Merge pull request #56 from launchdarkly/fix/dependency-scan

fix: rego syntax in license checker policy
launchdarkly · Jan 8, 2025 · 43bc5fe · 43bc5fe
2 parents 967794a + f15ee4b
commit 43bc5fe
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/actions/dependency-scan/evaluate-policy/license_policy.rego b/actions/dependency-scan/evaluate-policy/license_policy.rego
@@ -2,19 +2,19 @@ package launchdarkly
 
 default allow = false                               # unless otherwise defined, allow is false
 
-allow = true {                                      # allow is true if...
+allow = true if {                                      # allow is true if...
     count(violation) == 0                           # there are zero violations.
 }
 
 # The golang cyclonedx tool puts licenses under 'evidence'
-violation[component["bom-ref"]] = {"dependency": component["bom-ref"], "license": license} {
+violation[component["bom-ref"]] = {"dependency": component["bom-ref"], "license": license} if {
   component := input.components[_]
   license := component.evidence.licenses[_].license.id
   contains(license, "GPL") # should catch GPL, LGPL, AGPL, etc
 }
 
 # The Node cyclonedx tool puts licenses directly under the component
-violation[component["bom-ref"]] = {"dependency": component["bom-ref"], "license": license} {
+violation[component["bom-ref"]] = {"dependency": component["bom-ref"], "license": license} if {
   component := input.components[_]
   license := component.licenses[_].license.id
   contains(license, "GPL") # should catch GPL, LGPL, AGPL, etc