diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index 6a1809a..b944a47 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -30,5 +30,6 @@ See [DCO missing](https://github.com/src-d/guide/blob/master/developer-community - [ ] Documentation has been added, updated, or not applicable - [ ] Changes have been rebased to main - [ ] Multiple commits to the same code have been squashed +- [ ] All changes have been human generated or created with a reproducible tool diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index a0c8083..9e3e42e 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -1,3 +1,17 @@ +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + name: Docker on: @@ -10,6 +24,9 @@ on: schedule: - cron: '0 06 * * *' +permissions: + contents: read + jobs: docker: diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 6c46e5d..0389016 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -1,3 +1,17 @@ +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + name: Go on: @@ -10,6 +24,9 @@ on: pull_request: branches: [ main ] +permissions: + contents: read + jobs: build: diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml index d444296..85a238b 100644 --- a/.github/workflows/version-bump.yml +++ b/.github/workflows/version-bump.yml @@ -1,3 +1,17 @@ +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + name: Version Check on: @@ -5,6 +19,9 @@ on: - cron: '0 05 * * 0' workflow_dispatch: +permissions: + contents: read + jobs: test: name: Version Check diff --git a/.github/workflows/vulnscans.yml b/.github/workflows/vulnscans.yml index 1a3dc97..f114972 100644 --- a/.github/workflows/vulnscans.yml +++ b/.github/workflows/vulnscans.yml @@ -1,3 +1,17 @@ +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + name: Vulnerability Check on: @@ -5,6 +19,9 @@ on: - cron: '0 06 * * 0' # 6am UTC on Sundays workflow_dispatch: +permissions: + contents: read + jobs: vulnerability-scans: name: Run vulnerability scans diff --git a/.markdownlint.yml b/.markdownlint.yml index 01f625f..7d3c256 100644 --- a/.markdownlint.yml +++ b/.markdownlint.yml @@ -1,3 +1,17 @@ +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # all lists use a `-` MD004: style: dash diff --git a/.version-bump.yml b/.version-bump.yml index 0f14bf2..9d5305f 100644 --- a/.version-bump.yml +++ b/.version-bump.yml @@ -1,3 +1,17 @@ +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + files: "Dockerfile*": processors: diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 6ecce56..7659c93 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -8,6 +8,22 @@ Please send security issues to . Please search for similar issues and if none are seen, report an issue at [github.com/sudo-bmitch/version-bump/issues](https://github.com/sudo-bmitch/version-bump/issues) +## Code style + +This project attempts to follow these principles: + +- Code is canonical Go, following styles and patterns commonly used by the Go community. +- Dependencies outside of the Go standard library should be minimized. +- Dependencies should be pinned to a specific digest and tracked by Go or version-check. +- Unit tests are strongly encouraged with a focus on test coverage of the successful path and common errors. +- Linters and other style formatting tools are used, please run `make all` before committing any changes. + +## LLM Policy + +This project expects all contributions to be developed by a human or created with a reproducible tool. +Developers using an AI/LLM tool to generate their contribution are expected to fully understand the entire contribution and the logic behind its design. +Contributions that appear to have been generated by an AI/LLM without a human review may result in a ban from future contributions to the project. + ## Pull requests PR's are welcome. diff --git a/Dockerfile b/Dockerfile index 5d27006..a633839 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,17 @@ +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + ARG REGISTRY=docker.io ARG ALPINE_VER=3.24.1@sha256:28bd5fe8b56d1bd048e5babf5b10710ebe0bae67db86916198a6eec434943f8b ARG GO_VER=1.26.4-alpine@sha256:3ad57304ad93bbec8548a0437ad9e06a455660655d9af011d58b993f6f615648 diff --git a/Dockerfile.buildkit b/Dockerfile.buildkit index ae342ce..27ecc72 100644 --- a/Dockerfile.buildkit +++ b/Dockerfile.buildkit @@ -1,3 +1,17 @@ +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + ARG REGISTRY=docker.io ARG ALPINE_VER=3.24.1@sha256:28bd5fe8b56d1bd048e5babf5b10710ebe0bae67db86916198a6eec434943f8b ARG GO_VER=1.26.4-alpine@sha256:3ad57304ad93bbec8548a0437ad9e06a455660655d9af011d58b993f6f615648 diff --git a/LICENSE b/LICENSE index 02058d4..d645695 100644 --- a/LICENSE +++ b/LICENSE @@ -176,7 +176,18 @@ END OF TERMS AND CONDITIONS - Copyright 2022 Brandon Mitchell. + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/Makefile b/Makefile index 0686834..712e8c0 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,17 @@ +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + COMMANDS?=version-bump BINARIES?=$(addprefix bin/,$(COMMANDS)) IMAGES?=$(addprefix docker-,$(COMMANDS)) @@ -57,7 +71,11 @@ test: ## go test go test -cover -race ./... .PHONY: lint -lint: lint-go lint-goimports lint-md lint-gosec ## Run all linting +lint: lint-go lint-goimports lint-md lint-gosec lint-copyright ## Run all linting + +.PHONY: lint-copyright +lint-copyright: ## Verify copyright headers in code files + ./scripts/lint-copyright.sh .PHONY: lint-go lint-go: $(GOPATH)/bin/staticcheck .FORCE ## Run linting for Go diff --git a/internal/config/config.go b/internal/config/config.go index 23cd68f..4c9576b 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + // Package config defines the config file and load methods package config diff --git a/internal/config/config_test.go b/internal/config/config_test.go index 723e58b..081dbd1 100644 --- a/internal/config/config_test.go +++ b/internal/config/config_test.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package config import ( diff --git a/internal/filesearch/filesearch.go b/internal/filesearch/filesearch.go index 9eb24dd..4745114 100644 --- a/internal/filesearch/filesearch.go +++ b/internal/filesearch/filesearch.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + // Package filesearch is used to retrieve files for scanning package filesearch diff --git a/internal/filesearch/filesearch_test.go b/internal/filesearch/filesearch_test.go index 08e3c90..fdf8e9e 100644 --- a/internal/filesearch/filesearch_test.go +++ b/internal/filesearch/filesearch_test.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package filesearch import ( diff --git a/internal/lockfile/lockfile.go b/internal/lockfile/lockfile.go index 233be61..438039c 100644 --- a/internal/lockfile/lockfile.go +++ b/internal/lockfile/lockfile.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + // Package lockfile is used to manage the lockfile of managed versions package lockfile diff --git a/internal/lockfile/lockfile_test.go b/internal/lockfile/lockfile_test.go index 90b9b07..f12a3b4 100644 --- a/internal/lockfile/lockfile_test.go +++ b/internal/lockfile/lockfile_test.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package lockfile import ( diff --git a/internal/processor/processor.go b/internal/processor/processor.go index a428efb..bcd0b40 100644 --- a/internal/processor/processor.go +++ b/internal/processor/processor.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + // Package processor wraps the call to the scanner and requests to the source for a single type of update to a single file. // It includes logic for filtering, sorting, and templating of the source output. package processor diff --git a/internal/processor/processor_test.go b/internal/processor/processor_test.go index a9818b7..022a536 100644 --- a/internal/processor/processor_test.go +++ b/internal/processor/processor_test.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package processor import ( diff --git a/internal/scan/regexp.go b/internal/scan/regexp.go index d14ce5d..5f59c1e 100644 --- a/internal/scan/regexp.go +++ b/internal/scan/regexp.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package scan import ( diff --git a/internal/scan/regexp_test.go b/internal/scan/regexp_test.go index b3172e3..16d7356 100644 --- a/internal/scan/regexp_test.go +++ b/internal/scan/regexp_test.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package scan import ( diff --git a/internal/scan/scan.go b/internal/scan/scan.go index 114d664..a44bf41 100644 --- a/internal/scan/scan.go +++ b/internal/scan/scan.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + // Package scan parses content for version data from a file (or ReadCloser) package scan diff --git a/internal/source/custom.go b/internal/source/custom.go index e26287a..274a28f 100644 --- a/internal/source/custom.go +++ b/internal/source/custom.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package source import ( diff --git a/internal/source/git.go b/internal/source/git.go index 8623aab..14521b5 100644 --- a/internal/source/git.go +++ b/internal/source/git.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package source import ( diff --git a/internal/source/github-release.go b/internal/source/github-release.go index 18046c6..5453901 100644 --- a/internal/source/github-release.go +++ b/internal/source/github-release.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package source import ( diff --git a/internal/source/manual.go b/internal/source/manual.go index 8d8009c..2fe3703 100644 --- a/internal/source/manual.go +++ b/internal/source/manual.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package source import ( diff --git a/internal/source/registry.go b/internal/source/registry.go index 502d218..083bb1a 100644 --- a/internal/source/registry.go +++ b/internal/source/registry.