You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@skywalking.apache.org by wu...@apache.org on 2023/04/09 04:48:41 UTC

[skywalking-eyes] branch main updated: Dependencies check should report unknown licneses (#158)

This is an automated email from the ASF dual-hosted git repository.

wusheng pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/skywalking-eyes.git


The following commit(s) were added to refs/heads/main by this push:
     new 43f8bb8  Dependencies check should report unknown licneses (#158)
43f8bb8 is described below

commit 43f8bb83dc986b77c62aa59112fc8bb44c44bfaa
Author: kezhenxu94 <ke...@apache.org>
AuthorDate: Sun Apr 9 12:48:36 2023 +0800

    Dependencies check should report unknown licneses (#158)
---
 assets/compatibility/Apache-2.0.yaml |  1 +
 pkg/deps/check.go                    | 74 +++++++++++++++++++++++-------------
 pkg/deps/check_test.go               |  4 +-
 3 files changed, 50 insertions(+), 29 deletions(-)

diff --git a/assets/compatibility/Apache-2.0.yaml b/assets/compatibility/Apache-2.0.yaml
index 1814b40..752f871 100644
--- a/assets/compatibility/Apache-2.0.yaml
+++ b/assets/compatibility/Apache-2.0.yaml
@@ -43,6 +43,7 @@ compatible:
   - Unlicense.txt
   - HPND.txt
   - MulanPSL-2.0.txt
+  - MIT
 
 incompatible:
   - Unknown
diff --git a/pkg/deps/check.go b/pkg/deps/check.go
index 15bc546..f5c663a 100644
--- a/pkg/deps/check.go
+++ b/pkg/deps/check.go
@@ -19,6 +19,7 @@ package deps
 
 import (
 	"fmt"
+	"math"
 	"path/filepath"
 	"strings"
 
@@ -73,34 +74,35 @@ func Check(mainLicenseSpdxID string, config *ConfigDeps) error {
 	return CheckWithMatrix(mainLicenseSpdxID, &matrix, &report)
 }
 
-func CheckWithMatrix(mainLicenseSpdxID string, matrix *CompatibilityMatrix, report *Report) error {
-	var incompatibleResults []*Result
-	for _, result := range append(report.Resolved, report.Skipped...) {
-		compare := func(list []string, spdxID string) bool {
-			for _, com := range list {
-				if spdxID == com {
-					return true
-				}
-			}
-			return false
-		}
-		compareAll := func(spdxIDs []string, compare func(spdxID string) bool) bool {
-			for _, spdxID := range spdxIDs {
-				if !compare(spdxID) {
-					return false
-				}
-			}
+func compare(list []string, spdxID string) bool {
+	for _, com := range list {
+		if spdxID == com {
 			return true
 		}
-		compareAny := func(spdxIDs []string, compare func(spdxID string) bool) bool {
-			for _, spdxID := range spdxIDs {
-				if compare(spdxID) {
-					return true
-				}
-			}
+	}
+	return false
+}
+func compareAll(spdxIDs []string, compare func(spdxID string) bool) bool {
+	for _, spdxID := range spdxIDs {
+		if !compare(spdxID) {
 			return false
 		}
+	}
+	return true
+}
+func compareAny(spdxIDs []string, compare func(spdxID string) bool) bool {
+	for _, spdxID := range spdxIDs {
+		if compare(spdxID) {
+			return true
+		}
+	}
+	return false
+}
 
+func CheckWithMatrix(mainLicenseSpdxID string, matrix *CompatibilityMatrix, report *Report) error {
+	var incompatibleResults []*Result
+	var unknownResults []*Result
+	for _, result := range append(report.Resolved, report.Skipped...) {
 		operator, spdxIDs := parseLicenseExpression(result.LicenseSpdxID)
 
 		switch operator {
@@ -134,16 +136,34 @@ func CheckWithMatrix(mainLicenseSpdxID string, matrix *CompatibilityMatrix, repo
 			}
 			if incompatible := compare(matrix.Incompatible, spdxIDs[0]); incompatible {
 				incompatibleResults = append(incompatibleResults, result)
+				continue
 			}
+			unknownResults = append(unknownResults, result)
 		}
 	}
 
-	if len(incompatibleResults) > 0 {
-		str := ""
+	if len(incompatibleResults) > 0 || len(unknownResults) > 0 {
+		dWidth, lWidth := float64(len("Dependency")), float64(len("License"))
 		for _, r := range incompatibleResults {
-			str += fmt.Sprintf("\nLicense: %v Dependency: %v", r.LicenseSpdxID, r.Dependency)
+			dWidth = math.Max(float64(len(r.Dependency)), dWidth)
+			lWidth = math.Max(float64(len(r.LicenseSpdxID)), lWidth)
 		}
-		return fmt.Errorf("the following licenses are incompatible with the main license: %v %v", mainLicenseSpdxID, str)
+		for _, r := range unknownResults {
+			dWidth = math.Max(float64(len(r.Dependency)), dWidth)
+			lWidth = math.Max(float64(len(r.LicenseSpdxID)), lWidth)
+		}
+
+		rowTemplate := fmt.Sprintf("%%-%dv | %%%dv\n", int(dWidth), int(lWidth))
+		s := fmt.Sprintf(rowTemplate, "Dependency", "License")
+		s += fmt.Sprintf(rowTemplate, strings.Repeat("-", int(dWidth)), strings.Repeat("-", int(lWidth)))
+		for _, r := range incompatibleResults {
+			s += fmt.Sprintf(rowTemplate, r.Dependency, r.LicenseSpdxID)
+		}
+		for _, r := range unknownResults {
+			s += fmt.Sprintf(rowTemplate, r.Dependency, r.LicenseSpdxID)
+		}
+
+		return fmt.Errorf("the following licenses are unknown or incompatible with the main license, please check manually: %v\n%v", mainLicenseSpdxID, s)
 	}
 
 	return nil
diff --git a/pkg/deps/check_test.go b/pkg/deps/check_test.go
index 2ba66a4..db4a250 100644
--- a/pkg/deps/check_test.go
+++ b/pkg/deps/check_test.go
@@ -79,7 +79,7 @@ func TestCheckWithMatrix(t *testing.T) {
 		},
 	}); err == nil {
 		t.Errorf("Should return error")
-	} else if !strings.Contains(err.Error(), "License: LGPL-2.0 Dependency: Bar") {
+	} else if !strings.Contains(err.Error(), "Bar        | LGPL-2.0") {
 		t.Errorf("Should return error and contains dependency Bar, now is `%s`", err.Error())
 	}
 
@@ -98,7 +98,7 @@ func TestCheckWithMatrix(t *testing.T) {
 		},
 	}); err == nil {
 		t.Errorf("Should return error")
-	} else if !strings.Contains(err.Error(), "License: Unknown Dependency: Bar") {
+	} else if !strings.Contains(err.Error(), "Bar        | Unknown") {
 		t.Errorf("Should return error and has dependency Bar, now is `%s`", err.Error())
 	}