datahaven/operator/scripts/verify-licenses.sh

#!/bin/bash

cargo license --json > licenses.json
LICENSES=(
    "(MIT OR Apache-2.0) AND Unicode-DFS-2016"
    "(MIT OR Apache-2.0) AND Unicode-3.0"
    "0BSD OR Apache-2.0 OR MIT"
    "Apache-2.0 AND ISC"
    "Apache-2.0 AND MIT"
    "Apache-2.0 OR LGPL-2.1-or-later OR MIT"
    "Apache-2.0 OR Apache-2.0 WITH LLVM-exception OR MIT"
    "Apache-2.0 OR Apache-2.0 WITH LLVM-exception OR CC0-1.0"
    "Apache-2.0 OR BSD-1-Clause OR MIT"
    "Apache-2.0 OR BSD-2-Clause OR MIT"
    "Apache-2.0 OR BSD-3-Clause OR MIT"
    "Apache-2.0 OR BSD-3-Clause"
    "Apache-2.0 OR BSL-1.0"
    "Apache-2.0 OR BSL-1.0 OR MIT"
    "Apache-2.0 OR CC0-1.0 OR MIT-0"
    "Apache-2.0 OR CC0-1.0"
    "Apache-2.0 OR GPL-3.0"
    "Apache-2.0 OR ISC OR MIT"
    "Apache-2.0 OR MIT OR Zlib"
    "Apache-2.0 OR MIT"
    "(Apache-2.0 OR MIT) AND Apache-2.0"
    "Apache-2.0 WITH LLVM-exception"
    "Apache-2.0"
    "BSD-2-Clause"
    "BSD-3-Clause OR MIT"
    "BSD-3-Clause"
    "CC0-1.0"
    "CDLA-Permissive-2.0"
    "GPL-3.0-only"
    "GPL-3.0-or-later WITH Classpath-exception-2.0"
    "ISC"
    "LGPL-3.0 OR MPL-2.0"
    "MIT OR Unlicense"
    "MIT"
    "MPL-2.0"
    "Zlib"
    "Unicode-3.0"
    "(Apache-2.0 OR MIT) AND Unicode-3.0"
)
AUTHORS=(
    "PureStake"
    "Parity Technologies <admin@parity.io>"
    "Moonsong Labs"
    "moonbeam-foundation"
    "Frontier developers <legal@bitarray.dev>"
    "StorageHub Team"
)
NAMES=(
    "ring"  # v0.16.20 has null license metadata but contains Apache-2.0 AND ISC LICENSE file
)
licenses_filter=$(printf ' .license != "%s" and' "${LICENSES[@]}")
authors_filter=$(printf ' .authors != "%s" and' "${AUTHORS[@]}")
names_filter=$(printf ' .name != "%s" and' "${NAMES[@]}")
# "true" at the end is necessary to close the "and" conditional
filter="${licenses_filter}${authors_filter}${names_filter} true"

echo -e "checking licenses with filter:\n$filter\n"
RESULT=$(jq "[.[] | select($filter)]" licenses.json)

if [[ "$RESULT" == "[]" ]]; then
    echo "OK !!"
    exit 0
else
    echo -en "$RESULT\n"
    echo "FAILURE !!"
    exit 1
fi
feat: ✨ Add CI license check (#269) ## Summary - Adds automated license compliance checking via GitHub Actions CI workflow - Implements a license verification script that validates all Rust dependencies against approved licenses, authors, and packages - Standardizes author metadata across Cargo manifests to "Moonsong Labs" ## Changes CI Workflow (`.github/workflows/task-check-licenses.yml`) - Triggers on pull requests and manual dispatch - Installs Rust 1.88.0 toolchain and `cargo-license` tool - Executes license verification script to enforce compliance License Verification Script (`operator/scripts/verify-licenses.sh`) - Uses `cargo-license` to extract dependency license information - Maintains three allowlists: - Licenses: Apache-2.0, MIT, BSD variants, GPL-3.0, MPL-2.0, and compatible combinations - Authors: PureStake, Parity Technologies, Moonsong Labs, Frontier developers, StorageHub Team - Package Names: Known safe packages like ring - Fails the build if any dependency has unapproved license/author/name combination Cargo Manifest Updates - `operator/Cargo.toml`: Standardized workspace author to "Moonsong Labs" - `operator/precompiles/precompile-registry/Cargo.toml`: Uses workspace author field - `operator/runtime/common/Cargo.toml`: Added workspace author field ## Benefits - Legal Compliance: Ensures all dependencies use OSI-approved or compatible licenses - Supply Chain Security: Validates dependencies come from trusted sources - Automated Enforcement: Catches licensing issues during PR review rather than at release time - Transparency: Provides clear audit trail of approved licenses and authors 2025-11-02 21:32:59 +00:00			`#!/bin/bash`

