Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detecting Un-Known license package "Vulcan.Maui.Template" while scanning MAUI project in Black Duck #23111

Closed
deviprasad987 opened this issue Jun 18, 2024 · 7 comments
Closed

Detecting Un-Known license package "Vulcan.Maui.Template" while scanning MAUI project in Black Duck #23111

deviprasad987 opened this issue Jun 18, 2024 · 7 comments
Labels
area-infrastructure CI, Maestro / Coherency, upstream dependencies/versions platform/android 🤖 s/needs-info Issue needs more info from the author s/no-recent-activity Issue has had no recent activity t/bug Something isn't working

Comments

@deviprasad987
Copy link

deviprasad987 commented Jun 18, 2024
edited
Loading

Description

We have created project in MAUI, and using Black duck for security vulnerabilities while scanning the MAUI application with Black duck it got detected "Vulcan.Maui.Template" package for Android and MacCatalyst projects but we haven't installed any such packages and there is no references for the same. Could you please help in this.

Please refer the below image for the reference.

image

Below is the content of the Android and MacCatalyst
image

Steps to Reproduce

  1. Create a MAUI application.
  2. Scan the application using Black Duck.
  3. The Black duck tool detecting un-known license package "Vulcan.Maui.Template" In Android and MacCatalyst projects.

Link to public reproduction project repository

No response

Version with bug

Unknown/Other

Is this a regression from previous behavior?

No, this is something new

Last version that worked well

Unknown/Other

Affected platforms

Android

Affected platform versions

Android, MacCatalyst

Did you find any workaround?

No response

Relevant log output

No response
@deviprasad987 deviprasad987 added the t/bug Something isn't working label Jun 18, 2024
@deviprasad987 deviprasad987 changed the title Detecting "Vulcan.Maui.Template" package while scanning MAUI project in Black Duck Detecting Un-Known license package "Vulcan.Maui.Template" package while scanning MAUI project in Black Duck Jun 18, 2024
@deviprasad987 deviprasad987 changed the title Detecting Un-Known license package "Vulcan.Maui.Template" package while scanning MAUI project in Black Duck Detecting Un-Known license package "Vulcan.Maui.Template" while scanning MAUI project in Black Duck Jun 18, 2024
@mattleibow
Copy link
Member

What is Vulcan.Maui.Template? Never seen that before. I did find this: https://www.nuget.org/packages/Vulcan.Maui.Template

Please open an issue in that repo or with that owner.

@mattleibow mattleibow added the s/needs-info Issue needs more info from the author label Jun 18, 2024
@mattleibow
Copy link
Member

I also see a full git repo in there:
image

Unless you know for certain this package/template is correct, please first confirm. I also do not see any linked icense (which may be the issue) or repo. I searched GitHub and I saw this: https://github.com/vulcanlee/Prism-MAUI-Template/tree/main

As you say you are not using this template, I am not sure what is going on.

@mattleibow
Copy link
Member

What are you scanning? What paths and what are the full contents of that folder?

@PureWeen PureWeen added s/needs-info Issue needs more info from the author and removed s/needs-info Issue needs more info from the author labels Jun 18, 2024
@deviprasad987
Copy link
Author

deviprasad987 commented Jun 19, 2024
edited
Loading

@mattleibow
Below is the content of the Android and MacCatalyst projects
image

@dotnet-policy-service dotnet-policy-service bot added s/needs-attention Issue has more information and needs another look and removed s/needs-info Issue needs more info from the author labels Jun 19, 2024
@mattleibow
Copy link
Member

I am suggesting that since it is not our template nor our code, the real authors should be contacted.

@mattleibow mattleibow added s/needs-info Issue needs more info from the author and removed s/needs-attention Issue has more information and needs another look labels Jun 19, 2024
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Hi @deviprasad987. We have added the "s/needs-info" label to this issue, which indicates that we have an open question for you before we can take further action. This issue will be closed automatically in 7 days if we do not hear back from you by then - please feel free to re-open it if you come back to this issue after that time.

@PureWeen PureWeen added the area-infrastructure CI, Maestro / Coherency, upstream dependencies/versions label Jun 20, 2024
@dotnet-policy-service dotnet-policy-service bot added the s/no-recent-activity Issue has had no recent activity label Jun 25, 2024
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment. If it is closed, feel free to comment when you are able to provide the additional information and we will re-investigate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area-infrastructure CI, Maestro / Coherency, upstream dependencies/versions platform/android 🤖 s/needs-info Issue needs more info from the author s/no-recent-activity Issue has had no recent activity t/bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@mattleibow @PureWeen @samhouts @deviprasad987