Conversation
qmonnet
force-pushed
the
pr/qmonnet/fossa-action
branch
from
5fcc100 to
e8d48ec
Compare
|
We need to figure out:
|
|
Related: #332 |
|
Right now the scan is “failing”: But the Action and workflow returns successfully 🙃, go figure. I haven't found a way to 1) fix the report and 2) make the workflow fail when the scan fails |
|
The branch for scans on PRs is also marked as “master” in the interface, not sure why. Maybe that's the branch name created by the checkout action? Anyway, this means we probably don't have an easy way to identify which PR a given report comes from, in the FOSSA web interface. |
??? dataplane is already public? |
Sorry I meant, in the FOSSA interface. If you click on the badge above, I'd expect you to get a 404. |
I've made it public 
|
|
I think the issue in As for the other two in dpdk-sys - they're interesting, are we allowed to ship these GPL/LGPL files even if they're only header definitions? I wouldn't bet on it. What alternative do we have? Recreating our own definition file? |
Apparently the "Quick Import" feature from FOSSA is not good enough for Rust projects, and we need to run the FOSSA CLI tool, either ourselves or using the official GitHub Action. This commit introduces a new workflow that uses this Action to perform a scan on pushes to the main branch. Signed-off-by: Quentin Monnet <qmo@qmon.net>
qmonnet
force-pushed
the
pr/qmonnet/fossa-action
branch
from
e8d48ec to
70b51a3
Compare
|
Just updated the workflow to run on pushes to |
4 participants
Apparently the "Quick Import" feature from FOSSA is not good enough for Rust projects, and we need to run the FOSSA CLI tool, either ourselves or using the official GitHub Action. This commit introduces a new workflow that uses this Action to perform a scan on Pull Requests and on pushes to the main branch.