ci: license checker (#18)

jamesbhobbs · devin-ai-integration[bot] · web-flow · commit 0a3960915688 · 2025-10-07T12:10:49.000+01:00
* ci: license checker

* chore: add missing license and clearer status check

* chore: skip unused package with no license

* fix: resolve license checker issues and fix prettier formatting

- Fix trailing whitespace in .github/workflows/ci.yml
- Add BSD and 'Apache v2' to allowed licenses (alternate naming for BSD-2-Clause and Apache-2.0)
- Exclude 4 devDependencies with WTFPL license: chai-as-promised, esbuild-plugin-less, truncate-utf8-bytes, utf8-byte-length
- Exclude eslint-plugin-local-rules (local package with UNKNOWN license)

All excluded packages are devDependencies used only for testing/building and are not bundled with the extension.

---------

Co-authored-by: Devin AI &lt;158243242+devin-ai-integration[bot]@users.noreply.github.com&gt;
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -68,3 +68,24 @@ jobs:
       - name: Check dependencies
         run: npm run checkDependencies
         continue-on-error: true
+
+      - name: Check licenses
+        run: npm run check-licenses
+  check_licenses:
+    name: Check Licenses
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v5
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Check Licenses
+        run: npm run check-licenses
diff --git a/package.json b/package.json
@@ -2055,6 +2055,7 @@
         "build:prerelease": "cross-env IS_PRE_RELEASE_VERSION_OF_JUPYTER_EXTENSION=true npm run build",
         "build:stable": "cross-env IS_PRE_RELEASE_VERSION_OF_JUPYTER_EXTENSION=false npm run build",
         "build": "concurrently npm:compile-release npm:updatePackageJsonForBundle",
+        "check-licenses": "npx license-checker-rseidelsohn --onlyAllow 'MIT;Apache-2.0;Apache v2;ISC;BSD;BSD-2-Clause;BSD-3-Clause;0BSD;Python-2.0;CC0-1.0;CC-BY-3.0;CC-BY-4.0;Unlicense;BlueOak-1.0.0;MPL-2.0' --excludePrivatePackages --excludePackages 'bootstrap-less@3.3.8;chai-as-promised@7.1.1;esbuild-plugin-less@1.3.19;eslint-plugin-local-rules@1.0.0;truncate-utf8-bytes@1.0.2;utf8-byte-length@1.0.4'",
         "checkDependencies": "gulp checkDependencies",
         "clean": "gulp clean",
         "compile-esbuild-watch": "npx tsx build/esbuild/build.ts --watch",
