-
Notifications
You must be signed in to change notification settings - Fork 107
Issues: actions/dependency-review-action
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
[BUG] mypy 1.12 problems determining license
bug
Something isn't working
#839
opened Oct 18, 2024 by
emlowe
Different configuration per package type?
enhancement
New feature or request
#834
opened Oct 1, 2024 by
steve-gore-snapdocs
[BUG] Dependency Review reports the Vulnerability which we are updating.
bug
Something isn't working
#830
opened Sep 22, 2024 by
Shweta4398
Can it work with normal push instead of just pull request?
enhancement
New feature or request
#826
opened Sep 4, 2024 by
umeshnebhani733
Add option for commit status check
enhancement
New feature or request
#825
opened Aug 30, 2024 by
ebickle
[BUG] warn-only set and job fails when having a vulnerability
bug
Something isn't working
#824
opened Aug 28, 2024 by
dolorsfg
Show patched version of dependency in the dependency review summary
enhancement
New feature or request
#823
opened Aug 26, 2024 by
virangdoshi
[BUG] Dependency Review gets stuck if forked .
bug
Something isn't working
#820
opened Aug 22, 2024 by
Shweta4398
[BUG] unexpected addition of Something isn't working
AND NOASSERTION
to license when updating pywin32-ctypes
bug
#818
opened Aug 19, 2024 by
altendky
[BUG] Error "fetch failed" when using proxy
bug
Something isn't working
#814
opened Aug 16, 2024 by
lindeberg
Print New feature or request
Dependency Changes
in PR comment
enhancement
#813
opened Aug 13, 2024 by
wzieba
[BUG] Something isn't working
allow-dependencies-licenses
not respected after changing from ==
to >=
with Python
bug
#812
opened Aug 12, 2024 by
altendky
Packages being flagged incorrectly with invalid SPDX license definitions
bug
Something isn't working
#809
opened Aug 9, 2024 by
shubhashish-certa
[BUG] Listing too many allow-dependencies-licenses makes the summary output unreadable
bug
Something isn't working
#801
opened Jul 23, 2024 by
jtomkiew-mng
Job Summary Size Limitation aborts the job [BUG]
bug
Something isn't working
Keep
Exempt this from stalebot
#786
opened Jun 25, 2024 by
Shweta4398
fail-on-severity
should still show lower severity vulnerabilities
enhancement
#775
opened Jun 3, 2024 by
mario-campos
Adding a license in 'allow-dependencies-licenses' does not prevent it from being populated in "invalid-license-changes"
bug
Something isn't working
#764
opened May 2, 2024 by
sreya
MIT is an invalid SPDX license identifier?
bug
Something isn't working
Keep
Exempt this from stalebot
#742
opened Apr 11, 2024 by
recurly-bearley
Add list of resolved vulnerabilities to the PR Comment / Logs
enhancement
New feature or request
#717
opened Mar 20, 2024 by
felickz
Reachability - Add a flag to only block only on reachable dependencies.
enhancement
New feature or request
Keep
Exempt this from stalebot
#708
opened Mar 8, 2024 by
felickz
False positive detection of a vulnerability that has been fixed
bug
Something isn't working
#676
opened Jan 31, 2024 by
AgustinBettati
Failure to determine license and flag to explicitly deny unknown licenses
enhancement
New feature or request
#672
opened Jan 26, 2024 by
wmmc88
Properly resolve licenses with "OR" expressions
bug
Something isn't working
#670
opened Jan 22, 2024 by
msalib
Previous Next
ProTip!
Follow long discussions with comments:>50.