implemented requested changes

Author: sachin-panayil

CONTRIBUTING.md

@@ -43,9 +43,11 @@ npm test
 The action uses [Zod](https://zod.dev/) for schema validation, automatically validating code.json in two scenarios:
 
 ### 1. Before Generation
+
 Every time the action generates or updates code.json (via schedule or workflow_dispatch), it validates the output before creating a PR or pushing. If validation fails, no changes are made.
 
 ### 2. On PR Edits
+
 When the `pull_request` trigger is configured, the action validates code.json whenever it's edited in a PR. This ensures users cannot accidentally merge invalid JSON.
 
 ### Workflow and Branching

README.md

@@ -46,7 +46,7 @@ method_used:
 
 ## Workflow Examples
 
-### Option 1: Direct Push 
+### Option 1: Direct Push
 
 This approach tries to push directly to the branch using a Personal Access Token, but falls back to creating a pull request if the direct push fails. When users need to edit code.json, they should create a PR which will automatically validate their changes.
 
@@ -59,7 +59,7 @@ on:
   pull_request:
     types: [opened, synchronize]
     paths:
-      - 'code.json'
+      - "code.json"
 
 permissions:
   contents: write
@@ -80,7 +80,7 @@ jobs:
         uses: DSACMS/automated-codejson-generator@v1.2.0
         with:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          ADMIN_TOKEN: ${{ secrets.ADMIN_PAT }}  # PAT with admin/push permissions
+          ADMIN_TOKEN: ${{ secrets.ADMIN_PAT }} # PAT with admin/push permissions
           BRANCH: "main"
           SKIP_PR: "true"
 
@@ -107,7 +107,7 @@ on:
   pull_request:
     types: [opened, synchronize]
     paths:
-      - 'code.json'
+      - "code.json"
 
