Mirrors/unleash.unleash
1
0
Fork 0
mirror of https://github.com/Unleash/unleash.git synced 2025-01-25 00:07:47 +01:00
Code Issues Projects Releases Wiki Activity

chore: added dependency review (#7206)

Browse Source 
To help with compliance with customer's OSS requirements, this now bans
usage of GPL and LGPL, as well as scans PRs for dependency
vulnerabilities and new licenses being added.
This commit is contained in:
Christopher Kolstad 2024-05-30 13:19:22 +02:00 committed by GitHub
parent abf4966a37
commit c932d2a02b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
.github/workflows/dependency-review.yml vendored Normal file
View File

@ -0,0 +1,22 @@
name: Dependency review
on:
pull_request:
permissions:
contents: read
pull-requests: write
jobs:
license_review:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Dependency review
uses: actions/dependency-review-action@v4
with:
fail-on-severity: moderate
#
deny-licenses: GPL-1.0, GPL-2.0, GPL-3.0, LGPL-2.1, LGPL-3.0, MPL-2.0, AGPL-3.0
comment-summary-in-pr: always