ENGINEERING

Weekly Dependency License Drift Audit

On a weekly schedule, scans every tracked repo's current dependency tree, flags packages whose license changed or fell out of policy since the last run.

CategoryEngineering

Enginesim

Difficultyintermediate

Triggerschedule

Steps6

Setup~15 min

How it runs

The automated pipeline, trigger to output.

TriggerWeekly schedule
ActionPull dependency manifests from each repoGitHub
LogicResolve licenses and diff against baselinePostgres
LogicIsolate license drift since last run
ActionWrite dated drift report to NotionNotion
OutputPersist new inventory as baselinePostgres

What it does

Catches license problems that slip in between PRs: a transitive dependency that re-licensed in a patch release, or a package added through a path the merge gate did not cover. It compares this week's full license inventory against the stored baseline and surfaces only what changed.

When to use it

Run it for ongoing compliance assurance across a portfolio of repos, especially before audits or releases, when you need a dated record of exactly which licenses are in production.

How it works

1A weekly schedule trigger kicks off the audit.
2An action pulls the dependency manifests for each repo from GitHub.
3A logic step resolves every package license and diffs it against the prior baseline stored in Postgres.
4A logic step isolates drift: new out-of-policy licenses, removed packages, and changed terms.
5An action writes the dated drift report to the compliance page in Notion.
6The output step persists the new inventory as the next baseline in Postgres.

Set it up

What you configure once, before turning it on.

1
Connect GitHubRepos, issues, pull requests, actions.
2
Connect PostgresAny Postgres URL — query, write, migrate.
3
Connect NotionPages, databases, comments.
4
Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
5
Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
6
Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.

More Engineering workflows

Upgrade Impact Router to Module Code Owners

Maps a dependency-bump PR's affected modules to their CODEOWNERS, then DMs each owner on Slack with only the changelog slice that touches code they own.

Re-Voice IVR Prompts on Phone-Tree Config Merge

When a phone-tree config change merges in GitHub, regenerates the ElevenLabs audio for any prompt whose script changed in the diff and opens a follow-up PR adding the new audio…

Agent reviews model-license fit and suggests compliant swaps on the PR

When a PR adds a Hugging Face model, an agent reads the model card and license, judges fit against your commercial-use policy.

Scan for deprecated endpoints and email consumers a weekly sunset countdown

On a weekly schedule, scans the OpenAPI spec for endpoints marked deprecated with a sunset date, and emails each consuming team a countdown of how many days remain before removal.

Publish a versioned API changelog to Confluence on each release tag

On a new semver release tag, gathers the contract changes since the last release and writes a clean.

Gate breaking API PRs behind downstream consumer acknowledgement

When a PR introduces a breaking contract change, comments the impact summary back on the PR, applies a blocking label.

Browse all Engineering →

Run it inside a business

This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.

Software

Agent Hive runs Agent Hive

The team that built Agent Hive, exactly as it runs today.

Marketing

Content Marketing Agency

SEO, blogs, social, and reporting on autopilot.

Operations

Internal Operations

Runbooks, on-call, vendor management — disciplined and audited.

Browse all business templates →Solutions by industry →

Run this workflow in your colony.

14-day trial. No DevOps. No Sales call. Provisioned in under a minute.

Join the Waitlist Browse all workflows →