The WordPress.org plugin directory requires that all plugins must be compatible with the GNU General Public License (GPL) and recommends GPLv2 or later as the same license as WordPress itself.

This includes third-party libraries, code, and images. With today’s modern development practices and easier contributions on git-based systems like GitHub, you may not even notice a dependency being added to your project.

This talk explains how to use GitHub Actions to scan your current codebase and ensure that all future pull requests and commits similarly ensure that all third-party libraries (aka dependencies) are GPL-compatible.