A task and GitHub Actions workflow are provided here for checking the license types of Go project dependencies.
On every push and pull request that affects relevant files, the CI workflow will check:
- If the dependency licenses cache is up to date
- If any of the project's dependencies have an unapproved license type.
Approval can be based on:
- Universally allowed license type
- Individual dependency
Since it is not a primary component of the project, I puth the registry validator Go module in a subfolder of the
repository. The standardized Arduino tooling project "assets" at that time were designed for the more common project
structure of the module in the repository root. This meant some small modifications to the assets were required in order
to make them applicable to this repository's structure.
Since that time, the standardized assets have been improved so they can support arbitrary Go module locations, as is
needed here. A different approach was taken in order to also support any number of modules. Although this particular
repository is not likely to gain multiple modules, that is needed by other projects, and so it is a better approach in
general.
1.16 is now the preferred Go version for all Arduino tooling projects.
The update from Go 1.14 to 1.16 broke the task that runs golint. The good news is that the new `go install` command
eliminates the need for the workaround of running the `go get golang.org/x/lint/golint` command from outside the project
path.
The bad news is the `go list` command used to get the path of the golint installation does not work in the "module-aware
mode" that is now the default. In the end, I gave up on making the task work as before. I think it's better to require
the user to install golint and put the installation in the system `PATH`, displaying a helpful message when this has not
been done.
On every push and pull request that affects relevant files, run yamllint to check the YAML files of
the repository for issues.
The .yamllint.yml file is used to configure yamllint:
https://yamllint.readthedocs.io/en/stable/configuration.html
On every push and pull request that affects relevant files, check the Go module for:
- Common detectable errors in the code.
- Use of outdated APIs
- Code style violations
- Code formatting inconsistency
- Misconfiguration
On every push and pull request that affects relevant files, run flake8 to check the Python files of
the repository for issues and black to check formatting.
The .flake8 file is used to configure flake8:
https://flake8.pycqa.org/en/latest/user/configuration.html
