-
Notifications
You must be signed in to change notification settings - Fork 9
32 lines (25 loc) · 1.13 KB
/
license_check.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
---
name: Check for forbidden licenses
# Checks for any forbidden/copyleft licenses using their SPDX identifiers
# (https://spdx.org/licenses/)
# To check NPM based packages, NPM License Checker (https://www.npmjs.com/package/license-checker) is used to
# generate a listing of packages and their associated licenses. This listing is checked against a
# regex in FORBIDDEN_LICENSE_CHECK to ensure no forbidden licenses are present. If any are detected, the build is failed.
# List of copyleft licenses derived from Blue Oak Council Guide to Copyleft
# (https://blueoakcouncil.org/copyleft)
# List of forbidden licenses derived from Google License Classifier
# (https://github.com/google/licenseclassifier)
on:
pull_request:
branches:
- trunk
- release-*
jobs:
license-check:
name: license check
runs-on: ubuntu-latest
env:
FORBIDDEN_LICENSE_CHECK: |
grep -E "GPL|CC-BY-SA|CC-BY-NC|CC-BY-NC-SA|CC-BY-NC-ND|APSL|CPAL|EUPL|NPOSL|OSL|SSPL|Parity|RPL|QPL|Sleepycat|copyleft|CDDL|CPL|EPL|ErlPL|IPL|MS-RL|SPL|Facebook|Commons-Clause" | grep . && exit 1 || echo "ok"
steps:
- uses: actions/checkout@v2