Skip to content

Commit

Permalink
chore: fix osv license scan config and add license override (envoypro…
Browse files Browse the repository at this point in the history
…xy#4906)

* chore: fix osv license scan config and add license override

Signed-off-by: Shahar Harari <[email protected]>

* rename config file

Signed-off-by: Shahar Harari <[email protected]>

* comment out again

Signed-off-by: Shahar Harari <[email protected]>

---------

Signed-off-by: Shahar Harari <[email protected]>
  • Loading branch information
shahar-h authored Dec 12, 2024
1 parent 9b60a67 commit 507ea5d
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 2 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/license-scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,5 +23,5 @@ jobs:
scan-args: |-
--skip-git
--experimental-licenses=Apache-2.0,BSD-2-Clause,BSD-2-Clause-FreeBSD,BSD-3-Clause,MIT,ISC,Python-2.0,PostgreSQL,X11,Zlib
--config tools/osv-scanner/license-scan-config.yaml
--config tools/osv-scanner/license-scan-config.toml
./
10 changes: 9 additions & 1 deletion tools/osv-scanner/license-scan-config.toml
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
# Ignore vulnerabilities on license scan
[[PackageOverrides]]
ecosystem = "Go"
vulnerability.ignore = true
# TODO uncomment once osv-scanner-action is updated to v1.9.1
# vulnerability.ignore = true

[[PackageOverrides]]
name = "github.com/AdaLogics/go-fuzz-headers"
Expand Down Expand Up @@ -80,6 +81,13 @@ ecosystem = "Go"
license.override = ["Apache-2.0"]
reason = "Unidentified license, remove once https://github.com/google/deps.dev/issues/119 is resolved"

[[PackageOverrides]]
name = "golang.org/x/crypto"
version = "0.31.0"
ecosystem = "Go"
license.override = ["BSD-3-Clause"]
reason = "Unidentified license, remove once https://github.com/google/deps.dev/issues/120 is resolved"

[[PackageOverrides]]
name = "stdlib"
ecosystem = "Go"
Expand Down

0 comments on commit 507ea5d

Please sign in to comment.