Skip to content

Issues: actions/dependency-review-action

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

26 Open 94 Closed
26 Open 94 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

v4.3.0 Causing PURL Processing Errors
#752 opened Apr 26, 2024 by watercable76
@juxtin
4
Conflict between vulnerabilities in scorecard vs check
#746 opened Apr 18, 2024 by james-smith-uk
MIT is an invalid SPDX license identifier? bug Something isn't working
#742 opened Apr 11, 2024 by recurly-bearley
2
error "fetch failed" with v4.2.5 bug Something isn't working
#736 opened Mar 31, 2024 by cpanato
1
warn_only Does Not Apply When Using a Deny List enhancement New feature or request
#734 opened Mar 27, 2024 by AlexWilson-GIS
1
Action fails to decorate PR when text is too long bug Something isn't working good first issue Good for newcomers
#730 opened Mar 27, 2024 by henriquevcosta
2
Create a PR check for default values in action.yml enhancement New feature or request good first issue Good for newcomers
#723 opened Mar 22, 2024 by febuiles
Add list of resolved vulnerabilities to the PR Comment / Logs enhancement New feature or request
#717 opened Mar 20, 2024 by felickz
Add Scopes to Scanned Manifest Files inventory enhancement New feature or request
#713 opened Mar 15, 2024 by felickz
Reachability - Add a flag to only block only on reachable dependencies. enhancement New feature or request Keep Exempt this from stalebot
#708 opened Mar 8, 2024 by felickz
Unknown License but license available via github API bug Something isn't working
#704 opened Feb 27, 2024 by riosje
2
Sarif output enhancement New feature or request
#685 opened Feb 5, 2024 by ben-wilson-peak
5
False positive detection of a vulnerability that has been fixed bug Something isn't working
#676 opened Jan 31, 2024 by AgustinBettati
4
Failure to determine license and flag to explicitly deny unknown licenses enhancement New feature or request
#672 opened Jan 26, 2024 by wmmc88
5
Properly resolve licenses with "OR" expressions bug Something isn't working
#670 opened Jan 22, 2024 by msalib
1
@febuiles
4
Update previous comment when failure is resolved enhancement New feature or request
#647 opened Jan 2, 2024 by addepar-tg
3
deny-licenses mistakenly blocking LGPL-3.0 license bug Something isn't working
#635 opened Dec 6, 2023 by logan-porelle
1
@febuiles
Feature Request: Ensure GitHub Action Dependencies are Pinned enhancement New feature or request
#633 opened Dec 4, 2023 by wadells
1
retry-on-snapshot-warnings - not working as expected on separate snapshot/review workflows bug Something isn't working needs research
#632 opened Dec 4, 2023 by felickz
9
"Invalid SPDX License" after upgrading JSTS package Keep Exempt this from stalebot
#575 opened Sep 27, 2023 by mprins
1
@febuiles
4
Improve Snapshots Experience enhancement New feature or request Keep Exempt this from stalebot
#567 opened Sep 14, 2023 by febuiles
1 task done
1
Handle API errors / rate limits more gracefully bug Something isn't working enhancement New feature or request Keep Exempt this from stalebot
#555 opened Aug 28, 2023 by rajbos
Allow ignoring particular sources of dependencies enhancement New feature or request Keep Exempt this from stalebot
#459 opened Apr 19, 2023 by AlekSi
1
Properly handle 502s from Dependency Review API enhancement New feature or request Keep Exempt this from stalebot
#398 opened Feb 8, 2023 by febuiles
Support for packages with multiple licenses enhancement New feature or request Keep Exempt this from stalebot
#263 opened Sep 29, 2022 by jcasner
1
@febuiles
10
ProTip! Find all open issues with in progress development work with linked:pr.