name: Licence Check

on:
  push:
    branches: ["**", "!main", "!release/**"]
    paths:
      - "package.json"
      - "package-lock.json"
      - ".gitea/workflows/licence-check.yml"
  pull_request:
    branches: ["**", "!main", "!release/**"]
    paths:
      - "package.json"
      - "package-lock.json"
      - ".gitea/workflows/licence-check.yml"

jobs:
  licence-check:
    name: Dependency licence compatibility
    runs-on: ubuntu-latest
    continue-on-error: true
    steps:
      - uses: actions/checkout@v4

      - name: Set up Node.js
        uses: actions/setup-node@v4
        with:
          node-version: "22"

      - name: Install production dependencies
        run: npm ci --omit=dev

      - name: Check licence compatibility
        run: |
          npx --yes license-checker --production \
            --onlyAllow "MIT;ISC;MIT-0;BSD-2-Clause;BSD-3-Clause;Apache-2.0;CC0-1.0;BlueOak-1.0.0" \
            --excludePrivatePackages \
            && echo "All production dependency licences are compatible with MIT."