diff --git a/.github/workflows/build_and_test_workflow.yml b/.github/workflows/build_and_test_workflow.yml index 40c335dcca9c..344450cb0edf 100644 --- a/.github/workflows/build_and_test_workflow.yml +++ b/.github/workflows/build_and_test_workflow.yml @@ -62,17 +62,17 @@ jobs: disk-root: 'C:' - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup JDK (Windows only) if: matrix.os == 'windows-latest' - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '11' distribution: 'adopt' - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version-file: '.nvmrc' registry-url: 'https://registry.npmjs.org' @@ -88,7 +88,7 @@ jobs: run: echo "YARN_CACHE_LOCATION=$(yarn cache dir)" >> $GITHUB_ENV - name: Initialize Yarn Cache - uses: actions/cache@v3 + uses: actions/cache@v4 if: matrix.os != 'windows-latest' with: path: ${{ env.YARN_CACHE_LOCATION }} @@ -133,10 +133,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version-file: '.nvmrc' registry-url: 'https://registry.npmjs.org' @@ -151,7 +151,7 @@ jobs: run: echo "YARN_CACHE_LOCATION=$(yarn cache dir)" >> $GITHUB_ENV - name: Initialize Yarn Cache - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ${{ env.YARN_CACHE_LOCATION }} key: yarn-${{ hashFiles('**/yarn.lock') }} @@ -161,6 +161,25 @@ jobs: - name: Run bootstrap run: yarn osd bootstrap + - name: Check for yarn.lock changes + run: | + if [[ `git status --porcelain yarn.lock` ]]; then + echo -e "\033[31mThe yarn.lock file is out of sync!\033[0m" + git diff + exit 1 + fi + + - name: Generate dev docs + run: yarn docs:generateDevDocs + + - name: Check for dev docs changes + run: | + if [[ `git status --porcelain docs/_sidebar.md` ]]; then + echo -e "\033[31mThe dev docs are out of sync; run yarn docs:generateDevDocs and amend the PR.\033[0m" + git diff + exit 1 + fi + - name: Run linter id: linter run: yarn lint @@ -169,6 +188,10 @@ jobs: id: notice-validate run: yarn notice:validate + - name: Validate licenses + id: i18n-licenses + run: yarn checkLicenses + - name: Check i18n id: i18n-check run: yarn i18n:check @@ -203,17 +226,17 @@ jobs: disk-root: 'C:' - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup JDK (Windows only) if: matrix.os == 'windows-latest' - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '11' distribution: 'adopt' - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version-file: '.nvmrc' registry-url: 'https://registry.npmjs.org' @@ -229,7 +252,7 @@ jobs: run: echo "YARN_CACHE_LOCATION=$(yarn cache dir)" >> $GITHUB_ENV - name: Initialize Yarn Cache - uses: actions/cache@v3 + uses: actions/cache@v4 if: matrix.os != 'windows-latest' with: path: ${{ env.YARN_CACHE_LOCATION }} @@ -319,17 +342,17 @@ jobs: disk-root: 'C:' - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup JDK (Windows only) if: matrix.os == 'windows-latest' - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '11' distribution: 'adopt' - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version-file: '.nvmrc' registry-url: 'https://registry.npmjs.org' @@ -345,7 +368,7 @@ jobs: run: echo "YARN_CACHE_LOCATION=$(yarn cache dir)" >> $GITHUB_ENV - name: Initialize Yarn Cache - uses: actions/cache@v3 + uses: actions/cache@v4 if: matrix.os != 'windows-latest' with: path: ${{ env.YARN_CACHE_LOCATION }} @@ -451,12 +474,12 @@ jobs: disk-root: 'C:' - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: path: ./artifacts - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version-file: './artifacts/.nvmrc' registry-url: 'https://registry.npmjs.org' @@ -472,7 +495,7 @@ jobs: run: echo "YARN_CACHE_LOCATION=$(yarn cache dir)" >> $GITHUB_ENV - name: Initialize Yarn Cache - uses: actions/cache@v3 + uses: actions/cache@v4 if: matrix.os != 'windows-latest' with: path: ${{ env.YARN_CACHE_LOCATION }} @@ -540,7 +563,7 @@ jobs: ] steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: path: ./artifacts @@ -548,7 +571,7 @@ jobs: - run: echo [NOTE] These tests will be ran using Linux x64 release builds without security - name: Setup Node - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version-file: './artifacts/.nvmrc' registry-url: 'https://registry.npmjs.org' @@ -583,7 +606,7 @@ jobs: run: echo "BWC_VERSIONS=${{ matrix.version }}" >> $GITHUB_ENV - name: Download OpenSearch Dashboards - uses: actions/download-artifact@v4.1.7 + uses: actions/download-artifact@v4 id: download with: name: linux-x64-${{ env.VERSION }} diff --git a/changelogs/fragments/9064.yml b/changelogs/fragments/9064.yml new file mode 100644 index 000000000000..17a917f7f5e0 --- /dev/null +++ b/changelogs/fragments/9064.yml @@ -0,0 +1,9 @@ +infra: +- Add checks for out of sync lockfile and dev docc to the CI ([#9064](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/9064)) +- Validate the licensing imposed by dependencies during CI ([#9064](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/9064)) + +chore: +- Bump actions used by build and test workflows ([#9064](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/9064)) + +feat: +- Improve validation of the licensing imposed by dependencies. ([#9064](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/9064)) \ No newline at end of file diff --git a/docs/_sidebar.md b/docs/_sidebar.md index 2584d106beb0..8fc7e380e6b6 100644 --- a/docs/_sidebar.md +++ b/docs/_sidebar.md @@ -149,6 +149,7 @@ - [Opensearch dashboards.release notes 1.3.17](../release-notes/opensearch-dashboards.release-notes-1.3.17.md) - [Opensearch dashboards.release notes 1.3.19](../release-notes/opensearch-dashboards.release-notes-1.3.19.md) - [Opensearch dashboards.release notes 1.3.2](../release-notes/opensearch-dashboards.release-notes-1.3.2.md) + - [Opensearch dashboards.release notes 1.3.20](../release-notes/opensearch-dashboards.release-notes-1.3.20.md) - [Opensearch dashboards.release notes 1.3.3](../release-notes/opensearch-dashboards.release-notes-1.3.3.md) - [Opensearch dashboards.release notes 1.3.5](../release-notes/opensearch-dashboards.release-notes-1.3.5.md) - [Opensearch dashboards.release notes 1.3.6](../release-notes/opensearch-dashboards.release-notes-1.3.6.md) diff --git a/src/dev/license_checker/config.ts b/src/dev/license_checker/config.ts index f685da4ed5b6..bd3e4fc50e70 100644 --- a/src/dev/license_checker/config.ts +++ b/src/dev/license_checker/config.ts @@ -28,29 +28,39 @@ * under the License. */ +// ToDo: Make an allow-list for packages with licenses that require attribution so +// they can be allowed only after attribution is added but fail before. + // The following list applies to packages both // used as dependencies or dev dependencies export const LICENSE_ALLOWLIST = [ - 'Elastic-License', - '0BSD', + '(AFL-2.1 OR BSD-3-Clause)', + '(Apache-2.0 AND BSD-3-Clause)', '(BSD-2-Clause OR MIT OR Apache-2.0)', '(BSD-2-Clause OR MIT)', '(BSD-3-Clause AND Apache-2.0)', + '(BSD-3-Clause OR GPL-2.0)', '(GPL-2.0 