Skip to content

Issues: actions/dependency-review-action

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
37 Open 130 Closed
37 Open 130 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Add a Git hook for building JS files enhancement New feature or request Keep Exempt this from stalebot
#249 opened Sep 22, 2022 by febuiles updated Feb 20, 2024
Allow ignoring particular sources of dependencies enhancement New feature or request Keep Exempt this from stalebot
#459 opened Apr 19, 2023 by AlekSi updated Feb 20, 2024
1
Properly handle 502s from Dependency Review API enhancement New feature or request Keep Exempt this from stalebot
#398 opened Feb 8, 2023 by febuiles updated Feb 20, 2024
Handle API errors / rate limits more gracefully bug Something isn't working enhancement New feature or request Keep Exempt this from stalebot
#555 opened Aug 28, 2023 by rajbos updated Feb 20, 2024
Reachability - Add a flag to only block only on reachable dependencies. enhancement New feature or request Keep Exempt this from stalebot
#708 opened Mar 8, 2024 by felickz updated Mar 11, 2024
Improve Snapshots Experience enhancement New feature or request Keep Exempt this from stalebot
#567 opened Sep 14, 2023 by febuiles updated Mar 15, 2024
1 task done
1
"Invalid SPDX License" after upgrading JSTS package Keep Exempt this from stalebot
#575 opened Sep 27, 2023 by mprins updated Mar 22, 2024
@febuiles
4
[BUG] Dependency Review reports the Vulnerability which we are updating. bug Something isn't working
#830 opened Sep 22, 2024 by Shweta4398 updated Sep 22, 2024
[BUG] allow-dependencies-licenses not respected after changing from == to >= with Python bug Something isn't working
#812 opened Aug 12, 2024 by altendky updated Sep 25, 2024
Different configuration per package type? enhancement New feature or request
#834 opened Oct 1, 2024 by steve-gore-snapdocs updated Oct 1, 2024
Failure to determine license and flag to explicitly deny unknown licenses enhancement New feature or request
#672 opened Jan 26, 2024 by wmmc88 updated Oct 16, 2024
8
Add list of resolved vulnerabilities to the PR Comment / Logs enhancement New feature or request
#717 opened Mar 20, 2024 by felickz updated Nov 22, 2024
6
[BUG] mypy 1.12 and 1.13 problems determining license bug Something isn't working
#839 opened Oct 18, 2024 by emlowe updated Dec 4, 2024
2
[BUG] action does fail with valid licenses like Unicode-3.0 bug Something isn't working
#854 opened Dec 6, 2024 by ailox updated Dec 6, 2024
1
1
[BUG] Error "fetch failed" when using proxy bug Something isn't working
#814 opened Aug 16, 2024 by lindeberg updated Dec 11, 2024
5
[BUG] elliptic is reported with an OFL-1.1 license. bug Something isn't working
#862 opened Jan 15, 2025 by BAcanLL updated Jan 15, 2025
[BUG] Empty "Scanned Files" and "OpenSSF Scorecard" sections if no issues found bug Something isn't working
#863 opened Jan 17, 2025 by fabasoad updated Jan 17, 2025
1
Fail on unknown license instead of ignoring it enhancement New feature or request
#857 opened Dec 28, 2024 by mabar updated Jan 17, 2025
3
[BUG] what is the license of json-schema-ref-parser bug Something isn't working
#868 opened Jan 21, 2025 by Loki-Afro updated Jan 22, 2025
Support for packages with multiple licenses enhancement New feature or request Keep Exempt this from stalebot
#263 opened Sep 29, 2022 by jcasner updated Jan 22, 2025
@febuiles
20
Packages being flagged incorrectly with invalid SPDX license definitions bug Something isn't working
#809 opened Aug 9, 2024 by shubhashish-certa updated Jan 23, 2025
7
Can it work with normal push instead of just pull request? enhancement New feature or request
#826 opened Sep 4, 2024 by umeshnebhani733 updated Jan 24, 2025
3
Support specifying a range of versions in deny-packages enhancement New feature or request
#882 opened Jan 24, 2025 by ellenfieldn updated Jan 24, 2025
[BUG] jinja2 incompatible license bug Something isn't working
#886 opened Jan 27, 2025 by mryzhov updated Jan 27, 2025
1
[BUG] Listing too many allow-dependencies-licenses makes the summary output unreadable bug Something isn't working
#801 opened Jul 23, 2024 by jtomkiew-mng updated Jan 29, 2025
2
ProTip! Follow long discussions with comments:>50.