diff --git a/.github/CLA.md b/.github/CLA.md index 1b1d99f..805f698 100644 --- a/.github/CLA.md +++ b/.github/CLA.md @@ -34,6 +34,8 @@ Grant of Patent License. Subject to the terms and conditions of this Agreement, You represent that you are legally entitled to grant the above license. If your employer(s) has rights to intellectual property that you create that includes your Contributions, you represent that you have received permission to make Contributions on behalf of that employer, that you will have received permission from your current and future employers for all future Contributions, that your applicable employer has waived such rights for all of your current and future Contributions to Telefónica Innovación Digital, or that your employer has executed a separate Corporate CLA with Telefónica Innovación Digital. +You represent that each of Your Contributions is Your original creation. You represent that Your Contribution submissions include complete details of any third-party license or other restriction (including, but not limited to, related patents and trademarks) of which you are personally aware and which are associated with any part of Your Contributions. + You are not expected to provide support for Your Contributions, except to the extent You desire to provide support. You may provide support for free, for a fee, or not at all. Unless required by applicable law or agreed to in writing, You provide Your Contributions on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON- INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You agree to notify Telefónica Innovación Digital of any facts or circumstances of which you become aware that would make these representations inaccurate in any respect. diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 5f9fd38..3767328 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -1,8 +1,8 @@ -# Add your title here +# ## Description -__Please provide enough information and context so that others can review your pull request easily__ + ## Agreement diff --git a/.github/check-license-compliance.config.yml b/.github/check-license-compliance.config.yml new file mode 100644 index 0000000..7a6e39b --- /dev/null +++ b/.github/check-license-compliance.config.yml @@ -0,0 +1,67 @@ +# SPDX-FileCopyrightText: 2025 Telefónica Innovación Digital and contributors +# SPDX-License-Identifier: MIT + +licenses: + allowed: + - Apache-2.0 + - MIT + - X11 + - BSD-2-Clause + - BSD-3-Clause + - ISC + - Zlib + - Unlicense + - 0BSD + - BlueOak-1.0.0 + - WTFPL + - CC-BY-3.0 + - CC-BY-4.0 + - CC0-1.0 + - Python-2.0 + warning: + - CC-BY-SA-3.0 + - CC-BY-SA-4.0 + - LGPL-2.1 + - LGPL-2.1-only + - LGPL-2.1+ + - LGPL-2.1-or-later + - LGPL-3.0 + - LGPL-3.0-only + - LGPL-3.0+ + - LGPL-3.0-or-later + - MPL-1.1 + - MPL-2.0 + - EPL-1.0 + forbidden: + - GPL-2.0-only + - GPL-2.0-or-later + - GPL-3.0-only + - GPL-3.0-or-later + - AGPL-3.0 +npm: + excludeModules: + - "@tid-xcut/markdown-confluence-sync@1.0.0" + +# production: true # Whether to check production dependencies or not +# development: true # Whether to check development dependencies or not +# onlyDirect: false # Whether to check only direct dependencies or not +# npm: # Configuration for npm dependencies +# includeFiles: # Files to include in the check +# - "**/package.json" +# excludeFiles: # Files to exclude from the check +# - "**/node_modules/**" +# developmentFiles: # Dependencies in these files are considered development dependencies +# - "**/my-dev-package/package.json" +# modules: # Only check these modules +# - "foo-module@1.0.0" +# excludeModules: # Exclude these modules from the check +# - "bar-module@1.0.0" +# extraModules: # Add these extra modules to the check +# - "baz-module@1.0.0" +# python: # Configuration for python dependencies, similar to npm, plus extra options +# recursiveRequirements: true # Whether to check requirements recursively, including -r files +# maven: {} # Configuration for maven dependencies, similar to npm +# go: {} # Configuration for go dependencies, similar to npm +# reporter: text # Reporter to use (text, json, markdown) +# failOnNotValid: true # Whether to fail the action if a dependency is forbidden +# log: info # Log level (silly, debug, verbose, info, warn, error) diff --git a/.github/check-spdx-headers.config.yml b/.github/check-spdx-headers.config.yml new file mode 100644 index 0000000..1281fd9 --- /dev/null +++ b/.github/check-spdx-headers.config.yml @@ -0,0 +1,45 @@ +# SPDX-FileCopyrightText: 2025 Telefónica Innovación Digital and contributors +# SPDX-License-Identifier: MIT + +rules: + - name: "Source code" + headers: + - files: + - "**/*.js" + - "**/*.ts" + - "src/**" + license: "Apache-2.0" + ignore: + - "*.config.js" + - "script/**" + - name: "Config files" + headers: + - files: + - ".github/**/*.yml" + - "**/*.yml" + - "*.config.js" + license: + - "MIT" + - "Apache-2.0" + - name: "Scripts" + headers: + - files: + - "script/**" + license: + - "MIT" + - "Apache-2.0" + - name: "Copyright" + headers: + - files: + - ".github/**/*.yml" + - "src/**" + - "**/*.yml" + copyright: + - "\\d{4}(\\s-\\s\\d{4})? Telefónica Innovación Digital" + - "\\d{4}(\\s-\\s\\d{4})? Telefónica Innovación Digital and contributors" +ignore: + - "**/node_modules/**" + - "dist/**" + - "build/**" + - "coverage/**" + - ".github/ISSUE_TEMPLATE/**" diff --git a/.github/workflows/open-source-checks.yml b/.github/workflows/open-source-checks.yml new file mode 100644 index 0000000..e003bed --- /dev/null +++ b/.github/workflows/open-source-checks.yml @@ -0,0 +1,62 @@ +# SPDX-FileCopyrightText: 2025 Telefónica Innovación Digital and contributors +# SPDX-License-Identifier: MIT + +name: Open Source Checks +on: + pull_request: + push: + branches: + - main + - release + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: + contents: read + pull-requests: write + statuses: write + +jobs: + check-opensource-scaffold: + name: Check Open Source Scaffold + runs-on: ubuntu-latest + + steps: + - name: Checkout + id: checkout + uses: actions/checkout@v4 + + - name: Check Open Source Scaffold + uses: Telefonica/opensource-scaffold@v1 + + check-license-compliance: + name: Check License Compliance + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v4 + + - name: Check License Compliance + uses: Telefonica/check-license-compliance/.github/actions/check-and-comment@v3.0.0-beta.1 + with: + config-file: .github/check-license-compliance.config.yml + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + check-spdx-headers: + name: Check SPDX Headers + runs-on: ubuntu-latest + + steps: + - name: Checkout + id: checkout + uses: actions/checkout@v4 + + - name: Check SPDX Headers + uses: Telefonica/check-spdx-headers/.github/actions/check-and-comment@v1 + with: + config-file: .github/check-spdx-headers.config.yml + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/cspell/missing.txt b/cspell/missing.txt index 19f8296..a0c0382 100644 --- a/cspell/missing.txt +++ b/cspell/missing.txt @@ -1,3 +1,4 @@ commonmark frontmatter +opensource syncrc diff --git a/jest.e2e.config.js b/jest.e2e.config.js index 01b66ca..cc4acbb 100644 --- a/jest.e2e.config.js +++ b/jest.e2e.config.js @@ -1,3 +1,6 @@ +// SPDX-FileCopyrightText: 2024 Telefónica Innovación Digital and contributors +// SPDX-License-Identifier: MIT + /** @type {import('ts-jest').JestConfigWithTsJest} **/ export default { // Automatically clear mock calls and instances between every test diff --git a/jest.unit.config.js b/jest.unit.config.js index 182f5a7..88395b8 100644 --- a/jest.unit.config.js +++ b/jest.unit.config.js @@ -1,3 +1,6 @@ +// SPDX-FileCopyrightText: 2024 Telefónica Innovación Digital and contributors +// SPDX-License-Identifier: MIT + /** @type {import('ts-jest').JestConfigWithTsJest} **/ export default { // Automatically clear mock calls and instances between every test diff --git a/script/post-package.js b/script/post-package.js index 555ae39..3c013b8 100644 --- a/script/post-package.js +++ b/script/post-package.js @@ -1,3 +1,6 @@ +// SPDX-FileCopyrightText: 2024 Telefónica Innovación Digital and contributors +// SPDX-License-Identifier: MIT + import { replaceInFile } from "replace-in-file"; const filePath = "dist/index.js"; diff --git a/script/release b/script/release index 91d7e01..e501dd6 100755 --- a/script/release +++ b/script/release @@ -1,3 +1,5 @@ +# SPDX-License-Identifier: MIT + #!/bin/bash # Exit early diff --git a/test/e2e/support/confluence.ts b/test/e2e/support/confluence.ts index a3de839..8638749 100644 --- a/test/e2e/support/confluence.ts +++ b/test/e2e/support/confluence.ts @@ -1,3 +1,6 @@ +// SPDX-FileCopyrightText: 2024 Telefónica Innovación Digital and contributors +// SPDX-License-Identifier: Apache-2.0 + import { ConfluenceClient } from "confluence.js"; const README_PAGE_ID = process.env.CONFLUENCE_README_PAGE_ID as string; diff --git a/test/e2e/support/setup.ts b/test/e2e/support/setup.ts index 8b08074..0879a75 100644 --- a/test/e2e/support/setup.ts +++ b/test/e2e/support/setup.ts @@ -1,3 +1,6 @@ +// SPDX-FileCopyrightText: 2024 Telefónica Innovación Digital and contributors +// SPDX-License-Identifier: Apache-2.0 + import * as dotenv from "dotenv"; // eslint-disable-next-line jest/require-hook diff --git a/test/unit/specs/index.spec.ts b/test/unit/specs/index.spec.ts index 45e3c14..31568e9 100644 --- a/test/unit/specs/index.spec.ts +++ b/test/unit/specs/index.spec.ts @@ -1,3 +1,6 @@ +// SPDX-FileCopyrightText: 2024 Telefónica Innovación Digital and contributors +// SPDX-License-Identifier: Apache-2.0 + import * as main from "../../../src/main"; jest.mock( diff --git a/test/unit/specs/main.spec.ts b/test/unit/specs/main.spec.ts index 70647e6..aaaee9e 100644 --- a/test/unit/specs/main.spec.ts +++ b/test/unit/specs/main.spec.ts @@ -1,3 +1,6 @@ +// SPDX-FileCopyrightText: 2024 Telefónica Innovación Digital and contributors +// SPDX-License-Identifier: Apache-2.0 + import * as core from "@actions/core"; import * as main from "../../../src/main"; import { MarkdownConfluenceSync } from "@tid-xcut/markdown-confluence-sync";