Our policies are very similar to what you described. That's why I asked if this was possible.
Posts made by scampbell_8969
-
RE: ProGet: Auto package promotion from NuGet mirror?
-
ProGet: Auto package promotion from NuGet mirror?
We currently have a NuGet mirror feed which points to nuget.org. We don't use packages from it directly in our CI/CD builds. Instead, we have an "approved" internal feed that we use for that. We populate that feed by promoting from our NuGet mirror feed.
Is it possible to configure our "approved" internal feed to have new versions of approved packages automatically detected and promoted from our NuGet mirror feed?
-
RE: PGSCAN can't resolve embedded license file
I'm not able to attach an SBOM file to this.
I'm not familiar with the "Add License File" screen in the picture you attached. What I've been doing (besides assigning the license in ProGet) is updating the License Type with the URL of the embedded license. Neither seems to help.
-
PGSCAN can't resolve embedded license file
We are using ProGet 2023 and pgscan 1.5.8.
We are using pgscan as part of a weekly CI build job which uploads the results to ProGet.
We keep getting issues related to "Unknown License" in the reports for some of the libraries. They are all due to embedded license files in those libraries.
I assign the correct license in ProGet, but the same issues keep showing up for those libraries in subsequent reports. I would think setting it in ProGet would fix this.
Is there something that I'm missing?