github-actions[bot] commented on PR #222: URL: https://github.com/apache/santuario-xml-security-java/pull/222#issuecomment-1767982452
<h1>Dependency Review</h1> The following issues were found:<ul><li>✅ 0 vulnerable package(s)</li><li>✅ 0 package(s) with incompatible licenses</li><li>✅ 0 package(s) with invalid SPDX license definitions</li><li>⚠️ 1 package(s) with unknown licenses.</li></ul> See the Details below.<h2>Snapshot Warnings</h2> <blockquote>⚠️: No snapshots were found for the head SHA 038e62bdc81d4473ecab753f9f49b7d0e72c4612.</blockquote> Ensure that dependencies are being submitted on PR branches. Re-running this action after a short time may resolve the issue. See <a href="https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#best-practices-for-using-the-dependency-review-api-and-the-dependency-submission-api-together";>the documentation</a> for more information and troubleshooting advice.<h2>License Issues</h2> <h4><em>pom.xml</em></h4> <table><tr><td>Package</td><td>Version</td><td>License</td><td>Issue Type</td></tr><tr><td><a href="https://github.com/jacoco/jacoco";>org.jacoco:jacoco-maven-plugin</a></td><td>0.8.11</td><td>Null</td><td>Unknown License</td></tr></table> <h2>Scanned Manifest Files</h2> <details><summary>pom.xml</summary><ul><li>org.jacoco:[email protected]</li><li>org.jacoco:[email protected]</li></ul></details> <!-- dependency-review-pr-comment-marker --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
