Skip to content
Dependency Review

Add deny-licenses list with Category X SPDX identifiers ⚖️ #96

Sign in to view logs

Add deny-licenses list with Category X SPDX identifiers ⚖️

Add deny-licenses list with Category X SPDX identifiers ⚖️ #96

Workflow file for this run

.github/workflows/dependency-review.yml at a199daa
name: 'Dependency Review'
on: [pull_request]
permissions:
contents: read
pull-requests: write
jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@v4
- name: Dependency Review
uses: actions/dependency-review-action@v4
with:
comment-summary-in-pr: always
fail-on-severity: high
allow-licenses: MIT, Apache-2.0, BSD-3-Clause, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL-2.0, MPL-1.0, MPL-1.1, MPL-2.0
deny-licenses: AFL-3.0, AGPL-1.0, AGPL-3.0, APSL-1.0, APSL-1.1, APSL-1.2, APSL-2.0, CPOL-1.02, BSD-4-Clause, CC-BY-2.5, CC-BY-3.0, CC-BY-4.0, EUPL-1.0, EUPL-1.1, GPL-1.0, GPL-2.0, GPL-3.0, LGPL-2.1, LGPL-3.0, JSON, MS-LPL, NPL-1.0, NPL-1.1, OSL-3.0, QPL-1.0, Sleepycat
fail-on-scopes: development, runtime
allow-dependencies-licenses: 'pkg:npm/caniuse-lite'