feat: initialize repo and create npm-license-checker action (#1)

* feat(npm-license-checker): add an npm license checker action * add node_modules * suppress node_modules * try again * updates * remove package-lock.json * consistency * clean up * build * path * exclude package support * build * starts with * deps * build * clean up * gitattributes * dist * ignore * fix import * output format * try * * output format * update allowed * changes * allow all for now * build * re-enable onlyAllow * clarifications support * summary * Python-2.0 * tests * security reviews * lint staged * pre-commit * .gitignore * more ignore * tests * test precommit * linting * ci tests * ci * CODEOWNERS * kick security review in the pants * docs * fix husky
dequelabs · Dec 10, 2024 · 810d93c · 810d93c
1 parent 07dddf5
commit 810d93c
Show file tree

Hide file tree

Showing 33 changed files with 60,384 additions and 0 deletions.
diff --git a/.gitattributes b/.gitattributes
@@ -0,0 +1 @@
+dist/** linguist-generated
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -0,0 +1 @@
+* @dequelabs/team-drums
diff --git a/.github/actions/npm-license-checker/README.md b/.github/actions/npm-license-checker/README.md
@@ -0,0 +1,34 @@
+name: Generate Third-Party Credits
+
+on:
+push:
+branches: - '\*\*' - '!master' - '!release' - '!develop'
+
+jobs:
+generate-credits:
+runs-on: ubuntu-latest
+steps: - uses: actions/checkout@v4
+
+      - name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '18'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - uses: dequelabs/internal-actions-public/.github/actions/npm-license-checker@e1010db9d38031a9fe150a1808dbf714f324cdcd
+        with:
+          dependency-type: 'production'
+          details-output-path: './app/src/credits.json'
+          exclude-packages: 'axe-core;axe-devtools-app;react-wai-accordion'
+          exclude-packages-starting-with: '@deque/'
+          details-output-format: 'json'
+          clarifications-path: './app/licenseClarifications.json'
+          start-path: './app'
+
+      - name: Commit and push if changed
+        uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842
+        with:
+          commit_message: 'Update credits.json'
+          file_pattern: './app/src/credits.json'
diff --git a/.github/actions/npm-license-checker/action.yml b/.github/actions/npm-license-checker/action.yml
@@ -0,0 +1,30 @@
+name: npm-license-checker
+description: A GitHub action to check 3rd-party licenses and output a report of licenses used
+inputs:
+  dependency-type:
+    description: 'Type of dependencies to include: production | development | all'
+    default: all
+  start-path:
+    description: 'The path to begin scanning for licenses'
+    default: './'
+  custom-fields-path:
+    description: 'A path to a file to customize the detail output. See: https://www.npmjs.com/package/license-checker-rseidelsohn#custom-format'
+  clarifications-path:
+    description: 'A path to a file that contains license clarifications. See: https://www.npmjs.com/package/license-checker-rseidelsohn#clarifications'
+  only-allow:
+    description: A semicolon-separated list of allowed licenses
+    # Based on https://opensource.google/documentation/reference/thirdparty/licenses
+    default: "AFL-2.1;AFL-3.0;AMPAS;Apache-2.0;Artistic-1.0;Artistic-2.0;Apache-1.1;Beerware;BSL-1.0;BSD-2-Clause;BSD-3-Clause;BSD-2-Clause-Patent;CC-BY-1.0;CC-BY-2.0;CC-BY-2.5;CC-BY-3.0;CC-BY-4.0;JSON;FTL;HPND;ImageMagick;ISC;libtiff;LPL-1.02;MS-PL;MIT;MIT-CMU;NCSA;NIST-Software;OpenSSL;PHP-3.0;PostgreSQL;TCP-wrappers;UPL-1.0;W3C-20150513;WTFPL;Xnet;Zend-2.0;Zlib;ZPL-2.0;0BSD;CC0-1.0;Unlicense;Python-2.0"
+  details-output-path:
+    description: The path to output details (e.g. ./licenseData.json).
+  details-output-format:
+    description: The format to output the results in (csv | json | markdown)
+    default: json
+  exclude-packages:
+    description: A comma-separated list of packages to exclude
+  exclude-packages-starting-with:
+    description: 'A comma-separated list of package name prefixes to exclude (e.g "@deque/")'
+
+runs:
+  using: 'node20'
+  main: 'dist/index.js'
diff --git a/.github/actions/npm-license-checker/dist/checkLicenses.d.ts b/.github/actions/npm-license-checker/dist/checkLicenses.d.ts
@@ -0,0 +1,2 @@
+import { CheckLicensesOptions, LicenseChecker, ModuleInfos } from './types';
+export default function checkLicenses(licenseChecker: LicenseChecker, options: CheckLicensesOptions): Promise<ModuleInfos>;
diff --git a/.github/actions/npm-license-checker/dist/index.d.ts b/.github/actions/npm-license-checker/dist/index.d.ts
@@ -0,0 +1 @@
+export {};
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		import { CheckLicensesOptions, LicenseChecker, ModuleInfos } from './types';
		export default function checkLicenses(licenseChecker: LicenseChecker, options: CheckLicensesOptions): Promise<ModuleInfos>;