Detect dependencies which has unverified group name

[liquidz]

It will be a disallow list simply for now.
e.g. seancorfield/next.jdbc => com.github.seancorfield/next.jdbc
c.f. Clojars Verified Group Names policy

[liquidz]

@nnichols
Hi,

I have a plan to release this feature.
In this feature, I will change the output a little with format reporter.

For example, if you have seancorfield/next.jdbc {:mvn/version "1.1.613"} in you deps.edn, antq will report like follows.

# Option: --reporter=format --error-format="{{name}},{{version}},{{latest-version}},{{latest-name}}"
# For unverified deps, `latest-version` will be "Failed to fetch" and `latest-name` is set
seancorfield/next.jdbc,seancorfield/next.jdbc,Failed to fetch,com.github.seancorfield/next.jdbc
seancorfield/next.jdbc,1.1.613,1.1.643,

In clojure-dependency-update-action, reports containing "Failed to fetch" will be ignored, so I don't think it will affect your GitHub Action.
https://github.com/nnichols/clojure-dependency-update-action/blob/v3/dependency-check.sh#L24

But if you don't mind, could you confirm to make sure your GitHub Action works well?

You can try this feature on dev branch.

[nnichols]

@liquidz I updated the Action with this commit nnichols/clojure-dependency-update-action@0fc9b2d and was able to successfully run a few test cases in a sample repo.

Thanks for this update!!

[liquidz]

@nnichols Thanks for your confirmation!

[liquidz]

@nnichols FYI: I just released v0.12.0 :)

[liquidz]

Closed by #65