Some dependencies need to be vetted

[waynebeaton]

It appears that your GitHub Action is calling the Eclipse Dash License Tool incorrectly.

See: https://github.com/eclipse-score/feo/actions/runs/19345599339/job/55345020770#step:4:82

I can't make out where the error is (I don't see where you actually build the payload that you're providing to the tool).

When I run it from my command-line (with a few exclusions for what I believe are Eclipse S-Core and Eclipse iceoryx) project content, I see this:

$ cargo tree -e normal --prefix none --no-dedupe \
| sort -u \
| grep -v '^[[:space:]]*$' \
| grep -Pv ^iceoryx \
| grep -Pv ^feo \
| sed -E 's|([^ ]+) v([^ ]+).*|crate/cratesio/-/\1/\2|' \
| java -jar /gitroot/dash-licenses/shaded/target/org.eclipse.dash.licenses-1.1.1-SNAPSHOT.jar - 
[main] INFO Querying Eclipse Foundation for license data for 127 items.
[main] INFO Found 58 items.
[main] INFO Querying ClearlyDefined for license data for 69 items.
[main] INFO Found 69 items.
[main] INFO License information could not be automatically verified for the following content:
[main] INFO 
[main] INFO crate/cratesio/-/cycle-benchmark/0.1.0
[main] INFO crate/cratesio/-/indicatif-log-bridge/0.2.3
[main] INFO crate/cratesio/-/logd/0.1.0
[main] INFO crate/cratesio/-/mini-adas/0.1.0
[main] INFO crate/cratesio/-/perfetto-model/0.1.0
[main] INFO crate/cratesio/-/postcard-derive/0.2.2
[main] INFO crate/cratesio/-/rust-fuzzy-search/0.1.1
[main] INFO crate/cratesio/-/tiny-fn/0.1.9
[main] INFO 
[main] INFO This content is either not correctly mapped by the system, or requires review.

I think that some of the entries in the list (e.g., cycle-benchmark?) are actually project content. Exclude these before you submit anything for review by the IP Team, please.

Please submit the outstanding third-party content for review.