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package source import ( diff --git a/internal/source/source.go b/internal/source/source.go index 6e04574..47f7548 100644 --- a/internal/source/source.go +++ b/internal/source/source.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + // Package source is used to fetch the latest version information from upstream package source diff --git a/internal/source/source_test.go b/internal/source/source_test.go index 1b4ad3f..67ba934 100644 --- a/internal/source/source_test.go +++ b/internal/source/source_test.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package source import ( diff --git a/internal/template/printpretty.go b/internal/template/printpretty.go index 6d64ed9..7064261 100644 --- a/internal/template/printpretty.go +++ b/internal/template/printpretty.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package template import ( diff --git a/internal/template/template.go b/internal/template/template.go index 34958b8..471b8f8 100644 --- a/internal/template/template.go +++ b/internal/template/template.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + // Package template wraps a common set of templates around text/template package template diff --git a/internal/template/time.go b/internal/template/time.go index 260dfc8..cecc662 100644 --- a/internal/template/time.go +++ b/internal/template/time.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package template import ( diff --git a/internal/version/version.go b/internal/version/version.go index c95dec4..df2a6d0 100644 --- a/internal/version/version.go +++ b/internal/version/version.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + // Package version returns details on the Go and Git repo used in the build package version diff --git a/internal/version/version_buildinfo.go b/internal/version/version_buildinfo.go index ab99db6..2184d0f 100644 --- a/internal/version/version_buildinfo.go +++ b/internal/version/version_buildinfo.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + //go:build go1.18 package version diff --git a/internal/version/version_old.go b/internal/version/version_old.go index 2ce1087..7651b60 100644 --- a/internal/version/version_old.go +++ b/internal/version/version_old.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + //go:build !go1.18 package version diff --git a/internal/version/version_test.go b/internal/version/version_test.go index 3e5e0c4..3fc5e2e 100644 --- a/internal/version/version_test.go +++ b/internal/version/version_test.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package version import ( diff --git a/main.go b/main.go index f89d2df..15b8ed0 100644 --- a/main.go +++ b/main.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + // Package main defines the version-bump command package main diff --git a/root.go b/root.go index 7979556..023613b 100644 --- a/root.go +++ b/root.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package main import ( diff --git a/root_test.go b/root_test.go index a7b8f87..5ddfbdc 100644 --- a/root_test.go +++ b/root_test.go @@ -1,3 +1,17 @@ +// Copyright the version-bump contributors. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package main import ( diff --git a/scripts/lint-copyright.sh b/scripts/lint-copyright.sh new file mode 100755 index 0000000..b07eae5 --- /dev/null +++ b/scripts/lint-copyright.sh @@ -0,0 +1,25 @@ +#!/bin/sh + +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +rc=0 +for file in $(git ls-files -- '*.go' '*.sh' '*.yml'); do + if ! grep -iq "copyright the version-bump contributors" "${file}"; then + echo "Missing copyright comment: ${file}" >&2 + rc=1 + fi +done + +exit ${rc} diff --git a/testdata/01-example.sh b/testdata/01-example.sh index 112fe43..35f7e80 100644 --- a/testdata/01-example.sh +++ b/testdata/01-example.sh @@ -1,5 +1,19 @@ #!/bin/sh +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + example_day=07 example_sec=22 image=alpine:latest@sha256:8914eb54f968791faf6a8638949e480fef81e697984fba772b3976835194c6d4 diff --git a/testdata/ex-conf.yaml b/testdata/ex-conf.yaml index f93c86e..aa6cfd8 100644 --- a/testdata/ex-conf.yaml +++ b/testdata/ex-conf.yaml @@ -1,3 +1,17 @@ +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + files: "01-example.sh": scans: diff --git a/testdata/root-conf-old.yaml b/testdata/root-conf-old.yaml index 0447632..7df077d 100644 --- a/testdata/root-conf-old.yaml +++ b/testdata/root-conf-old.yaml @@ -1,3 +1,17 @@ +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + files: "root-*.txt": scans: diff --git a/testdata/root-conf.yaml b/testdata/root-conf.yaml index c4865b3..6d340c1 100644 --- a/testdata/root-conf.yaml +++ b/testdata/root-conf.yaml @@ -1,3 +1,17 @@ +# Copyright the version-bump contributors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + files: "root-*.txt": processors: