LICENSE-3rdparty.csv should be updated
cedricvanrompay-datadog opened this issue · 2 comments
cedricvanrompay-datadog commented
Very minor problem, but some of the packages referenced in LICENSE-3rdparty.csv have a very low OSSF Scorecard and thus are triggering scanners.
Expected Behavior
Repositories listed in https://github.com/DataDog/datadog-lambda-js/blob/main/LICENSE-3rdparty.csv should be found elsewhere in the code.
Actual Behavior
Some repositories listes in https://github.com/DataDog/datadog-lambda-js/blob/main/LICENSE-3rdparty.csv do not seem to be used in datadog-lambda-js. For instance, emitter-listener (github.com/othiym23/emitter-listener).
Steps to Reproduce the Problem
- for each package in https://github.com/DataDog/datadog-lambda-js/blob/main/LICENSE-3rdparty.csv
- check for its presence elsewhere in the project
Specifications
- Datadog Lambda Layer version: https://github.com/DataDog/datadog-lambda-js/tree/6810d0c99d61890452a027781159383ae3b84d44
- Node version:
duncanista commented
Thanks for letting us know, will work on this shortly.
duncanista commented
Closing due to #527, feel free to update if any more changes are needed!