# This workflow checks the statuses of cached dependencies used in this action # with the help of the Licensed tool. If any licenses are invalid or missing, # this workflow will fail. See: https://github.com/licensee/licensed name: Licensed on: pull_request: push: branches: - main paths: - .github/workflows/licensed.yml - .licensed.yml - .licenses/** - bun.lock - package.json workflow_dispatch: concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: check-licenses: if: ${{ github.event_name != 'workflow_dispatch' }} name: Licensed runs-on: ubuntu-latest timeout-minutes: 15 permissions: contents: read pull-requests: read steps: - name: Detect license inputs id: license-inputs env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} PR_NUMBER: ${{ github.event.pull_request.number }} REPOSITORY: ${{ github.repository }} run: | if [[ "${{ github.event_name }}" != "pull_request" ]]; then echo "changed=true" >> "$GITHUB_OUTPUT" exit 0 fi gh api "repos/${REPOSITORY}/pulls/${PR_NUMBER}/files" --paginate --jq '.[].filename' > changed-files.txt if grep -Eq '^(\.github/workflows/licensed\.yml|\.licensed\.yml|\.licenses/.*|bun\.lock|package\.json)$' changed-files.txt; then echo "changed=true" >> "$GITHUB_OUTPUT" else echo "changed=false" >> "$GITHUB_OUTPUT" fi - name: Checkout id: checkout if: steps.license-inputs.outputs.changed == 'true' uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Bun id: setup-bun if: steps.license-inputs.outputs.changed == 'true' uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0 with: bun-version-file: .bun-version - name: Install Dependencies id: bun-install if: steps.license-inputs.outputs.changed == 'true' run: bun install --frozen-lockfile - name: Setup Ruby id: setup-ruby if: steps.license-inputs.outputs.changed == 'true' uses: ruby/setup-ruby@e65c17d16e57e481586a6a5a0282698790062f92 # v1.300.0 with: ruby-version: ruby - uses: licensee/setup-licensed@0d52e575b3258417672be0dff2f115d7db8771d8 # v1.3.2 if: steps.license-inputs.outputs.changed == 'true' with: version: 4.x github_token: ${{ secrets.GITHUB_TOKEN }} - name: Check Licenses id: check-licenses if: steps.license-inputs.outputs.changed == 'true' run: licensed status update-licenses: if: ${{ github.event_name == 'workflow_dispatch' }} name: Update Licenses runs-on: ubuntu-latest timeout-minutes: 15 permissions: contents: write steps: - name: Checkout id: checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Bun id: setup-bun uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0 with: bun-version-file: .bun-version - name: Install Dependencies id: bun-install run: bun install --frozen-lockfile - name: Setup Ruby id: setup-ruby uses: ruby/setup-ruby@e65c17d16e57e481586a6a5a0282698790062f92 # v1.300.0 with: ruby-version: ruby - uses: licensee/setup-licensed@0d52e575b3258417672be0dff2f115d7db8771d8 # v1.3.2 with: version: 4.x github_token: ${{ secrets.GITHUB_TOKEN }} - name: Update License Cache id: update-licenses run: licensed cache - name: Format License Files id: format-licenses run: bun x oxfmt --write .licensed.yml .licenses - name: Commit Licenses id: commit-licenses run: | git config --local user.email "licensed-ci@users.noreply.github.com" git config --local user.name "licensed-ci" git add .licenses .licensed.yml if git diff --cached --quiet; then echo "No license cache changes to commit." exit 0 fi git commit -m "Auto-update license files" git push