.

9a41b3bd · Kirill Smelkov · 89dda15e · 9a41b3bd · e0d6f018 · 9a41b3bd
Commit 9a41b3bd authored Jun 12, 2023 by Kirill Smelkov
Hide whitespace changes
Inline Side-by-side

Showing with 51 additions and 8 deletions

.gitmodules .gitmodules +3 -0

go-license-detector go-license-detector +1 -0

nxdbom/__init__.py nxdbom/__init__.py +47 -8

No files found.
--- a/.gitmodules
+++ b/.gitmodules
+[submodule "go-license-detector"]
+	path = go-license-detector
+	url = https://github.com/go-enry/go-license-detector.git
--- a/go-license-detector @ e0d6f018
+++ b/go-license-detector @ e0d6f018
+Subproject commit e0d6f0187f3a3aaeb8236f9860337ffb92438723
--- a/nxdbom/__init__.py
+++ b/nxdbom/__init__.py
@@ -31,7 +31,7 @@ An example of generated bill of material is provided in example/ors-bom.txt .
 from __future__ import print_function
 import sys, os, configparser, re, codecs
-from os.path import basename, isdir, exists
+from os.path import basename, dirname, isdir, exists
 from glob import glob
 from collections import namedtuple
 from urllib.parse import unquote
@@ -42,6 +42,7 @@ import shutil
 from contextlib import closing
 from hashlib import md5
 import logging
+import subprocess
 from slapos.libnetworkcache import NetworkcacheClient
@@ -76,8 +77,7 @@ def bom_software(installed_software_path): # -> {} (name,kind) -> PkgInfo
        ver = removeprefix(ver, name+'-')   # wendelin.core-2.0.alpha3-0-g6315384  -> 2.0.alpha3-0-g6315384
        if '//' in urlpath:
            url = urlpath
-            if kind == '':
+            license = license_of(url)
-                license = license_of(url)
        else:
            if kind == 'egg':
                # XXX not strictly correct -> better retrieve the actual URL, but buildout does not save it in installed.cfg
@@ -543,10 +543,14 @@ for lic, variants in _licdb.items():
 def spdx_license_canon(license_name):
    # XXX split on ';' ',' 'and' 'or'
    # XXX split as if list ['MIT', 'BSD']  (pystemmer)
-    license_name = license_name.strip()
+    lic = license_name.strip()
-    spdx = _licrevdb.get(license_name)
+    lic = removeprefix("deprecaed_", lic)
+    if lic.endswith('-or-later'):
+        lic = removesufix(lid, '-or-later')
+        lic += '+'
+    spdx = _licrevdb.get(lic)
    if spdx is None:
-        return license_name # XXX temp
+        return lic # XXX temp
        raise ValueError('unknown license %r' % license_name)
    return spdx
@@ -563,6 +567,13 @@ def license_of(url):
        '?p=config.git;a=snapshot;h=5e531d391852a54e7fab2d8ff55625fca514b305;sf=tgz': 'GPL-3.0-with-autoconf-exception',
        'https://sourceforge.net/projects/swig/files/swig/swig-3.0.12/swig-3.0.12.tar.gz/download':  'GPL-3.0+',
+        'https://lab.nexedi.com/nexedi/erp5.git':           'GPL-3.0+-with-NXD-exception',
+        'https://lab.nexedi.com/nexedi/erp5-bin.git':       'GPL-3.0+-with-NXD-exception',
+        'https://lab.nexedi.com/nexedi/erp5-doc.git':       'GPL-3.0+-with-NXD-exception',
+        'https://lab.nexedi.com/nexedi/neoppod.git':        'GPL-3.0+-with-NXD-exception',
+        'https://lab.nexedi.com/nexedi/wendelin.core.git':  'GPL-3.0+-with-NXD-exception',
+        'https://lab.nexedi.com/nexedi/wendelin.git':       'GPL-3.0+-with-NXD-exception',
    }
    if url in known:
        return known[url]
@@ -574,6 +585,7 @@ def license_of(url):
    _, xpath = url.split('//', 1)       # https://tukaani.org/xz/xz-5.2.5.tar.bz2 -> tukaani.org/xz/xz-5.2.5.tar.bz
    #assert '//' not in xpath, xpath    XXX archive.mariadb.org//mariadb-10.3.35/source/mariadb-10.3.35.tar.gz
    assert '..' not in xpath, xpath
+    lpath = '.CACHE/lic/'+xpath
    xpath = '.CACHE/src/'+xpath
    if not exists(xpath):
        # download + unpack -> xpath
@@ -585,8 +597,35 @@ def license_of(url):
        print('X %s ...' % pkgfile, file=sys.stderr)
        shutil.unpack_archive(pkgfile, xpath)
-    # XXX
+    _ = glob('%s/*' % xpath)        # many tarballs come with single directory inside
-    return None
+    if len(_) == 1:
+        xpath = _[0]
+    if not exists(lpath):
+        print('A %s ...' % xpath, file=sys.stderr)
+        licv = subprocess.check_output(['./go-license-detector/cmd/license-detector/license-detector', xpath])
+        licv = licv.decode('utf-8')
+        licv = licv.splitlines()
+        assert licv[0] == xpath, (licv[0], xpath)
+        licv = licv[1:] # first best match
+        #print(licv, file=sys.stderr)
+        lic = licv[0]
+        if licv == "no license file was found":
+            lic = ''
+        else:
+            lic = lic.split(None, 1)[1]
+        print('  -> %s' % lic, file=sys.stderr)
+        mkdir_p(dirname(lpath))
+        with open(lpath, 'w') as f:
+            f.write(lic)
+    else:
+        with open(lpath, 'r') as f:
+            lic = f.read()
+    if lic == '':
+        lic = None
+    return lic
 # wget downloads url to dstfile.