The dependency review workflow was failing with the following error:
##[error]Invalid license(s) in allow-licenses: - MIT
- Apache-2.0
- BSD-2-Clause
- BSD-3-Clause
- ISC
The issue was related to the YAML formatting of the license lists in both the workflow file and the configuration file. The lists were formatted incorrectly, causing the action to fail when parsing the input.
- Updated the format of
deny-licensesandallow-licensesto use proper YAML multi-line string syntax - Removed the dash prefix from each license entry in the workflow file
- Ensured consistent formatting throughout the file
- Standardized the format of license lists to use proper YAML array syntax
- Ensured consistent naming conventions for all configuration keys
- Maintained all existing configuration options with correct formatting
These changes should resolve the workflow failure by ensuring that the license lists are properly formatted according to the requirements of the actions/dependency-review-action@v4 action.
- Consider adding a workflow validation step to catch YAML formatting issues before they cause workflow failures
- Implement a pre-commit hook to validate workflow files
- Add more detailed error handling in the workflow to provide clearer error messages