ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add workaround for files with permissive binary licenses 

Add function "has_binary_license" to check if a file has a non-permissive license contains one. PBL is not recognized by scancode,
causing it to be flagged as a non-permissive license. CI doesn't allow
any non-permissive licenses, although, files flageed as SPDX are
allowed. Workaround causes all files with a valid PBL to be flagged as
missing an SPDX.

Add condition in "has_spdx_text_in_scancode_output" to ignore any spdx
identifier with "unknown" in the name. Scancode erroneously matches PBL to matched_rule.identifer "spdx-license-identifier: unknown-spdx". This prevents the workaround from working.
pull/13847/head
Harrison Mutai 2020-11-03 13:48:53 +00:00
parent f57f2657f8
commit d085e9f1ed
3 changed files with 78 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
tools/test/travis-ci/scancode-evaluate.py
View File

@ -54,12 +54,13 @@ def path_leaf(path):
return tail or os.path.basename(head)
def has_permissive_text_in_scancode_output(scancode_output_data_file_licenses):
"""Returns true if at list one license in the scancode output is permissive."""
def has_permissive_text_in_scancode_output(scancode_output_data_file):
"""Returns true if at least one license in the scancode output is permissive or is a Permissive Binary License"""
# temporary workaround for files with Permissive Binary Licenses
return any(
scancode_output_data_file_license['category'] == 'Permissive'
for scancode_output_data_file_license in scancode_output_data_file_licenses
)
for scancode_output_data_file_license in scancode_output_data_file['licenses']
) or has_binary_license(scancode_output_data_file)
def has_spdx_text_in_scancode_output(scancode_output_data_file_licenses):
@ -75,6 +76,18 @@ def has_spdx_text_in_analysed_file(scanned_file_content):
return bool(re.findall("SPDX-License-Identifier:?", scanned_file_content))
def has_binary_license(scancode_output_data_file):
"""Returns true if the file analysed by ScanCode contains a Permissive Binary License."""
file_path = os.path.abspath(scancode_output_data_file['path'])
try:
with open(file_path, 'r') as read_file:
scanned_file_content = read_file.read()
return bool(re.findall("Permissive Binary License", scanned_file_content))
except UnicodeDecodeError:
userlog.warning("Unable to look for PBL text in `{}`:".format(file_path))
return False
def license_check(scancode_output_path):
"""Check licenses in the scancode json file for specified directory.
@ -112,7 +125,7 @@ def license_check(scancode_output_path):
# check the next file in the scancode output
continue
if not has_permissive_text_in_scancode_output(scancode_output_data_file['licenses']):
if not has_permissive_text_in_scancode_output(scancode_output_data_file):
scancode_output_data_file['fail_reason'] = MISSING_PERMISSIVE_LICENSE_TEXT
license_offenders.append(scancode_output_data_file)

17
tools/test/travis-ci/scancode_evaluate_test.py
View File

@ -34,22 +34,36 @@ HEADER_WITH_SPDX = "/* mbed Microcontroller Library\
* limitations under the License.\
*/"
BINARY_HEADER = "/*\
* Copyright (c) 2019, Arm Limited, All Rights Reserved\
* SPDX-License-Identifier: LicenseRef-PBL\
*\
* This file and the related binary are licensed under the\
* Permissive Binary License, Version 1.0 (the \"License\");\
* you may not use these files except in compliance with the License.\
*\
*/"
@pytest.fixture()
def create_scanned_files():
"""Create stub files.
test3.h missing license notice
test4.h with license notice
test5.h with license notice
test6.h with permissive binary license
"""
file_paths = [
os.path.join(STUBS_PATH, "test3.h"),
os.path.join(STUBS_PATH, "test4.h"),
os.path.join(STUBS_PATH, "test5.h")
os.path.join(STUBS_PATH, "test5.h"),
os.path.join(STUBS_PATH, "test6.h")
]
for file_path in file_paths:
with open(file_path, "w") as new_file:
if file_path in [os.path.join(STUBS_PATH, "test3.h")]:
new_file.write(HEADER_WITHOUT_SPDX)
elif file_path in [os.path.join(STUBS_PATH, "test6.h")]:
new_file.write(BINARY_HEADER)
else:
new_file.write(HEADER_WITH_SPDX)
yield
@ -81,6 +95,7 @@ class TestScancodeEvaluate:
test3.h: Missing `Permissive` license text and `spdx` in match.identifier and not in file tested by ScanCode (error count += 1)
test4.h: Missing `Permissive` license text and `spdx` in match.identifier but found in file tested by ScanCode (error count += 1)
test5.h: Missing `spdx` in match.identifier but found in file tested by ScanCode. (error count += 0)
test6.h: Matching 'unknown-spdx' in match.identifier and Permissive Binary License in header (error count += 1)
@inputs scancode_test/scancode_test_2.json
@output 3
"""

44
tools/test/travis-ci/scancode_test/scancode_test_3.json
View File

@ -170,6 +170,50 @@
],
"scan_errors":[
]
},
{
"path":"tools/test/travis-ci/scancode_test/test6.h",
"type":"file",
"licenses":[
{
"key": "unknown-spdx",
"score": 100.0,
"name": "Unknown SPDX license detected but not recognized",
"short_name": "unknown SPDX",
"category": "Unstated License",
"is_exception": false,
"owner": "Unspecified",
"homepage_url": null,
"text_url": "",
"reference_url": "https://enterprise.dejacode.com/urn/urn:dje:license:unknown-spdx",
"spdx_license_key": null,
"spdx_url": "",
"start_line": 3,
"end_line": 3,
"matched_rule": {
"identifier": "spdx-license-identifier: unknown-spdx",
"license_expression": "unknown-spdx",
"licenses": [
"unknown-spdx"
],
"is_license_text": false,
"is_license_notice": false,
"is_license_reference": false,
"is_license_tag": true,
"matcher": "1-spdx-id",
"rule_length": 1,
"matched_length": 1,
"match_coverage": 100.0,
"rule_relevance": 100
}
}
],
"license_expressions":[
"unknown-spdx"
],
"scan_errors":[
]
}
]