From 39f5603ed2cb6544ed0b16134f9693cd29ca1e5f Mon Sep 17 00:00:00 2001 From: Callan Barrett Date: Fri, 10 Apr 2026 16:08:06 +0800 Subject: [PATCH] ci: add license deny list to dependency review Deny AGPL-3.0, SSPL-1.0, EUPL-1.1, EUPL-1.2, CPAL-1.0, and Watcom-1.0 licenses in new dependencies. --- .github/workflows/dependency-review.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index d02f899..b693169 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,3 +17,5 @@ jobs: - name: Dependency Review uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4 + with: + deny-licenses: AGPL-3.0-only, AGPL-3.0-or-later, SSPL-1.0, EUPL-1.1, EUPL-1.2, CPAL-1.0, Watcom-1.0