diff --git a/pkg/osvscanner/osvscanner.go b/pkg/osvscanner/osvscanner.go index 57d562e7d2..662311432a 100644 --- a/pkg/osvscanner/osvscanner.go +++ b/pkg/osvscanner/osvscanner.go @@ -708,6 +708,10 @@ func DoScan(actions ScannerActions, r reporter.Reporter) (models.VulnerabilityRe if actions.CompareLocally { actions.SkipGit = true + + if len(actions.ScanLicensesAllowlist) > 0 || actions.ScanLicensesSummary { + return models.VulnerabilityResults{}, fmt.Errorf("cannot retrieve licenses locally") + } } configManager := config.ConfigManager{