(cordova-common) branch master updated: ci: add release audit workflow (#202)

dpogue Sun, 24 Mar 2024 00:59:18 -0700

This is an automated email from the ASF dual-hosted git repository.

dpogue pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cordova-common.git



The following commit(s) were added to refs/heads/master by this push:
     new dd3eca8  ci: add release audit workflow (#202)
dd3eca8 is described below

commit dd3eca8161a5f4c3348542877ebd9562822ae7ac
Author: エリス <er...@users.noreply.github.com>
AuthorDate: Sun Mar 24 16:56:59 2024 +0900

    ci: add release audit workflow (#202)
---
 .github/workflows/release-audit.yml | 45 ++++++++++++++++++++++++++
 .ratignore                          |  6 ++--
 NOTICE                              |  9 ++++++
 licence_checker.yml                 | 64 +++++++++++++++++++++++++++++++++++++
 4 files changed, 121 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release-audit.yml 
b/.github/workflows/release-audit.yml
new file mode 100644
index 0000000..8309094
--- /dev/null
+++ b/.github/workflows/release-audit.yml
@@ -0,0 +1,45 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#  KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+name: Release Auditing
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    name: Audit Licenses
+    runs-on: ubuntu-latest
+    steps:
+      # Checkout project
+      - uses: actions/checkout@v4
+
+      # Check license headers
+      - uses: erisu/apache-rat-action@555ae80334a535eb6c1f8920b121563a5a985a75
+
+      # Setup environment with node
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+
+      # Install node packages
+      - name: npm install packages
+        run: npm i
+
+      # Check node package licenses
+      - uses: 
erisu/license-checker-action@e929758f9416f30234ac454fc9054ca4b803871d
+        with:
+          license-config: 'licence_checker.yml'
diff --git a/.ratignore b/.ratignore
index 5205fdd..1075847 100644
--- a/.ratignore
+++ b/.ratignore
@@ -1,4 +1,4 @@
-fixtures
+\.(.*)
 coverage
-jasmine.json
-package-lock.json
+fixtures
+node_modules
diff --git a/NOTICE b/NOTICE
index 666eab8..5f73ac0 100644
--- a/NOTICE
+++ b/NOTICE
@@ -3,3 +3,12 @@ Copyright 2015 The Apache Software Foundation
 
 This product includes software developed at
 The Apache Software Foundation (http://www.apache.org/).
+
+-----
+
+- caniuse-lite
+
+  https://github.com/browserslist/caniuse-lite (caniuse.com)
+
+  Licensed under the Creative Commons Attribution 4.0 International (CC-BY-4.0)
+  https://creativecommons.org/licenses/by/4.0/
diff --git a/licence_checker.yml b/licence_checker.yml
new file mode 100644
index 0000000..604dec8
--- /dev/null
+++ b/licence_checker.yml
@@ -0,0 +1,64 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#  KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# Compiled list of allowed 3RD PARTY LICENSES from:
+#
+# ASF CATEGORY A: WHAT CAN WE INCLUDE IN AN ASF PROJECT
+# https://www.apache.org/legal/resolved.html#category-a
+#
+# Licenses converted into the SPDX standardized short identifier format.
+# https://spdx.org/licenses/
+allowed-licenses:
+  - 0BSD
+  - AFL-3.0
+  - Apache-1.1
+  - Apache-2.0
+  - APAFML
+  - BlueOak-1.0.0
+  - BSD-2-Clause
+  - BSD-3-Clause
+  - BSD-3-Clause-LBNL
+  - BSL-1.0
+  - CC-PDDC
+  - CC0-1.0
+  - EPICS
+  - HPND
+  - ICU
+  - ISC
+  - MIT
+  - MIT-0
+  - MS-PL
+  - MulanPSL-2.0
+  - NCSA
+  - OGL-UK-3.0
+  - PHP-3.01
+  - PostgreSQL
+  - PSF-2.0
+  - Python-2.0
+  - SMLNJ
+  - Unicode-DFS-2016
+  - Unlicense
+  - UPL-1.0
+  - W3C
+  - WTFPL
+  - X11
+  - Xnet
+  - Zlib
+  - ZPL-2.0
+
+ignored-packages:
+  - caniuse-lite@@1.0.30001446


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cordova.apache.org
For additional commands, e-mail: commits-h...@cordova.apache.org

(cordova-common) branch master updated: ci: add release audit workflow (#202)

Reply via email to