You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@skywalking.apache.org by ke...@apache.org on 2023/04/09 02:40:26 UTC

[skywalking-eyes] branch deps/check updated (6c085cf -> 5b2875d)

This is an automated email from the ASF dual-hosted git repository.

kezhenxu94 pushed a change to branch deps/check
in repository https://gitbox.apache.org/repos/asf/skywalking-eyes.git


 discard 6c085cf  Dependencies check should report unknown licneses
     new 5b2875d  Dependencies check should report unknown licneses

This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version.  This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:

 * -- * -- B -- O -- O -- O   (6c085cf)
            \
             N -- N -- N   refs/heads/deps/check (5b2875d)

You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.

Any revisions marked "omit" are not gone; other references still
refer to them.  Any revisions marked "discard" are gone forever.

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 pkg/deps/check.go      | 50 +++++++++++++++++++++++++-------------------------
 pkg/deps/check_test.go |  4 ++--
 2 files changed, 27 insertions(+), 27 deletions(-)

[skywalking-eyes] 01/01: Dependencies check should report unknown licneses

Posted by ke...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

kezhenxu94 pushed a commit to branch deps/check
in repository https://gitbox.apache.org/repos/asf/skywalking-eyes.git

commit 5b2875d9e5c4f7dbd50d59e15a68d9f9c7d2cd4b
Author: kezhenxu94 <ke...@apache.org>
AuthorDate: Sun Apr 9 10:40:16 2023 +0800

    Dependencies check should report unknown licneses
---
 assets/compatibility/Apache-2.0.yaml |  1 +
 pkg/deps/check.go                    | 74 +++++++++++++++++++++++-------------
 pkg/deps/check_test.go               |  4 +-
 3 files changed, 50 insertions(+), 29 deletions(-)

diff --git a/assets/compatibility/Apache-2.0.yaml b/assets/compatibility/Apache-2.0.yaml
index 1814b40..752f871 100644
--- a/assets/compatibility/Apache-2.0.yaml
+++ b/assets/compatibility/Apache-2.0.yaml
@@ -43,6 +43,7 @@ compatible:
   - Unlicense.txt
   - HPND.txt
   - MulanPSL-2.0.txt
+  - MIT
 
 incompatible:
   - Unknown
diff --git a/pkg/deps/check.go b/pkg/deps/check.go
index 15bc546..f5c663a 100644
--- a/pkg/deps/check.go
+++ b/pkg/deps/check.go
@@ -19,6 +19,7 @@ package deps
 
 import (
 	"fmt"
+	"math"
 	"path/filepath"
 	"strings"
 
@@ -73,34 +74,35 @@ func Check(mainLicenseSpdxID string, config *ConfigDeps) error {
 	return CheckWithMatrix(mainLicenseSpdxID, &matrix, &report)
 }
 
-func CheckWithMatrix(mainLicenseSpdxID string, matrix *CompatibilityMatrix, report *Report) error {
-	var incompatibleResults []*Result
-	for _, result := range append(report.Resolved, report.Skipped...) {
-		compare := func(list []string, spdxID string) bool {
-			for _, com := range list {
-				if spdxID == com {
-					return true
-				}
-			}
-			return false
-		}
-		compareAll := func(spdxIDs []string, compare func(spdxID string) bool) bool {
-			for _, spdxID := range spdxIDs {
-				if !compare(spdxID) {
-					return false
-				}
-			}
+func compare(list []string, spdxID string) bool {
+	for _, com := range list {
+		if spdxID == com {
 			return true
 		}
-		compareAny := func(spdxIDs []string, compare func(spdxID string) bool) bool {
-			for _, spdxID := range spdxIDs {
-				if compare(spdxID) {
-					return true
-				}
-			}
+	}
+	return false
+}
+func compareAll(spdxIDs []string, compare func(spdxID string) bool) bool {
+	for _, spdxID := range spdxIDs {
+		if !compare(spdxID) {
 			return false
 		}
+	}
+	return true
+}
+func compareAny(spdxIDs []string, compare func(spdxID string) bool) bool {
+	for _, spdxID := range spdxIDs {
+		if compare(spdxID) {
+			return true
+		}
+	}
+	return false
+}
 
