Files
infiplot-web/.github/workflows/cla.yml
T
yuanzonghao 2b0b9c6f8d feat(repo): add CLA mechanism for external contributors
Introduce a Contributor License Agreement (CLA) so external contributions
can be licensed under AGPL-3.0 and any other terms (incl. closed-source),
keeping the AGPL-3.0 codebase usable in closed-source projects.

- CLA.md: authoritative English CLA (ICLA + employer authorization, v1.0)
- CLA.zh.md: non-binding Chinese reference translation
- CONTRIBUTING.md: bilingual contributing guide, points to CLA
- .github/workflows/cla.yml: self-hosted cla-assistant-action that records
  signatures into cla-signatures/version-1.json; exempts maintainers & bots
  via allowlist; skips when CLA_BOT_TOKEN is unset
- .github/PULL_REQUEST_TEMPLATE.md: guides contributors to sign
- README.{md,en.md,ja.md}: add License & contributing footer
- app/terms: note CLA requirement in the IP section

Enforcement requires repo-level setup (PAT secret + branch protection)
documented in cla.yml; not covered by this commit.
2026-06-17 12:23:46 +08:00

64 lines
2.8 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
name: "CLA Assistant"
# Requires the following GitHub repository secret to be configured:
# CLA_BOT_TOKEN — a fine-grained Personal Access Token with
# `Contents: Read and write` (and `Pull requests: Read`) scope on this
# repository. The GITHUB_TOKEN cannot commit to a protected branch, so a PAT
# is needed to record signatures into cla-signatures/version-1.json.
#
# To actually enforce the CLA, add `cla/cla-assistant.yml:CLAAssistant` (the
# status check produced by this job) as a required status check in the branch
# protection rules for `main` and `staging`.
on:
issue_comment:
types: [created]
pull_request_target:
types: [opened, closed, synchronize]
jobs:
CLAAssistant:
runs-on: ubuntu-latest
steps:
- name: "CLA Assistant"
# SKIPPED when no secrets are configured, so forks/renames of this
# repo don't fail CI out of the box.
if: >
${{ secrets.CLA_BOT_TOKEN != '' }} &&
(
(github.event.comment.body == 'recheckcla' ||
github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') ||
github.event_name == 'pull_request_target'
)
uses: contributor-assistant/cla-assistant-action@v2.6.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PERSONAL_ACCESS_TOKEN: ${{ secrets.CLA_BOT_TOKEN }}
with:
# Signatures are stored in-repo (self-hosted mode); version-N lets us
# roll the CLA text forward by bumping the path and re-collecting.
path-to-signatures: "cla-signatures/version-1.json"
branch: "main"
# Link to the authoritative English CLA. Chinese reference:
# https://github.com/zonghaoyuan/infiplot/blob/staging/CLA.zh.md
path-to-cla-document: "https://github.com/zonghaoyuan/infiplot/blob/staging/CLA.md"
allowlist: "github-actions[bot],dependabot[bot],zonghaoyuan,*bot,web-flow"
block-sharing-crucial-repositories: true
create-file-commit-message: "docs(cla): record signature for @"
custom-notsigned-prcomment: >
感谢你的 PR!在合并之前,请先签署我们的《贡献者许可协议》(CLA)。阅读
[CLA.md](https://github.com/zonghaoyuan/infiplot/blob/staging/CLA.md)
[中文参考译文](https://github.com/zonghaoyuan/infiplot/blob/staging/CLA.zh.md))后,
在本 PR 中回复以下内容即视为签署:
```
I have read the CLA Document and I hereby sign the CLA
```
你只需签署一次,之后对 InfiPlot 的所有贡献都受同一协议约束。
custom-pr-sign-comment: "The pull request signer accepted the CLA."
custom-allsigned-prcomment: "🎉 All contributors have signed the CLA."