- Packages added to
allow-dependencies-licenseswill be allowed even if the package in question has no license information #889 - License expressions (e.g.
Ruby OR GPL-2.0) in the allow list are automatically discarded so that they don't invalidate the whole allow list, which should just be license identifier (e.g.Ruby)