+func CheckWithMatrix(mainLicenseSpdxID string, matrix *CompatibilityMatrix, report *Report) error {
+	var incompatibleResults []*Result
+	var unknownResults []*Result
+	for _, result := range append(report.Resolved, report.Skipped...) {
 		operator, spdxIDs := parseLicenseExpression(result.LicenseSpdxID)
 
 		switch operator {
@@ -134,16 +136,34 @@ func CheckWithMatrix(mainLicenseSpdxID string, matrix *CompatibilityMatrix, repo
 			}
 			if incompatible := compare(matrix.Incompatible, spdxIDs[0]); incompatible {
 				incompatibleResults = append(incompatibleResults, result)
+				continue
 			}
+			unknownResults = append(unknownResults, result)
 		}
 	}
 
-	if len(incompatibleResults) > 0 {
-		str := ""
+	if len(incompatibleResults) > 0 || len(unknownResults) > 0 {
+		dWidth, lWidth := float64(len("Dependency")), float64(len("License"))
 		for _, r := range incompatibleResults {
-			str += fmt.Sprintf("\nLicense: %v Dependency: %v", r.LicenseSpdxID, r.Dependency)
+			dWidth = math.Max(float64(len(r.Dependency)), dWidth)
+			lWidth = math.Max(float64(len(r.LicenseSpdxID)), lWidth)
 		}
-		return fmt.Errorf("the following licenses are incompatible with the main license: %v %v", mainLicenseSpdxID, str)
+		for _, r := range unknownResults {
+			dWidth = math.Max(float64(len(r.Dependency)), dWidth)
+			lWidth = math.Max(float64(len(r.LicenseSpdxID)), lWidth)
+		}
+
+		rowTemplate := fmt.Sprintf("%%-%dv | %%%dv\n", int(dWidth), int(lWidth))
+		s := fmt.Sprintf(rowTemplate, "Dependency", "License")
+		s += fmt.Sprintf(rowTemplate, strings.Repeat("-", int(dWidth)), strings.Repeat("-", int(lWidth)))
+		for _, r := range incompatibleResults {
+			s += fmt.Sprintf(rowTemplate, r.Dependency, r.LicenseSpdxID)
+		}
+		for _, r := range unknownResults {
+			s += fmt.Sprintf(rowTemplate, r.Dependency, r.LicenseSpdxID)
+		}
+
+		return fmt.Errorf("the following licenses are unknown or incompatible with the main license, please check manually: %v\n%v", mainLicenseSpdxID, s)
 	}
 
 	return nil
diff --git a/pkg/deps/check_test.go b/pkg/deps/check_test.go
index 2ba66a4..db4a250 100644
--- a/pkg/deps/check_test.go
+++ b/pkg/deps/check_test.go
@@ -79,7 +79,7 @@ func TestCheckWithMatrix(t *testing.T) {
 		},
 	}); err == nil {
 		t.Errorf("Should return error")
-	} else if !strings.Contains(err.Error(), "License: LGPL-2.0 Dependency: Bar") {
+	} else if !strings.Contains(err.Error(), "Bar        | LGPL-2.0") {
 		t.Errorf("Should return error and contains dependency Bar, now is `%s`", err.Error())
 	}
 
@@ -98,7 +98,7 @@ func TestCheckWithMatrix(t *testing.T) {
 		},
 	}); err == nil {
 		t.Errorf("Should return error")
-	} else if !strings.Contains(err.Error(), "License: Unknown Dependency: Bar") {
+	} else if !strings.Contains(err.Error(), "Bar        | Unknown") {
 		t.Errorf("Should return error and has dependency Bar, now is `%s`", err.Error())
 	}