			`cargo license --json > licenses.json`
			`LICENSES=(`
			`"(MIT OR Apache-2.0) AND Unicode-DFS-2016"`
			`"(MIT OR Apache-2.0) AND Unicode-3.0"`
			`"0BSD OR Apache-2.0 OR MIT"`
			`"Apache-2.0 AND ISC"`
			`"Apache-2.0 AND MIT"`
			`"Apache-2.0 OR LGPL-2.1-or-later OR MIT"`
			`"Apache-2.0 OR Apache-2.0 WITH LLVM-exception OR MIT"`
			`"Apache-2.0 OR Apache-2.0 WITH LLVM-exception OR CC0-1.0"`
			`"Apache-2.0 OR BSD-1-Clause OR MIT"`
			`"Apache-2.0 OR BSD-2-Clause OR MIT"`
			`"Apache-2.0 OR BSD-3-Clause OR MIT"`
			`"Apache-2.0 OR BSD-3-Clause"`
			`"Apache-2.0 OR BSL-1.0"`
			`"Apache-2.0 OR BSL-1.0 OR MIT"`
			`"Apache-2.0 OR CC0-1.0 OR MIT-0"`
			`"Apache-2.0 OR CC0-1.0"`
			`"Apache-2.0 OR GPL-3.0"`
			`"Apache-2.0 OR ISC OR MIT"`
			`"Apache-2.0 OR MIT OR Zlib"`
			`"Apache-2.0 OR MIT"`
			`"(Apache-2.0 OR MIT) AND Apache-2.0"`
			`"Apache-2.0 WITH LLVM-exception"`
			`"Apache-2.0"`
			`"BSD-2-Clause"`
			`"BSD-3-Clause OR MIT"`
			`"BSD-3-Clause"`
			`"CC0-1.0"`
			`"CDLA-Permissive-2.0"`
			`"GPL-3.0-only"`
			`"GPL-3.0-or-later WITH Classpath-exception-2.0"`
			`"ISC"`
			`"LGPL-3.0 OR MPL-2.0"`
			`"MIT OR Unlicense"`
			`"MIT"`
			`"MPL-2.0"`
			`"Zlib"`
			`"Unicode-3.0"`
			`"(Apache-2.0 OR MIT) AND Unicode-3.0"`
			`)`
			`AUTHORS=(`
			`"PureStake"`
			`"Parity Technologies <admin@parity.io>"`
			`"Moonsong Labs"`
			`"moonbeam-foundation"`
			`"Frontier developers <legal@bitarray.dev>"`
			`"StorageHub Team"`
			`)`
			`NAMES=(`
			`"ring" # v0.16.20 has null license metadata but contains Apache-2.0 AND ISC LICENSE file`
			`)`
			`licenses_filter=$(printf ' .license != "%s" and' "${LICENSES[@]}")`
			`authors_filter=$(printf ' .authors != "%s" and' "${AUTHORS[@]}")`
			`names_filter=$(printf ' .name != "%s" and' "${NAMES[@]}")`
			`# "true" at the end is necessary to close the "and" conditional`
			`filter="${licenses_filter}${authors_filter}${names_filter} true"`

			`echo -e "checking licenses with filter:\n$filter\n"`
			`RESULT=$(jq "[.[] \| select($filter)]" licenses.json)`

			`if [[ "$RESULT" == "[]" ]]; then`
			`echo "OK !!"`
			`exit 0`
			`else`
			`echo -en "$RESULT\n"`
			`echo "FAILURE !!"`
			`exit 1`
			`fi`