name: Leak Check

on:
  push:
    branches: [main]
  pull_request:
    branches: [main]

permissions:
  contents: read

jobs:
  leak-check:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Check for commercial directories
        run: |
          failed=0

          # Check agor-pro/ exists
          if [ -d "agor-pro/" ]; then
            echo "::error::Commercial directory 'agor-pro/' found in community repo"
            failed=1
          fi

          # Check src/lib/commercial/ has actual content (beyond .gitkeep)
          if [ -d "src/lib/commercial/" ]; then
            content_count=$(find src/lib/commercial/ -type f ! -name '.gitkeep' | wc -l)
            if [ "$content_count" -gt 0 ]; then
              echo "::error::Commercial code found in 'src/lib/commercial/' ($content_count files beyond .gitkeep)"
              find src/lib/commercial/ -type f ! -name '.gitkeep'
              failed=1
            fi
          fi

          # Check tests/commercial/ has actual content (beyond .gitkeep)
          if [ -d "tests/commercial/" ]; then
            content_count=$(find tests/commercial/ -type f ! -name '.gitkeep' | wc -l)
            if [ "$content_count" -gt 0 ]; then
              echo "::error::Commercial test code found in 'tests/commercial/' ($content_count files beyond .gitkeep)"
              find tests/commercial/ -type f ! -name '.gitkeep'
              failed=1
            fi
          fi

          if [ "$failed" -eq 1 ]; then
            exit 1
          fi
          echo "No commercial directories with content found."

      - name: Check for commercial license file
        run: |
          if [ -f "LICENSE-COMMERCIAL" ]; then
            echo "::error::LICENSE-COMMERCIAL found in community repo"
            exit 1
          fi
          echo "No commercial license file found."

      - name: Check for LicenseRef-Commercial SPDX headers
        run: |
          files=$(grep -rl "LicenseRef-Commercial" \
            --include="*.ts" --include="*.svelte" --include="*.rs" \
            --include="*.toml" --include="*.css" \
            src/ src-tauri/src/ agor-core/ 2>/dev/null || true)
          if [ -n "$files" ]; then
            echo "::error::Files with LicenseRef-Commercial SPDX headers found:"
            echo "$files"
            exit 1
          fi
          echo "No LicenseRef-Commercial headers found."

      - name: Grep for commercial references in source
        run: |
          failed=0

          for pattern in "agor-pro" "agor_pro"; do
            if grep -r --include="*.ts" --include="*.svelte" --include="*.rs" --include="*.toml" \
                "$pattern" src/ src-tauri/src/ 2>/dev/null; then
              echo "::error::Found '$pattern' reference in source code"
              failed=1
            fi
          done

          if [ "$failed" -eq 1 ]; then
            echo "::error::Commercial references detected in community source. See above for details."
            exit 1
          fi
          echo "No commercial references found in source."

      - name: Check for commercial feature flags in package.json
        run: |
          failed=0
          if grep -q '"commercial\|:pro"' package.json 2>/dev/null; then
            echo "::error::Commercial feature flags found in package.json"
            grep '"commercial\|:pro"' package.json
            failed=1
          fi
          if grep -q 'agor-pro' package.json 2>/dev/null; then
            echo "::error::agor-pro dependency found in package.json"
            grep 'agor-pro' package.json
            failed=1
          fi
          if [ "$failed" -eq 1 ]; then
            exit 1
          fi
          echo "No commercial feature flags in package.json."