From d5c39458950517f166232ff004b6478fdd4f0ffd Mon Sep 17 00:00:00 2001 From: Jamie Slome Date: Fri, 22 Mar 2024 13:21:24 +0000 Subject: [PATCH 1/7] feat: introduce dependency review github action and deprecate duplicative workflow --- .github/workflows/dependency-review.yml | 20 ++++++++++++++++ .github/workflows/license-validation.yml | 29 ------------------------ 2 files changed, 20 insertions(+), 29 deletions(-) create mode 100644 .github/workflows/dependency-review.yml delete mode 100644 .github/workflows/license-validation.yml diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml new file mode 100644 index 00000000..6b178be5 --- /dev/null +++ b/.github/workflows/dependency-review.yml @@ -0,0 +1,20 @@ +name: 'Dependency Review' +on: [pull_request] + +permissions: + contents: read + pull-requests: write + +jobs: + dependency-review: + runs-on: ubuntu-latest + steps: + - name: 'Checkout Repository' + uses: actions/checkout@v4 + - name: Dependency Review + uses: actions/dependency-review-action@v4 + with: + comment-summary-in-pr: always + fail-on-severity: high + allow-licenses: MIT, Apache-2.0, BSD, BSD-3-Clause, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, MIT/X11, MPL + fail-on-scopes: development, runtime \ No newline at end of file diff --git a/.github/workflows/license-validation.yml b/.github/workflows/license-validation.yml deleted file mode 100644 index 4c8130d4..00000000 --- a/.github/workflows/license-validation.yml +++ /dev/null @@ -1,29 +0,0 @@ -# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node -# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions - -name: License Validation - -on: - push: - branches: [ main ] - pull_request: - branches: [ main ] - -jobs: - validate: - runs-on: ubuntu-latest - strategy: - matrix: - node-version: [18.x] - steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v4 - with: - node-version: ${{ matrix.node-version }} - - name: Install node-license-validator - run: npm i -g node-license-validator - - name: Validate Server - run: | - npm install --prod - node-license-validator . --allow-licenses MIT Apache-2.0 BSD BSD-3-Clause ISC BSD-2-Clause Unlicense CC0-1.0 0BSD MIT/X11 MPL --allow-packages spdx-exceptions spdx-license-ids underscore precond password-hash From a5c9a372f6c0405075ff19f9fd11ec624c9ff1e3 Mon Sep 17 00:00:00 2001 From: Jamie Slome Date: Fri, 22 Mar 2024 13:22:39 +0000 Subject: [PATCH 2/7] chore: bump node version of lint workflow to 18.x --- .github/workflows/lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index f101fec7..75247d35 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -3,7 +3,7 @@ name: Lint Code Base on: [pull_request] env: # environment variables (available in any part of the action) - NODE_VERSION: 16 + NODE_VERSION: 18 jobs: linting: From 4e67e229e2925f96c26e811419ad42b3fbd4399c Mon Sep 17 00:00:00 2001 From: Jamie Slome Date: Fri, 22 Mar 2024 13:22:56 +0000 Subject: [PATCH 3/7] chore: rename Node.js CI workflow to CI --- .github/workflows/nodejs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/nodejs.yml b/.github/workflows/nodejs.yml index e14bb7ba..4f34325a 100644 --- a/.github/workflows/nodejs.yml +++ b/.github/workflows/nodejs.yml @@ -1,7 +1,7 @@ # This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node # For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions -name: Node.js CI +name: CI on: push: From 85ec0b09110d29a2fd9a1b02ce51bbe4d3779848 Mon Sep 17 00:00:00 2001 From: Jamie Slome Date: Fri, 22 Mar 2024 15:10:04 +0000 Subject: [PATCH 4/7] chore: remove ambiguous BSD spdx identifier and correct X11 --- .github/workflows/dependency-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 6b178be5..7c917ba1 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -16,5 +16,5 @@ jobs: with: comment-summary-in-pr: always fail-on-severity: high - allow-licenses: MIT, Apache-2.0, BSD, BSD-3-Clause, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, MIT/X11, MPL + allow-licenses: MIT, Apache-2.0, BSD-3-Clause, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL fail-on-scopes: development, runtime \ No newline at end of file From cb02276bc79139354fbd2e8f1afb5da8cac60996 Mon Sep 17 00:00:00 2001 From: Jamie Slome Date: Fri, 22 Mar 2024 15:16:25 +0000 Subject: [PATCH 5/7] chore: update list of Mozilla Public License list in dependency review workflow --- .github/workflows/dependency-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 7c917ba1..a6076878 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -16,5 +16,5 @@ jobs: with: comment-summary-in-pr: always fail-on-severity: high - allow-licenses: MIT, Apache-2.0, BSD-3-Clause, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL + allow-licenses: MIT, Apache-2.0, BSD-3-Clause, ISC, BSD-2-Clause, Unlicense, CC0-1.0, 0BSD, X11, MPL-2.0, MPL-1.0, MPL-1.1, MPL-2.0 fail-on-scopes: development, runtime \ No newline at end of file From 8068ed271d270403debd81f0df85f4970d334208 Mon Sep 17 00:00:00 2001 From: Jamie Slome Date: Fri, 22 Mar 2024 15:24:41 +0000 Subject: [PATCH 6/7] chore: rename nodejs.yml to ci.yml and update README references --- .github/workflows/{nodejs.yml => ci.yml} | 0 README.md | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename .github/workflows/{nodejs.yml => ci.yml} (100%) diff --git a/.github/workflows/nodejs.yml b/.github/workflows/ci.yml similarity index 100% rename from .github/workflows/nodejs.yml rename to .github/workflows/ci.yml diff --git a/README.md b/README.md index 8afed4f2..a966f00a 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ [![FINOS - Incubating](https://cdn.jsdelivr.net/gh/finos/contrib-toolbox@master/images/badge-incubating.svg)](https://community.finos.org/docs/governance/Software-Projects/stages/incubating) [![NPM](https://img.shields.io/npm/v/@finos/git-proxy?colorA=00C586&colorB=000000)](https://www.npmjs.com/package/@finos/git-proxy) -[![Build](https://img.shields.io/github/actions/workflow/status/finos/git-proxy/nodejs.yml?branch=main&label=CI&logo=github&colorA=00C586&colorB=000000)](https://github.com/finos/git-proxy/actions/workflows/nodejs.yml) +[![Build](https://img.shields.io/github/actions/workflow/status/finos/git-proxy/ci.yml?branch=main&label=CI&logo=github&colorA=00C586&colorB=000000)](https://github.com/finos/git-proxy/actions/workflows/ci.yml) [![codecov](https://codecov.io/gh/finos/git-proxy/branch/main/graph/badge.svg)](https://codecov.io/gh/finos/git-proxy) [![Documentation](https://img.shields.io/badge/_-documentation-000000?colorA=00C586&logo=docusaurus&logoColor=FFFFFF&)](https://git-proxy.finos.org)
From af8b189ab76fab428e2361dcf20f3c6b69feb267 Mon Sep 17 00:00:00 2001 From: Jamie Slome Date: Fri, 22 Mar 2024 15:32:07 +0000 Subject: [PATCH 7/7] chore: rename lint workflow to understandable name --- .github/workflows/lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 75247d35..9473d9d9 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,4 +1,4 @@ -name: Lint Code Base +name: Code Cleanliness on: [pull_request]