generated from saleor/saleor-app-payment-template
-
Notifications
You must be signed in to change notification settings - Fork 181
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add workflow to check licenses (#226)
This adds a workflow that checks our repository does not use non-BSD-3 compatible licenses. The workflow reviews each pull requests against given rules, and sends a summary.
- Loading branch information
1 parent
dad41b4
commit 86e89e4
Showing
2 changed files
with
49 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
| name: Check Licenses | ||
| on: | ||
| pull_request: | ||
| types: | ||
| - opened | ||
| - synchronize | ||
| # Labels are needed to handle external contributors | ||
| - labeled | ||
| - unlabeled | ||
| paths: | ||
| # Self | ||
| - ".github/workflows/check-licenses.yaml" | ||
| # Python Ecosystem | ||
| - "**/pyproject.toml" | ||
| - "**/setup.py" | ||
| - "**/requirements*.txt" | ||
| - "**/Pipfile.lock" | ||
| - "**/poetry.lock" | ||
| # JS/TS Ecosystem | ||
| - "**/package.json" | ||
| - "**/pnpm-lock.yaml" | ||
| - "**/package-lock.json" | ||
|
|
||
| jobs: | ||
| default: | ||
| permissions: | ||
| contents: read | ||
| pull-requests: write | ||
| uses: saleor/saleor-internal-actions/.github/workflows/run-license-check.yaml@v1 | ||
| with: | ||
| # List of ecosystems to scan. | ||
| ecosystems: >- | ||
| python | ||
| javascript | ||
| # Grant rules (https://github.com/anchore/grant/blob/4362dc22cf5ea9baeccfa59b2863879afe0c30d7/README.md#usage) | ||
| rules: | | ||
| # Explicitly allow LGPL as "*GPL*" rule will cause to reject them otherwise. | ||
| - pattern: "*lgpl*" | ||
| name: "allow-lgpl" | ||
| mode: "allow" | ||
| reason: "LGPL is allowed." | ||
| - pattern: "*gpl*" | ||
| name: "deny-gpl" | ||
| mode: "deny" | ||
| reason: "GPL licenses are not compatible with BSD-3-Clause" | ||
| - pattern: "*proprietary*" | ||
| name: "deny-proprietary" | ||
| mode: "deny" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters