SharezoneApp · Jonas-Sander · Nov 6, 2023 · Oct 25, 2023 · Oct 25, 2023 · Nov 4, 2023
@@ -35,3 +35,40 @@ jobs:
           go-version: "^1.13.1"
       - run: go install github.com/google/[email protected]
       - run: ./bin/check_license_headers.sh
+
+  check-dependency-licenses:
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608
+
+      - name: Set Flutter version from FVM config file to environment variables
+        uses: kuhnroyal/flutter-fvm-config-action@6ffa30473b346f7d7c63cf9e03e6a886f940a72b
+
+      - uses: subosito/flutter-action@48cafc24713cca54bbe03cdc3a423187d413aafa
+        with:
+          flutter-version: ${{ env.FLUTTER_VERSION }}
+          channel: ${{ env.FLUTTER_CHANNEL }}
+          # Use format expected by FVM.
+          # Else this won't be recognized as an installed version when setting
+          # '.../flutter' as the FVM Flutter version cache folder.
+          cache-path: "${{ runner.tool_cache }}/flutter/:version:"
+
+      - name: Install FVM
+        run: |
+          flutter pub global activate fvm 2.4.1
+          fvm config --cache-path '${{ runner.tool_cache }}/flutter'
+
+      - name: Activate license_checker
+        run: fvm dart pub global activate license_checker 1.6.0
+
+      - name: Check licenses in app
+        run: |
+          cd app
+          fvm flutter pub get
+          lic_ck check-licenses --config ../licenses_config.yaml --problematic
+
+      - name: Check licenses in sz cli
+        run: |
+          cd tools/sz_repo_cli
+          fvm dart pub get
+          lic_ck check-licenses --config ../../licenses_config.yaml --problematic
@@ -0,0 +1,84 @@
+# Copyright (c) 2023 Sharezone UG (haftungsbeschränkt)
+# Licensed under the EUPL-1.2-or-later.
+#
+# You may obtain a copy of the Licence at:
+# https://joinup.ec.europa.eu/software/page/eupl
+#
+# SPDX-License-Identifier: EUPL-1.2
+
+# This file is used to check that we only use dependencies with 
+# licenses that we are allowed to use / that we want to use.
+# It is used by the Dart `license_checker` package.
+# 
+# Run in `app` to show if some dependency are not allowed:
+# fvm dart lic_ck check-licenses --config ../licenses_config.yaml --problematic
+
+permittedLicenses:
+  - MIT
+  - BSD-3-Clause
+  - BSD-2-Clause
+  - Apache-2.0
+  - MPL-2.0
+  - Zlib
+  - MIT-Modern-Variant
+  - EUPL-1.2-or-later
+
+approvedPackages:
+  no-file:
+  - flutter_driver
+  - flutter_localizations
+  - flutter_test
+  - flutter_web_plugins
+  - fuchsia_remote_debug_protocol
+  - integration_test
+
+packageLicenseOverride:
+  rxdart: Apache-2.0
+  animated_stream_list_nullsafety: Apache-2.0
+  # The actual license is BSD-2-Clause with the following addition:
+  # > * All use of this software must display the following acknowledgement: This
+  # >   product includes software developed by Akshath Jain (https://akshathjain.com).
+  # Since the license text is included in the license page in our app it is technically
+  # present in our app. I don't know in what way it was intended.
+  # For now we'll just assume that it's okay like this.
+  # Open issue about the license: https://github.com/akshathjain/sliding_up_panel/issues/312
+  sliding_up_panel: BSD-2-Clause
+  # Our local packages
+  abgabe_client_lib: EUPL-1.2-or-later
+  abgabe_http_api: EUPL-1.2-or-later
+  analytics: EUPL-1.2-or-later
+  app_functions: EUPL-1.2-or-later
+  authentification_base: EUPL-1.2-or-later
+  authentification_qrcode: EUPL-1.2-or-later
+  bloc_base: EUPL-1.2-or-later
+  bloc_provider: EUPL-1.2-or-later
+  build_context: EUPL-1.2-or-later
+  common_domain_models: EUPL-1.2-or-later
+  crash_analytics: EUPL-1.2-or-later
+  date: EUPL-1.2-or-later
+  design: EUPL-1.2-or-later
+  dynamic_links: EUPL-1.2-or-later
+  files_basics: EUPL-1.2-or-later
+  files_usecases: EUPL-1.2-or-later
+  files_web: EUPL-1.2-or-later
+  filesharing_logic: EUPL-1.2-or-later
+  firebase_hausaufgabenheft_logik: EUPL-1.2-or-later
+  group_domain_implementation: EUPL-1.2-or-later
+  group_domain_models: EUPL-1.2-or-later
+  hausaufgabenheft_logik: EUPL-1.2-or-later
+  holidays: EUPL-1.2-or-later
+  key_value_store: EUPL-1.2-or-later
+  last_online_reporting: EUPL-1.2-or-later
+  notifications: EUPL-1.2-or-later
+  qr_code_scanner: EUPL-1.2-or-later
+  remote_configuration: EUPL-1.2-or-later
+  sharezone_common: EUPL-1.2-or-later
+  sharezone_lints: EUPL-1.2-or-later
+  sharezone_utils: EUPL-1.2-or-later
+  sharezone_widgets: EUPL-1.2-or-later
+  time: EUPL-1.2-or-later
+  url_launcher_extended: EUPL-1.2-or-later
+  user: EUPL-1.2-or-later
+  util: EUPL-1.2-or-later
+
+