diff --git a/.github/workflows/release-audit.yml b/.github/workflows/release-audit.yml new file mode 100644 index 00000000..dcdfb99b --- /dev/null +++ b/.github/workflows/release-audit.yml @@ -0,0 +1,45 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +name: Release Auditing + +on: [push, pull_request] + +jobs: + test: + name: Audit Licenses + runs-on: ubuntu-latest + steps: + # Checkout project + - uses: actions/checkout@v4 + + # Check license headers + - uses: erisu/apache-rat-action@2840c4d69521d23ab0cfd346e14406d884c656da + + # Setup environment with node + - uses: actions/setup-node@v4 + with: + node-version: 18 + + # Install node packages + - name: npm install packages + run: npm i + + # Check node package licenses + - uses: erisu/license-checker-action@e929758f9416f30234ac454fc9054ca4b803871d + with: + license-config: 'licence_checker.yml' diff --git a/.ratignore b/.ratignore index 15c3f3e3..fc269838 100644 --- a/.ratignore +++ b/.ratignore @@ -1,4 +1,5 @@ -*.txt -cordova.cmd +.(.*) +(.*).txt coverage -jasmine.json +cordova.cmd +node_modules diff --git a/NOTICE b/NOTICE index 8ec56a52..7874e3de 100644 --- a/NOTICE +++ b/NOTICE @@ -3,3 +3,12 @@ Copyright 2012 The Apache Software Foundation This product includes software developed at The Apache Software Foundation (http://www.apache.org/). + +----- + +- spdx-exceptions + + https://github.com/jslicense/spdx-exceptions.json + + Licensed under the Creative Commons Attribution 3.0 Unported (CC-BY-3.0) + https://creativecommons.org/licenses/by/3.0/ diff --git a/licence_checker.yml b/licence_checker.yml new file mode 100644 index 00000000..838aaabd --- /dev/null +++ b/licence_checker.yml @@ -0,0 +1,64 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# Compiled list of allowed 3RD PARTY LICENSES from: +# +# ASF CATEGORY A: WHAT CAN WE INCLUDE IN AN ASF PROJECT +# https://www.apache.org/legal/resolved.html#category-a +# +# Licenses converted into the SPDX standardized short identifier format. +# https://spdx.org/licenses/ +allowed-licenses: + - 0BSD + - AFL-3.0 + - Apache-1.1 + - Apache-2.0 + - APAFML + - BlueOak-1.0.0 + - BSD-2-Clause + - BSD-3-Clause + - BSD-3-Clause-LBNL + - BSL-1.0 + - CC-PDDC + - CC0-1.0 + - EPICS + - HPND + - ICU + - ISC + - MIT + - MIT-0 + - MS-PL + - MulanPSL-2.0 + - NCSA + - OGL-UK-3.0 + - PHP-3.01 + - PostgreSQL + - PSF-2.0 + - SMLNJ + - Unicode-DFS-2016 + - Unlicense + - UPL-1.0 + - W3C + - WTFPL + - X11 + - Xnet + - Zlib + - ZPL-2.0 + +ignored-packages: + - spdx-exceptions@2.3.0 + - underscore@1.2.1