name: Leak Check on: push: branches: [main] pull_request: branches: [main] permissions: contents: read jobs: leak-check: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Check for commercial directories run: | failed=0 # Check agor-pro/ exists if [ -d "agor-pro/" ]; then echo "::error::Commercial directory 'agor-pro/' found in community repo" failed=1 fi # Check src/lib/commercial/ has actual content (beyond .gitkeep) if [ -d "src/lib/commercial/" ]; then content_count=$(find src/lib/commercial/ -type f ! -name '.gitkeep' | wc -l) if [ "$content_count" -gt 0 ]; then echo "::error::Commercial code found in 'src/lib/commercial/' ($content_count files beyond .gitkeep)" find src/lib/commercial/ -type f ! -name '.gitkeep' failed=1 fi fi # Check tests/commercial/ has actual content (beyond .gitkeep) if [ -d "tests/commercial/" ]; then content_count=$(find tests/commercial/ -type f ! -name '.gitkeep' | wc -l) if [ "$content_count" -gt 0 ]; then echo "::error::Commercial test code found in 'tests/commercial/' ($content_count files beyond .gitkeep)" find tests/commercial/ -type f ! -name '.gitkeep' failed=1 fi fi if [ "$failed" -eq 1 ]; then exit 1 fi echo "No commercial directories with content found." - name: Grep for commercial references in source run: | failed=0 for pattern in "LicenseRef-Commercial" "agor-pro" "agor_pro"; do if grep -r --include="*.ts" --include="*.svelte" --include="*.rs" --include="*.toml" \ "$pattern" src/ src-tauri/src/ 2>/dev/null; then echo "::error::Found '$pattern' reference in source code" failed=1 fi done if [ "$failed" -eq 1 ]; then echo "::error::Commercial references detected in community source. See above for details." exit 1 fi echo "No commercial references found in source."