LicenseFinder

LicenseFinder copied to clipboard

Hi! I started developing a GitHub action to run LicenseFinder in CI/CD pipelines:

https://github.com/jmservera/license-finder-action

The current alpha version has some fields to add permitted licenses and libraries running the tool during the action execution, and the best way to run it by now is combining it with an action that publishes the junit results as test results into the workflow, this is explained in the readme file. But I'm planning to provide a tighter integration with GitHub by automatically creating Issues and or PRs that add the info to a dependency_decissions.yml file as you would do by running the tool manually. What do you think?

I also wouldn't mind moving the action here if the community wants to support it.

We have created an issue in Pivotal Tracker to manage this. Unfortunately, the Pivotal Tracker project is private so you may be unable to view the contents of the story.

The labels on this github issue will be updated when the story is started.

Hey @jmservera ! I think if we add this as optional functionality, I have no issue with it. I don't really have a strong opinion on this one way tor this other but if it helps people, I'm all for it.