Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configuring allow-dependencies-licenses fails the action #759

Closed
jdavis-etdx opened this issue Apr 29, 2024 · 3 comments · Fixed by #761
Closed

Configuring allow-dependencies-licenses fails the action #759

jdavis-etdx opened this issue Apr 29, 2024 · 3 comments · Fixed by #761

Comments

@jdavis-etdx
Copy link

The following change made in #753 is now causing using the allow-dependencies-licenses configuration to fail the action with the following error: Error: Invalid purl(s) in allow-dependencies-licenses:... when configured. This logic is indicating that if the the error property for an object in the list is null, add it to the invalid_purls list in which an an exception if this list has at at least one item. The correct logic should be to only add an item to the list if the error property contains a value.

dependency-review-action/src/config.ts

Lines 235 to 243 in e58c696

const invalid_purls = allow_dependencies_licenses.filter(
purl => !parsePURL(purl).error
)
if (invalid_purls.length > 0) {
throw new Error(
`Invalid purl(s) in allow-dependencies-licenses: ${invalid_purls}`
)
}

@juxtin juxtin mentioned this issue Apr 29, 2024
Merged
@juxtin
Copy link
Contributor

juxtin commented Apr 29, 2024

Thanks for the report, @jdavis-etdx! I see you also opened and closed a PR for this, but I've gone ahead and created another solution in #761.

@jdavis-etdx
Copy link
Author

Excellent! I am just happy to get it resolved. Thanks @juxtin

This was referenced Apr 30, 2024
Merged
Closed
Merged
@juxtin
Copy link
Contributor

juxtin commented Apr 30, 2024

@jdavis-etdx v4.3.2 has been released and the v4 tag has been updated, so you shouldn't see this issue again.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix package-url parsing for allow-dependencies-licenses actions/dependency-review-action
2 participants
@juxtin @jdavis-etdx