From bd98016ccffc763b6ba2a3bafb3188ee89536172 Mon Sep 17 00:00:00 2001
From: Erisu <erisu@apache.org>
Date: Tue, 12 Mar 2024 23:49:54 +0900
Subject: [PATCH 1/2] ci(gh-action): add Apache RAT & package license checker
 workflow

---
 .github/workflows/release-audit.yml | 45 ++++++++++++++++++++++
 .ratignore                          |  3 ++
 licence_checker.yml                 | 60 +++++++++++++++++++++++++++++
 3 files changed, 108 insertions(+)
 create mode 100644 .github/workflows/release-audit.yml
 create mode 100644 .ratignore
 create mode 100644 licence_checker.yml

diff --git a/.github/workflows/release-audit.yml b/.github/workflows/release-audit.yml
new file mode 100644
index 0000000..8309094
--- /dev/null
+++ b/.github/workflows/release-audit.yml
@@ -0,0 +1,45 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#  KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+name: Release Auditing
+
+on: [push, pull_request]
+
+jobs:
+  test:
+    name: Audit Licenses
+    runs-on: ubuntu-latest
+    steps:
+      # Checkout project
+      - uses: actions/checkout@v4
+
+      # Check license headers
+      - uses: erisu/apache-rat-action@555ae80334a535eb6c1f8920b121563a5a985a75
+
+      # Setup environment with node
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+
+      # Install node packages
+      - name: npm install packages
+        run: npm i
+
+      # Check node package licenses
+      - uses: erisu/license-checker-action@e929758f9416f30234ac454fc9054ca4b803871d
+        with:
+          license-config: 'licence_checker.yml'
diff --git a/.ratignore b/.ratignore
new file mode 100644
index 0000000..297de45
--- /dev/null
+++ b/.ratignore
@@ -0,0 +1,3 @@
+\.(.*)
+coverage
+node_modules
diff --git a/licence_checker.yml b/licence_checker.yml
new file mode 100644
index 0000000..50818a5
--- /dev/null
+++ b/licence_checker.yml
@@ -0,0 +1,60 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#  KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+# Compiled list of allowed 3RD PARTY LICENSES from:
+#
+# ASF CATEGORY A: WHAT CAN WE INCLUDE IN AN ASF PROJECT
+# https://www.apache.org/legal/resolved.html#category-a
+#
+# Licenses converted into the SPDX standardized short identifier format.
+# https://spdx.org/licenses/
+allowed-licenses:
+  - 0BSD
+  - AFL-3.0
+  - Apache-1.1
+  - Apache-2.0
+  - APAFML
+  - BlueOak-1.0.0
+  - BSD-2-Clause
+  - BSD-3-Clause
+  - BSD-3-Clause-LBNL
+  - BSL-1.0
+  - CC-PDDC
+  - CC0-1.0
+  - EPICS
+  - HPND
+  - ICU
+  - ISC
+  - MIT
+  - MIT-0
+  - MS-PL
+  - MulanPSL-2.0
+  - NCSA
+  - OGL-UK-3.0
+  - PHP-3.01
+  - PostgreSQL
+  - PSF-2.0
+  - SMLNJ
+  - Unicode-DFS-2016
+  - Unlicense
+  - UPL-1.0
+  - W3C
+  - WTFPL
+  - X11
+  - Xnet
+  - Zlib
+  - ZPL-2.0

From 09dbdc23ef3a489af44cbe632bd2c136e4dcc305 Mon Sep 17 00:00:00 2001
From: Erisu <erisu@apache.org>
Date: Wed, 17 Apr 2024 14:52:55 +0900
Subject: [PATCH 2/2] ci(licese-checker): add Python-2.0 as allowed-licenses

---
 licence_checker.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/licence_checker.yml b/licence_checker.yml
index 50818a5..683f926 100644
--- a/licence_checker.yml
+++ b/licence_checker.yml
@@ -48,6 +48,7 @@ allowed-licenses:
   - PHP-3.01
   - PostgreSQL
   - PSF-2.0
+  - Python-2.0
   - SMLNJ
   - Unicode-DFS-2016
   - Unlicense