This action checks dependency license issues using ort.
This GitHub action can
- Run license analysis on your repository
- Run license analysis on list of repositories given
- Detect licensing violations
- Summarize potential licensing issues
- Generate a report with summary
A file containing list of GitHub repository urls. Format is a single url (https://github.com/<owner>/<repo>
) on each line. If set then action will run check on each url and generate an overview HTML page.
If not set the action runs check on currently checked out repository (.
directory).
By default the repositories
input is not set.
Required A file or URL containing ort rules to detect license violations. Default is https://github.com/NLeSC/tortellini-on-rsd/raw/main/config/rules.kts.
Required A file or URL containing classes for each license. For format see ort documentation. Default is https://github.com/NLeSC/tortellini-on-rsd/raw/main/config/license-classifications.yml.
A file or URL containing curations correct invalid or missing package metadata and set the concluded license for packages. See ort documentation for format. If not set then action will not use any curations.
No action outputs are defined for this actions.
The action will write files to .tortellini/out/
directory.
on:
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
tortellini:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: tortellini-tools/action@v3
- uses: actions/upload-artifact@v2
with:
name: tortellini-result
path: .tortellini/out
Tortellini action will generate .tortellini/out/scan-report-web-app.html
file.
The HTML file can be downloaded from the workflow page (see the documentation of the Upload a Build Artifact
GitHub action). After unzipping the scan-report-web-app.html
can be viewed in a web browser.
on:
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
tortellini:
runs-on: ubuntu-latest
steps:
- name: Create list of GitHub urls to perform check on
run: |
echo 'https://github.com/tortellini-tools/action' > urls.txt
echo 'https://github.com/fair-software/howfairis' >> urls.txt
- uses: tortellini-tools/action@v3
with:
repositories: urls.txt
- uses: actions/upload-artifact@v2
with:
name: tortellini-results
path: .tortellini/out
Tortellini action will generate .tortellini/out/index.html
file and .tortellini/out/<GitHub user or organization>/<GitHub repository>/scan-report-web-app.html
files.
The HTML files can be downloaded from the workflow page (see the documentation of the Upload a Build Artifact
GitHub action). After unzipping the index.html
can be viewed in a web browser.
See README.dev.md
tortellini
aims at providing insights into the license depencies of your package based on available information on open source licenses. We hope this information is helpful. However, we are not lawyers and we do make mistakes. Therefore tortellini
provides information on an "as-is" basis and does not make warranties regarding this information. For any questions regarding the issues related to the licenses in your code, please consult a professional.