TPIP

v1.1.0 Release Preparations #81

	name: TPIP

	on:
	pull_request:
	paths:
	- '.github/workflows/tpip.yml'
	- docs/third-party-licenses.json
	- docs/tpip-header.md
	- scripts/tpip-reporter.ts
	- '!*/.md'
	- '!.github/workflows/markdown.yml'
	- '!.github/markdownlint.json'
	- '!.github/markdownlint.jsonc'
	branches:
	- main
	workflow_dispatch:

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	permissions:
	contents: read

	jobs:
	report:
	permissions:
	# contents: write # for Git to git push # disabled until resurrecting direct git push
	packages: read

	name: Generate report
	runs-on: ubuntu-latest
	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@ec9f2d5744a09debf3a187a3f4f675c53b671911 # v2.13.0
	with:
	egress-policy: audit

	- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
	with:
	ref: ${{ github.head_ref }}

	- uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
	env:
	NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	node-version: '20'
	registry-url: https://npm.pkg.github.com
	always-auth: true
	cache: 'yarn'

	- name: Install dependencies
	run: yarn --frozen-lockfile --prefer-offline

	- name: Generate third-party licenses report
	run: yarn run tpip:report

	- name: Commit changes
	if: false
	run: \|
	git config --local user.email "[email protected]"
	git config --local user.name "GitHub Action"
	git add TPIP.md
	git commit -m "Update third-party licenses report [skip ci]"
	git push

Provide feedback