OR MIT)', '(MIT AND CC-BY-3.0)', '(MIT AND Zlib)', '(MIT OR Apache-2.0)', + '(MIT AND BSD-3-Clause)', + '(MIT OR CC0-1.0)', '(MIT OR GPL-3.0)', - '(WTFPL OR MIT)', + '(MPL-2.0 OR Apache-2.0)', + '(OFL-1.1 AND MIT)', '(Unlicense OR Apache-2.0)', + '(WTFPL OR MIT)', + '0BSD', 'AFLv2.1', 'Apache 2.0', - 'Apache License, v2.0', 'Apache License, Version 2.0', + 'Apache License, v2.0', 'Apache', 'Apache*', 'Apache, Version 2.0', 'Apache-2.0', + 'BlueOak-1.0.0', 'BSD 3-Clause', 'BSD New', 'BSD', @@ -59,29 +69,28 @@ export const LICENSE_ALLOWLIST = [ 'BSD-3-Clause AND MIT', 'BSD-3-Clause OR MIT', 'BSD-3-Clause', - '(BSD-3-Clause OR GPL-2.0)', 'BSD-like', - 'CC0-1.0', 'CC-BY', 'CC-BY-3.0', 'CC-BY-4.0', + 'CC0-1.0', 'Eclipse Distribution License - v 1.0', + 'Elastic-License', 'FreeBSD', 'ISC', 'ISC*', 'MIT OR GPL-2.0', - '(MIT OR CC0-1.0)', 'MIT', 'MIT*', 'MIT/X11', - 'new BSD, and MIT', - '(OFL-1.1 AND MIT)', + 'Nuclide software', 'PSF', 'Public Domain', + 'Python-2.0', 'Unlicense', 'WTFPL OR ISC', 'WTFPL', - 'Nuclide software', + 'new BSD, and MIT', ]; // The following list only applies to licenses that @@ -90,12 +99,7 @@ export const DEV_ONLY_LICENSE_ALLOWLIST = ['MPL-2.0']; // Globally overrides a license for a given package@version export const LICENSE_OVERRIDES = { - 'jsts@1.6.2': ['Eclipse Distribution License - v 1.0'], // cf. https://github.com/bjornharrtell/jsts - '@mapbox/jsonlint-lines-primitives@2.0.2': ['MIT'], // license in readme https://github.com/tmcw/jsonlint - - // TODO can be removed if the https://github.com/jindw/xmldom/issues/239 is released - 'xmldom@0.1.27': ['MIT'], - - // TODO can be removed once we upgrade the use of walk dependency past or equal to v2.3.14 + 'jackspeak@3.4.0': ['BlueOak-1.0.0'], + 'path-scurry@1.11.1': ['BlueOak-1.0.0'], 'walk@2.3.9': ['MIT'], }; diff --git a/yarn.lock b/yarn.lock index 75021cf24d10..08d5ebd466ef 100644 --- a/yarn.lock +++ b/yarn.lock @@ -11585,17 +11585,17 @@ known-css-properties@^0.24.0: resolved "https://registry.yarnpkg.com/known-css-properties/-/known-css-properties-0.24.0.tgz#19aefd85003ae5698a5560d2b55135bf5432155c" integrity sha512-RTSoaUAfLvpR357vWzAz/50Q/BmHfmE6ETSWfutT0AJiw10e6CmcdYRQJlLRd95B53D0Y2aD1jSxD3V3ySF+PA== -language-subtag-registry@~0.3.2: - version "0.3.21" - resolved "https://registry.yarnpkg.com/language-subtag-registry/-/language-subtag-registry-0.3.21.tgz#04ac218bea46f04cb039084602c6da9e788dd45a" - integrity sha512-L0IqwlIXjilBVVYKFT37X9Ih11Um5NEl9cbJIuU/SwP/zEEAbBPOnEeeuxVMf45ydWQRDQN3Nqc96OgbH1K+Pg== +language-subtag-registry@^0.3.20: + version "0.3.23" + resolved "https://registry.yarnpkg.com/language-subtag-registry/-/language-subtag-registry-0.3.23.tgz#23529e04d9e3b74679d70142df3fd2eb6ec572e7" + integrity sha512-0K65Lea881pHotoGEa5gDlMxt3pctLi2RplBb7Ezh4rRdLEOtgi7n4EwK9lamnUCkKBqaeKRVebTq6BAxSkpXQ== language-tags@^1.0.5: - version "1.0.5" - resolved "https://registry.yarnpkg.com/language-tags/-/language-tags-1.0.5.tgz#d321dbc4da30ba8bf3024e040fa5c14661f9193a" - integrity sha1-0yHbxNowuovzAk4ED6XBRmH5GTo= + version "1.0.9" + resolved "https://registry.yarnpkg.com/language-tags/-/language-tags-1.0.9.tgz#1ffdcd0ec0fafb4b1be7f8b11f306ad0f9c08777" + integrity sha512-MbjN408fEndfiQXbFQ1vnd+1NoLDsnQW41410oQBXiyXDMYH5z505juWa4KUE1LqxRC7DgOgZDbKLxHIwm27hA== dependencies: - language-subtag-registry "~0.3.2" + language-subtag-registry "^0.3.20" lazy-ass@^1.6.0: version "1.6.0"