[feat] Add CI checks for OSS license compliance and telemetry tree-shaking

Implements automated verification to ensure the OSS distribution: 1. Only includes open-source licensed dependencies 2. Properly tree-shakes proprietary fonts (ABCROM) 3. Removes telemetry code (Mixpanel) from OSS builds New scripts: - scripts/verify-licenses.js - Validates production dependency licenses - scripts/verify-oss-build.js - Checks dist/ for violations New CI workflow: - .github/workflows/ci-oss-compliance.yaml - Runs compliance checks New npm scripts: - pnpm verify:licenses - Check dependency licenses - pnpm verify:oss - Verify OSS build compliance - pnpm verify:compliance - Run all checks - pnpm build:oss - Build OSS distribution Documentation: - docs/OSS_COMPLIANCE.md - Complete guide for compliance checks 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2026-02-23 00:04:06 +00:00 · 2025-11-20 06:12:36 +00:00
parent 87d6d18c57
commit 8dcdcfce5b
5 changed files with 750 additions and 0 deletions
--- a/.github/workflows/ci-oss-compliance.yaml
+++ b/.github/workflows/ci-oss-compliance.yaml
@@ -0,0 +1,77 @@
+name: "CI: OSS Compliance"
+description: "Verify OSS build compliance (license and telemetry checks)"
+
+on:
+  push:
+    branches: [main, master, dev*, core/*, desktop/*]
+  pull_request:
+    branches-ignore: [wip/*, draft/*, temp/*]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  license-check:
+    name: License Compliance
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v5
+
+      - name: Install pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 10
+
+      - name: Use Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "lts/*"
+          cache: "pnpm"
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Verify production dependency licenses
+        run: node scripts/verify-licenses.js
+
+  oss-build-check:
+    name: OSS Build Verification
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v5
+
+      - name: Install pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 10
+
+      - name: Use Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: "lts/*"
+          cache: "pnpm"
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Build OSS distribution
+        run: DISTRIBUTION=localhost pnpm build
+        env:
+          # Ensure we're building the OSS version
+          DISTRIBUTION: localhost
+          # Disable source maps for faster build
+          GENERATE_SOURCEMAP: false
+
+      - name: Verify OSS build compliance
+        run: node scripts/verify-oss-build.js
+
+      - name: Upload build artifacts for inspection (on failure)
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: oss-build-artifacts
+          path: dist/
+          retention-days: 7