Open ethankent opened 3 months ago
Hi @ethankent, this repository has a license (Apache 2), so this seems like a limitation of GitHub's dependency review. Do you have an example of one that does show the proper license? I would say that we have the proper license in place, so this is not a priority for us.
Hi @tsmithv11, thanks for the reply. Everything I see in this repository seems to indicate that the license is configured. So, I don't believe there's a problem on the repo itself. However, the license badge does seem to be missing on the Marketplace page, so possibly there's a gap in the publishing process.
If it helps, I can tell you that I see a similar action in the marketplace that doesn't have any problems with the dependency review action. It's called Trivy & I can see that it has a license badge showing correctly.
A license scan using Github's dependency review action indicates:
Additionally, there is no license badge showing on the Marketplace page
I suspect a particular form field needs to get filled out when publishing.