 permissions:
   contents: write
@@ -128,17 +128,19 @@ jobs:
         with:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           BRANCH: "main"
-          SKIP_PR: "false" 
+          SKIP_PR: "false"
 ```
 
 ### How It Works
 
 **Automatic Generation**
+
 - The action calculates metadata, validates it, and creates a PR or pushes directly
 - Validation ensures only valid code.json is created
 - Users can then fill in manual fields by editing the PR
 
 **PR Validation**
+
 - When users edit code.json in a PR, validation runs automatically on every commit
 - The PR cannot be merged if validation fails (when branch protection is enabled)
 - Error messages help users fix issues quickly
@@ -158,7 +160,7 @@ To use the direct push functionality, you'll need to create a Personal Access To
 5. **Configure Token**:
    - **Name**: Give it a name like "code.json Generator"
    - **Expiration**: Set appropriate expiration (recommend 90 days or 1 year)
-   - **Scopes**: 
+   - **Scopes**:
      - Select `repo` (full repository access)
 6. **Store Token**: Copy and paste your token and store it for the next part
 
@@ -197,7 +199,7 @@ The automated code.json generator calculates specific fields by analyzing your r
 
 **dateLastModified**: This uses your repository's last update timestamp, reflecting the most recent changes. No configuration needed.
 
-**dateMetaDataLastUpdated**: The generator sets this to the current timestamp each time it runs, providing a record of when the metadata was last refreshed. No configuration needed.
+**dateMetadataLastUpdated**: The generator sets this to the current timestamp each time it runs, providing a record of when the metadata was last refreshed. No configuration needed.
 
 **feedbackMechanism**: The repository's issues URL in the format of {repositoryURL}/issues. If you already have a code.json file with existing feedback mechanisms, the generator preserves those values. No configuration needed.
 

code.json

@@ -28,19 +28,10 @@
     "forks": 2,
     "clones": 0
   },
-  "platforms": [
-    "web",
-    "linux"
-  ],
-  "categories": [
-    "developer-tools",
-    "automation"
-  ],
+  "platforms": ["web", "linux"],
+  "categories": ["developer-tools", "automation"],
   "softwareType": "standalone/backend",
-  "languages": [
-    "TypeScript",
-    "JavaScript"
-  ],
+  "languages": ["TypeScript", "JavaScript"],
   "maintenance": "internal",
   "contractNumber": [],
   "SBOM": "https://github.com/DSACMS/automated-codejson-generator/network/dependencies",
@@ -52,9 +43,7 @@
     "lastModified": "2025-09-17T22:40:02Z",
     "metaDataLastUpdated": "2025-09-26T15:08:24.592Z"
   },
-  "tags": [
-    "cmsoss-tier2"
-  ],
+  "tags": ["cmsoss-tier2"],
   "contact": {
     "email": "opensource@cms.hhs.gov",
     "name": "CMS Open Source Team"
@@ -66,15 +55,9 @@
   "userInput": false,
   "fismaLevel": "Low",
   "group": "CMS/OA/DSAC",
-  "projects": [
-    "SHARE IT Act"
-  ],
+  "projects": ["SHARE IT Act"],
   "systems": [],
-  "subsetInHealthcare": [
-    "Operational"
-  ],
-  "userType": [
-    "Government"
-  ],
+  "subsetInHealthcare": ["Operational"],
+  "userType": ["Government"],
   "maturityModelTier": 3
-}
+}

src/helper.ts

@@ -67,7 +67,7 @@ export async function calculateMetaData(): Promise<Partial<CodeJSON>> {
       date: {
         created: basicInfo.date.created,
         lastModified: basicInfo.date.lastModified,
-        metaDataLastUpdated: basicInfo.date.metaDataLastUpdated,
+        metadataLastUpdated: basicInfo.date.metadataLastUpdated,
       },
     };
   } catch (error) {
@@ -100,7 +100,7 @@ async function getBasicInfo(): Promise<BasicRepoInfo> {
       date: {
         created: repoData.data.created_at,
         lastModified: repoData.data.updated_at,
-        metaDataLastUpdated: new Date().toISOString(),
+        metadataLastUpdated: new Date().toISOString(),
       },
     };
   } catch (error) {

src/main.ts

@@ -9,7 +9,7 @@ const baselineCodeJSON: CodeJSON = {
   longDescription: "",
   status: "",
   permissions: {
-    license: [
+    licenses: [
       {
         name: "",
         URL: "",
@@ -45,7 +45,7 @@ const baselineCodeJSON: CodeJSON = {
   date: {
     created: "",
     lastModified: "",
-    metaDataLastUpdated: "",
+    metadataLastUpdated: "",
   },
   tags: [],
   contact: {
@@ -110,8 +110,8 @@ async function getMetaData(
     date: {
       created: partialCodeJSON.date?.created ?? "",
       lastModified: partialCodeJSON.date?.lastModified ?? "",
-      metaDataLastUpdated:
-        partialCodeJSON.date?.metaDataLastUpdated ?? new Date().toISOString(),
+      metadataLastUpdated:
+        partialCodeJSON.date?.metadataLastUpdated ?? new Date().toISOString(),
     },
     feedbackMechanism,
     SBOM,

src/model.ts

@@ -49,7 +49,7 @@ export interface ReuseFrequency {
 }
 
 export interface Permissions {
-  license: License[];
+  licenses: License[];
   usageType: string[];
   exemptionText: string;
 }
@@ -78,7 +78,7 @@ export interface Partner {
 export interface Date {
   created: string;
   lastModified: string;
-  metaDataLastUpdated: string;
+  metadataLastUpdated: string;
 }
 
 export interface Contact {

src/validation.ts

@@ -3,9 +3,9 @@ import { z } from "zod";
 const DateSchema = z.object({
   created: z.string().min(1, "created date is required"),
   lastModified: z.string().min(1, "lastModified date is required"),
-  metaDataLastUpdated: z
+  metadataLastUpdated: z
     .string()
-    .min(1, "metaDataLastUpdated date is required"),
+    .min(1, "metadataLastUpdated date is required"),
 });
 
 const ContactSchema = z.object({
@@ -20,15 +20,31 @@ const LicenseSchema = z.object({
 
 const PermissionsSchema = z
   .object({
-    license: z.array(LicenseSchema).optional(),
-    licenses: z.array(LicenseSchema).optional(),
+    licenses: z.array(LicenseSchema).min(1, "at least one license is required"),
     usageType: z.union([z.array(z.string()), z.string()]),
     exemptionText: z.string(),
   })
-  .refine((data) => data.license || data.licenses, {
-    message: "Either 'license' or 'licenses' array is required",
-    path: ["license"],
-  });
+  .refine(
+    (data) => {
+      const usageTypes = Array.isArray(data.usageType)
+        ? data.usageType
+        : [data.usageType];
+
+      const hasExemption = usageTypes.some(
+        (type) => typeof type === "string" && type.startsWith("exemptBy"),
+      );
+
+      if (hasExemption) {
+        return data.exemptionText && data.exemptionText.trim().length > 0;
+      }
+
+      return true;
+    },
+    {
+      message: "exemptionText is required when usageType contains an exemption",
+      path: ["exemptionText"],
+    },
+  );
 
 const ReuseFrequencySchema = z.object({
   forks: z.number(),