search

DataDog / datadog-lambda-js

The Datadog AWS Lambda Library for Node
Apache License 2.0
105 stars 35 forks source link

LICENSE-3rdparty.csv should be updated #525

Closed cedricvanrompay-datadog closed 3 months ago

cedricvanrompay-datadog commented 3 months ago

Very minor problem, but some of the packages referenced in LICENSE-3rdparty.csv have a very low OSSF Scorecard and thus are triggering scanners.

Expected Behavior

Repositories listed in https://github.com/DataDog/datadog-lambda-js/blob/main/LICENSE-3rdparty.csv should be found elsewhere in the code.

Actual Behavior

Some repositories listes in https://github.com/DataDog/datadog-lambda-js/blob/main/LICENSE-3rdparty.csv do not seem to be used in datadog-lambda-js. For instance, emitter-listener (github.com/othiym23/emitter-listener).

Steps to Reproduce the Problem

  1. for each package in https://github.com/DataDog/datadog-lambda-js/blob/main/LICENSE-3rdparty.csv
  2. check for its presence elsewhere in the project

Specifications

duncanista commented 3 months ago

Hey @cedricvanrompay-datadog

Thanks for letting us know, will work on this shortly.

duncanista commented 3 months ago

Closing due to #527, feel free to update if any more changes are needed!