This action checks dependency license issues using ort.

This GitHub action can

• Run license analysis on your repository
• Run license analysis on list of repositories given
• Detect licensing violations
• Summarize potential licensing issues
• Generate a report with summary

A file containing list of GitHub repository urls. Format is a single url (https://github.com/<owner>/<repo>) on each line. If set then action will run check on each url and generate an overview HTML page. If not set the action runs check on currently checked out repository (. directory). By default the repositories input is not set.

Required A file or URL containing ort rules to detect license violations. Default is https://github.com/NLeSC/tortellini-on-rsd/raw/main/config/rules.kts.

Required A file or URL containing classes for each license. For format see ort documentation. Default is https://github.com/NLeSC/tortellini-on-rsd/raw/main/config/license-classifications.yml.

A file or URL containing curations correct invalid or missing package metadata and set the concluded license for packages. See ort documentation for format. If not set then action will not use any curations.

No action outputs are defined for this actions. The action will write files to .tortellini/out/ directory.

on:
    # Allows you to run this workflow manually from the Actions tab
    workflow_dispatch:

jobs:
    tortellini:
        runs-on: ubuntu-latest
        steps:
            - uses: actions/checkout@v2
            - uses: tortellini-tools/action@v3
            - uses: actions/upload-artifact@v2
              with:
                  name: tortellini-result
                  path: .tortellini/out

Tortellini action will generate .tortellini/out/scan-report-web-app.html file. The HTML file can be downloaded from the workflow page (see the documentation of the Upload a Build Artifact GitHub action). After unzipping the scan-report-web-app.html can be viewed in a web browser.

on:
    # Allows you to run this workflow manually from the Actions tab
    workflow_dispatch:

jobs:
    tortellini:
        runs-on: ubuntu-latest
        steps:
            - name: Create list of GitHub urls to perform check on
              run: |
                  echo 'https://github.com/tortellini-tools/action' > urls.txt
                  echo 'https://github.com/fair-software/howfairis' >> urls.txt
            - uses: tortellini-tools/action@v3
              with:
                  repositories: urls.txt
            - uses: actions/upload-artifact@v2
              with:
                  name: tortellini-results
                  path: .tortellini/out

Tortellini action will generate .tortellini/out/index.html file and .tortellini/out/<GitHub user or organization>/<GitHub repository>/scan-report-web-app.html files.

The HTML files can be downloaded from the workflow page (see the documentation of the Upload a Build Artifact GitHub action). After unzipping the index.html can be viewed in a web browser.

See README.dev.md

tortellini aims at providing insights into the license depencies of your package based on available information on open source licenses. We hope this information is helpful. However, we are not lawyers and we do make mistakes. Therefore tortellini provides information on an "as-is" basis and does not make warranties regarding this information. For any questions regarding the issues related to the licenses in your code, please consult a professional.