change.
• All new and existing tests pass.

[jeffpaul]

Any reason you didn't change to actions/dependency-review-action@v4.3.3?