joshjohanning-org / ghas-demo

this is a sample security scanning repo

1 stars 4 forks source link

Update package.json with non-license compliant package #172

Open joshjohanning opened 1 year ago

joshjohanning commented 1 year ago

Adding tar-pack 3.4.1 with BSD-2-Clause license.

github-actions[bot] commented 1 year ago

Dependency Review

The following issues were found:

✅ 0 vulnerable package(s)
❌ 1 package(s) with incompatible licenses
✅ 0 package(s) with invalid SPDX license definitions
✅ 0 package(s) with unknown licenses.

See the Details below.

License Issues

frontend/package.json

Package	Version	License	Issue Type
tar-pack	3.4.1	BSD-2-Clause	Incompatible License

Denied Licenses: LGPL-2.0, BSD-2-Clause

Scanned Manifest Files

frontend/package.json

tar-pack@3.4.1