-
Notifications
You must be signed in to change notification settings - Fork 92
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fail to detect a license #281
Comments
@jackpie1206 Thanks such a complete bug report 🙇. The API the Action uses to fetch the vulnerability and license info has different data from the GitHub Licenses API that you linked above. There is a draft PR to use the GitHub License information as a fallback, it's just missing some tests before getting merged! You can see how it fixes the issue you reported in this sample worfklow run: https://github.com/future-funk/turbo-couscous/actions/runs/3233979525/jobs/5296523454. |
@febuiles That looks promising! Question, after the PR gets merged, how long does it take for a new minor or patch release (I assume it won't be a major release)? Thanks. |
@jackpie1206 for these bug fixes we cut new releases instantly. Help with the PR is always welcome if you are familiar or want to learn TypeScript/GitHub Actions! |
@jackpie1206 this should be resolved in the v2.5.0 release |
@jackpie1206 thanks a ton for the callout, it's been updated already! |
I was testing with deny-licenses option and found that it failed to detect a license from https://www.npmjs.com/package/spook.js. The workflow I added was:
And my test PR made these changes:
package.json
package-lock.json
However, the action run for the PR didn't fail. Instead, it reported that it couldn't detect a license for spook.js.
If I manually grab the file from https://registry.npmjs.org/spook.js/-/spook.js-0.0.1.tgz I can see LICENSE.md in it which is GPL-3.0. I can also use GitHub License API to check its license and it is "gpl-3.0": https://api.github.com/repos/arthurakay/spook.js/license
Did I do something wrong?
The text was updated successfully, but these errors were encountered: