From b0a8315ecaa987eeab4becfa4a826a2ebd4a00d3 Mon Sep 17 00:00:00 2001 From: per1234 Date: Sun, 2 Mar 2025 06:45:16 -0800 Subject: [PATCH] Use maintained fork of "setup-licensed" action in dependency license check workflow This GitHub Actions action is used by the dependency license check workflow to install the "Licensed" tool in the runner workspace. The action has a convoluted history of ownership: the repository was originally owned by GitHub user "jonabc". It was later transferred to the "github" organization. Then GitHub abandoned the project, archiving the repository. The "licensee" organization has now created a hard fork of the action, which is recommended in the readme of the "github/setup-licensed" repository. The `licensee` organization has also taken over the management of the "Licensed" tool, and their `licensee` Ruby gem is a significant dependency of "Licensed". So they will be best equipped to maintain the action going forward. The workflow is hereby updated to use the now canonical "licensee/setup-licensed" action. The "licensee/setup-licensed" action maintainers have not provided a major version ref, so it is necessary to pin the action to the latest release tag. --- .github/workflows/check-go-dependencies-task.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/check-go-dependencies-task.yml b/.github/workflows/check-go-dependencies-task.yml index f6cc4e9..6a8454a 100644 --- a/.github/workflows/check-go-dependencies-task.yml +++ b/.github/workflows/check-go-dependencies-task.yml @@ -70,7 +70,7 @@ jobs: submodules: recursive - name: Install licensed - uses: jonabc/setup-licensed@v1 + uses: licensee/setup-licensed@v1.3.2 with: github_token: ${{ secrets.GITHUB_TOKEN }} version: 3.x @@ -121,7 +121,7 @@ jobs: submodules: recursive - name: Install licensed - uses: jonabc/setup-licensed@v1 + uses: licensee/setup-licensed@v1.3.2 with: github_token: ${{ secrets.GITHUB_TOKEN }} version: 3.x