From 2d70c93ac8e489eacb45a1853da97644886a364f Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 16 Jan 2026 08:17:19 +0000 Subject: [PATCH 1/5] Initial plan From e90a6d5c3c1865bbb741a7a0a5bcc195e7f334e9 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 16 Jan 2026 08:19:30 +0000 Subject: [PATCH 2/5] feat: Add SPDX header check workflow Co-authored-by: zccrs <13449038+zccrs@users.noreply.github.com> --- .github/workflows/spdx-check.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 .github/workflows/spdx-check.yml diff --git a/.github/workflows/spdx-check.yml b/.github/workflows/spdx-check.yml new file mode 100644 index 000000000..6d2e269af --- /dev/null +++ b/.github/workflows/spdx-check.yml @@ -0,0 +1,14 @@ +name: SPDX Header Check + +on: + pull_request: + branches: [main] + +jobs: + spdx-check: + runs-on: ubuntu-latest + steps: + - uses: zccrs/github-actions-spdx-checker@main + with: + base: origin/main + exclude: 'vendor/**,node_modules/**,3rdparty/**' From 6569353e44a0676a3a7dbd4b4c652450b2e245fc Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 16 Jan 2026 08:20:48 +0000 Subject: [PATCH 3/5] fix: Add checkout step to SPDX workflow Co-authored-by: zccrs <13449038+zccrs@users.noreply.github.com> --- .github/workflows/spdx-check.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/spdx-check.yml b/.github/workflows/spdx-check.yml index 6d2e269af..b0705a988 100644 --- a/.github/workflows/spdx-check.yml +++ b/.github/workflows/spdx-check.yml @@ -8,6 +8,9 @@ jobs: spdx-check: runs-on: ubuntu-latest steps: + - uses: actions/checkout@v5 + with: + fetch-depth: 0 - uses: zccrs/github-actions-spdx-checker@main with: base: origin/main From 45929dadff4af9e29244e5506fc1e11a71ae9cae Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 16 Jan 2026 08:22:39 +0000 Subject: [PATCH 4/5] fix: Add explicit permissions to SPDX workflow for security Co-authored-by: zccrs <13449038+zccrs@users.noreply.github.com> --- .github/workflows/spdx-check.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/spdx-check.yml b/.github/workflows/spdx-check.yml index b0705a988..f6a45b3b4 100644 --- a/.github/workflows/spdx-check.yml +++ b/.github/workflows/spdx-check.yml @@ -7,6 +7,9 @@ on: jobs: spdx-check: runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: write steps: - uses: actions/checkout@v5 with: From 4568d4a7f3af3e2a6489726dd1233a39b0d53a85 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Fri, 16 Jan 2026 08:24:31 +0000 Subject: [PATCH 5/5] refactor: Add event types filter to SPDX workflow Co-authored-by: zccrs <13449038+zccrs@users.noreply.github.com> --- .github/workflows/spdx-check.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/spdx-check.yml b/.github/workflows/spdx-check.yml index f6a45b3b4..9afa86b78 100644 --- a/.github/workflows/spdx-check.yml +++ b/.github/workflows/spdx-check.yml @@ -2,6 +2,7 @@ name: SPDX Header Check on: pull_request: + types: [opened, synchronize] branches: [main] jobs: