ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add workaround for files with permissive binary licenses 

Add function "has_binary_license" to check if a file has a non-permissive license contains one. PBL is not recognized by scancode,
causing it to be flagged as a non-permissive license. CI doesn't allow
any non-permissive licenses, although, files flageed as SPDX are
allowed. Workaround causes all files with a valid PBL to be flagged as
missing an SPDX.

Add condition in "has_spdx_text_in_scancode_output" to ignore any spdx
identifier with "unknown" in the name. Scancode erroneously matches PBL to matched_rule.identifer "spdx-license-identifier: unknown-spdx". This prevents the workaround from working.
pull/13847/head
Harrison Mutai 2020-11-03 13:48:53 +00:00
parent f57f2657f8
commit d085e9f1ed
3 changed files with 78 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
tools/test/travis-ci/scancode-evaluate.py
View File

@ -54,12 +54,13 @@ def path_leaf(path):
return tail or os.path.basename(head) return tail or os.path.basename(head)
def has_permissive_text_in_scancode_output(scancode_output_data_file_licenses): def has_permissive_text_in_scancode_output(scancode_output_data_file):
"""Returns true if at list one license in the scancode output is permissive.""" """Returns true if at least one license in the scancode output is permissive or is a Permissive Binary License"""
# temporary workaround for files with Permissive Binary Licenses
return any( return any(
scancode_output_data_file_license['category'] == 'Permissive' scancode_output_data_file_license['category'] == 'Permissive'
for scancode_output_data_file_license in scancode_output_data_file_licenses for scancode_output_data_file_license in scancode_output_data_file['licenses']
) ) or has_binary_license(scancode_output_data_file)
def has_spdx_text_in_scancode_output(scancode_output_data_file_licenses): def has_spdx_text_in_scancode_output(scancode_output_data_file_licenses):
@ -75,6 +76,18 @@ def has_spdx_text_in_analysed_file(scanned_file_content):
return bool(re.findall("SPDX-License-Identifier:?", scanned_file_content)) return bool(re.findall("SPDX-License-Identifier:?", scanned_file_content))
def has_binary_license(scancode_output_data_file):
"""Returns true if the file analysed by ScanCode contains a Permissive Binary License."""
file_path = os.path.abspath(scancode_output_data_file['path'])
try:
with open(file_path, 'r') as read_file:
scanned_file_content = read_file.read()
return bool(re.findall("Permissive Binary License", scanned_file_content))
except UnicodeDecodeError:
userlog.warning("Unable to look for PBL text in `{}`:".format(file_path))
return False
def license_check(scancode_output_path): def license_check(scancode_output_path):
"""Check licenses in the scancode json file for specified directory. """Check licenses in the scancode json file for specified directory.
@ -112,7 +125,7 @@ def license_check(scancode_output_path):
# check the next file in the scancode output # check the next file in the scancode output
continue continue
if not has_permissive_text_in_scancode_output(scancode_output_data_file['licenses']): if not has_permissive_text_in_scancode_output(scancode_output_data_file):
scancode_output_data_file['fail_reason'] = MISSING_PERMISSIVE_LICENSE_TEXT scancode_output_data_file['fail_reason'] = MISSING_PERMISSIVE_LICENSE_TEXT
license_offenders.append(scancode_output_data_file) license_offenders.append(scancode_output_data_file)

17
tools/test/travis-ci/scancode_evaluate_test.py
View File

@ -34,22 +34,36 @@ HEADER_WITH_SPDX = "/* mbed Microcontroller Library\
* limitations under the License.\ * limitations under the License.\
*/" */"
BINARY_HEADER = "/*\
* Copyright (c) 2019, Arm Limited, All Rights Reserved\
* SPDX-License-Identifier: LicenseRef-PBL\
*\
* This file and the related binary are licensed under the\
* Permissive Binary License, Version 1.0 (the \"License\");\
* you may not use these files except in compliance with the License.\
*\
*/"
@pytest.fixture() @pytest.fixture()
def create_scanned_files(): def create_scanned_files():
"""Create stub files. """Create stub files.
test3.h missing license notice test3.h missing license notice
test4.h with license notice test4.h with license notice
test5.h with license notice test5.h with license notice
test6.h with permissive binary license
""" """
file_paths = [ file_paths = [
os.path.join(STUBS_PATH, "test3.h"), os.path.join(STUBS_PATH, "test3.h"),
os.path.join(STUBS_PATH, "test4.h"), os.path.join(STUBS_PATH, "test4.h"),
os.path.join(STUBS_PATH, "test5.h") os.path.join(STUBS_PATH, "test5.h"),
os.path.join(STUBS_PATH, "test6.h")
] ]
for file_path in file_paths: for file_path in file_paths:
with open(file_path, "w") as new_file: with open(file_path, "w") as new_file:
if file_path in [os.path.join(STUBS_PATH, "test3.h")]: if file_path in [os.path.join(STUBS_PATH, "test3.h")]:
new_file.write(HEADER_WITHOUT_SPDX) new_file.write(HEADER_WITHOUT_SPDX)
elif file_path in [os.path.join(STUBS_PATH, "test6.h")]:
new_file.write(BINARY_HEADER)
else: else:
new_file.write(HEADER_WITH_SPDX) new_file.write(HEADER_WITH_SPDX)
yield yield
@ -81,6 +95,7 @@ class TestScancodeEvaluate:
test3.h: Missing `Permissive` license text and `spdx` in match.identifier and not in file tested by ScanCode (error count += 1) test3.h: Missing `Permissive` license text and `spdx` in match.identifier and not in file tested by ScanCode (error count += 1)
test4.h: Missing `Permissive` license text and `spdx` in match.identifier but found in file tested by ScanCode (error count += 1) test4.h: Missing `Permissive` license text and `spdx` in match.identifier but found in file tested by ScanCode (error count += 1)
test5.h: Missing `spdx` in match.identifier but found in file tested by ScanCode. (error count += 0) test5.h: Missing `spdx` in match.identifier but found in file tested by ScanCode. (error count += 0)
test6.h: Matching 'unknown-spdx' in match.identifier and Permissive Binary License in header (error count += 1)
@inputs scancode_test/scancode_test_2.json @inputs scancode_test/scancode_test_2.json
@output 3 @output 3
""" """

44
tools/test/travis-ci/scancode_test/scancode_test_3.json
View File

@ -170,6 +170,50 @@
], ],
"scan_errors":[ "scan_errors":[
]
},
{
"path":"tools/test/travis-ci/scancode_test/test6.h",
"type":"file",
"licenses":[
{
"key": "unknown-spdx",
"score": 100.0,
"name": "Unknown SPDX license detected but not recognized",
"short_name": "unknown SPDX",
"category": "Unstated License",
"is_exception": false,
"owner": "Unspecified",
"homepage_url": null,
"text_url": "",
"reference_url": "https://enterprise.dejacode.com/urn/urn:dje:license:unknown-spdx",
"spdx_license_key": null,
"spdx_url": "",
"start_line": 3,
"end_line": 3,
"matched_rule": {
"identifier": "spdx-license-identifier: unknown-spdx",
"license_expression": "unknown-spdx",
"licenses": [
"unknown-spdx"
],
"is_license_text": false,
"is_license_notice": false,
"is_license_reference": false,
"is_license_tag": true,
"matcher": "1-spdx-id",
"rule_length": 1,
"matched_length": 1,
"match_coverage": 100.0,
"rule_relevance": 100
}
}
],
"license_expressions":[
"unknown-spdx"
],
"scan_errors":[
] ]
} }
] ]