Skip to content

Scan the result of merge instead of diff #922

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Wovchena opened this issue Apr 17, 2025 · 0 comments
Open

Scan the result of merge instead of diff #922

Wovchena opened this issue Apr 17, 2025 · 0 comments
Labels
enhancement New feature or request

Comments

@Wovchena
Copy link

Is your feature request related to a problem? Please describe.
When a dependency is added and dependency-review-action is enabled after, the dependency isn't scanned.

Describe the solution you'd like
dependency-review-action should scan the result of PR merge by default.
@Wovchena Wovchena added the enhancement New feature or request label Apr 17, 2025
Wovchena added a commit to Wovchena/openvino.genai-public that referenced this issue Apr 25, 2025
@Wovchena
Fix license filter
a247b36 
The reason we dont see the error about this license is that they scan diff instead of repo state: actions/dependency-review-action#922. MIT-CMU was my attempt to please it, but it seems that the reviewer uses .github/dependency_review.yml from the target branch only which is another their issue. The license in this commit feels to be more correct because it is the license printed in the error message https://github.com/openvinotoolkit/openvino.genai/actions/runs/14531018031/job/40770651373
@Wovchena Wovchena mentioned this issue Apr 25, 2025
Merged
github-merge-queue bot pushed a commit to openvinotoolkit/openvino.genai that referenced this issue Apr 25, 2025
@Wovchena
Fix license filter (#2116)
78d581b 
The reason we dont see the error about this license is that they scan
diff instead of repo state:
actions/dependency-review-action#922. MIT-CMU
was my attempt to please it, but it seems that the reviewer uses
.github/dependency_review.yml from the target branch only which is
another their issue. The license in this commit feels to be more correct
because it is the license printed in the error message
https://github.com/openvinotoolkit/openvino.genai/actions/runs/14531018031/job/40770651373
apram0d pushed a commit to apram0d/openvino.genai that referenced this issue Apr 28, 2025
@Wovchena @apram0d
Fix license filter (openvinotoolkit#2116)
28ddfbd 
The reason we dont see the error about this license is that they scan
diff instead of repo state:
actions/dependency-review-action#922. MIT-CMU
was my attempt to please it, but it seems that the reviewer uses
.github/dependency_review.yml from the target branch only which is
another their issue. The license in this commit feels to be more correct
because it is the license printed in the error message
https://github.com/openvinotoolkit/openvino.genai/actions/runs/14531018031/job/40770651373
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Wovchena