Example 1 with LicenseData
use of org.eclipse.dash.licenses.LicenseData in project dash-licenses by eclipse.
the class LicenseCheckerTests method testWithUnsupported.
@Test
void testWithUnsupported() {
IContentId contentId = ContentId.getContentId("p2/eclipseplugin/-/write/0.2.0");
Map<IContentId, LicenseData> licenseData = licenseChecker.getLicenseData(Collections.singleton(contentId));
LicenseData data = licenseData.get(contentId);
assertNull(data.getLicense());
assertEquals(LicenseSupport.Status.Restricted, data.getStatus());
}
Also used :
IContentId(org.eclipse.dash.licenses.IContentId)
LicenseData(org.eclipse.dash.licenses.LicenseData)
Test(org.junit.jupiter.api.Test)
Example 2 with LicenseData
use of org.eclipse.dash.licenses.LicenseData in project dash-licenses by eclipse.
the class LicenseCheckerTests method testSingleApprovedLicense.
@Test
void testSingleApprovedLicense() {
IContentId contentId = ContentId.getContentId("npm/npmjs/-/write/1.0.3");
Map<IContentId, LicenseData> licenseData = licenseChecker.getLicenseData(Collections.singleton(contentId));
LicenseData data = licenseData.get(contentId);
assertEquals("MIT", data.getLicense());
assertEquals(LicenseSupport.Status.Approved, data.getStatus());
}
Also used :
IContentId(org.eclipse.dash.licenses.IContentId)
LicenseData(org.eclipse.dash.licenses.LicenseData)
Test(org.junit.jupiter.api.Test)
Example 3 with LicenseData
use of org.eclipse.dash.licenses.LicenseData in project dash-licenses by eclipse.
the class LicenseCheckMojo method execute.
@Override
public void execute() throws MojoExecutionException, MojoFailureException {
// top-level reactor project and avoids duplicate invokations
if (!mavenSession.getCurrentProject().equals(mavenSession.getTopLevelProject())) {
return;
}
if (skip) {
getLog().info("Skipping dependency license check");
return;
}
// Validate the user-given dash license tool settings
ISettings settings;
try {
settings = new MavenSettings(batch, foundationApi, clearlyDefinedApi, licenses, confidence, projectId, iplabToken);
} catch (IllegalArgumentException e) {
throw new MojoExecutionException("Invalid setting: " + e.getMessage());
}
// Get filtered list of project dependencies for all modules in the reactor
Set<Artifact> filteredArtifacts = new HashSet<>();
for (MavenProject project : reactorProjects) {
filteredArtifacts.addAll(filterArtifacts(project.getArtifacts()));
}
if (getLog().isDebugEnabled()) {
getLog().debug("Filtered dependency artifact list:");
filteredArtifacts.stream().sorted().map(a -> " " + a).forEach(getLog()::debug);
}
// Adapt dependency artifacts to dash content IDs
List<IContentId> deps = new ArrayList<>();
filteredArtifacts.stream().sorted().forEach(a -> {
String type = a.getGroupId().startsWith(TychoConstants.P2_GROUPID_PREFIX) ? "p2" : "maven";
// TODO deps are not necessarily from orbit or maven central
String source = a.getGroupId().startsWith(TychoConstants.P2_GROUPID_PREFIX) ? "orbit" : "mavencentral";
// TODO could get duplicates here if two artifact coords differ only by
// classifier
deps.add(ContentId.getContentId(type, source, a.getGroupId(), a.getArtifactId(), a.getVersion()));
});
List<IResultsCollector> collectors = new ArrayList<>();
// This collector generates feedback for the user that the command line tool
// would always print to stdout, so we collect the output in memory for printing
// to the maven log later
ByteArrayOutputStream primaryOut = new ByteArrayOutputStream();
NeedsReviewCollector needsReviewCollector = new NeedsReviewCollector();
collectors.add(needsReviewCollector);
Injector injector = Guice.createInjector(new LicenseToolModule(settings, createProxySettings()));
LicenseChecker checker = injector.getInstance(LicenseChecker.class);
summary.getParentFile().mkdirs();
reviewSummary.getParentFile().mkdirs();
try (OutputStream summaryOut = new FileOutputStream(summary);
PrintWriter reviewSummaryOut = new PrintWriter(new FileWriter(reviewSummary))) {
collectors.add(new CSVCollector(summaryOut));
if (iplabToken != null && projectId != null) {
collectors.add(new CreateReviewRequestCollector(injector.getInstance(GitLabSupport.class), (id, url) -> reviewSummaryOut.println("[" + id + "](" + url + ")")));
} else if (iplabToken != null) {
getLog().info("Provide both an authentication token and a project id to automatically create review tickets.");
}
for (LicenseData licenseData : checker.getLicenseData(deps).values()) {
collectors.forEach(c -> c.accept(licenseData));
}
collectors.forEach(IResultsCollector::close);
} catch (IOException e) {
throw new MojoExecutionException("Can't write dependency summary file", e);
}
// Pass the output from the collectors to the maven log
primaryOut.toString(StandardCharsets.UTF_8).lines().forEach(getLog()::info);
getLog().info("Summary file was written to: " + summary);
if (failWhenReviewNeeded && needsReviewCollector.getStatus() > 0) {
getLog().error("Dependency license check failed. Some dependencies need to be vetted.");
throw new MojoFailureException("Some dependencies must be vetted.");
}
}
Also used :
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
SecDispatcher(org.sonatype.plexus.components.sec.dispatcher.SecDispatcher)
Component(org.apache.maven.plugins.annotations.Component)
IContentId(org.eclipse.dash.licenses.IContentId)
Parameter(org.apache.maven.plugins.annotations.Parameter)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
Mojo(org.apache.maven.plugins.annotations.Mojo)
Proxy(org.apache.maven.settings.Proxy)
MavenProject(org.apache.maven.project.MavenProject)
TychoConstants(org.eclipse.tycho.TychoConstants)
CSVCollector(org.eclipse.dash.licenses.cli.CSVCollector)
LicenseToolModule(org.eclipse.dash.licenses.context.LicenseToolModule)
Artifact(org.apache.maven.artifact.Artifact)
LifecyclePhase(org.apache.maven.plugins.annotations.LifecyclePhase)
ResolutionScope(org.apache.maven.plugins.annotations.ResolutionScope)
ContentId(org.eclipse.dash.licenses.ContentId)
OutputStream(java.io.OutputStream)
PrintWriter(java.io.PrintWriter)
GitLabSupport(org.eclipse.dash.licenses.review.GitLabSupport)
IProxySettings(org.eclipse.dash.licenses.IProxySettings)
MavenSession(org.apache.maven.execution.MavenSession)
LicenseData(org.eclipse.dash.licenses.LicenseData)
FileWriter(java.io.FileWriter)
FileOutputStream(java.io.FileOutputStream)
Set(java.util.Set)
ISettings(org.eclipse.dash.licenses.ISettings)
NeedsReviewCollector(org.eclipse.dash.licenses.cli.NeedsReviewCollector)
IOException(java.io.IOException)
IResultsCollector(org.eclipse.dash.licenses.cli.IResultsCollector)
MojoExecutionException(org.apache.maven.plugin.MojoExecutionException)
File(java.io.File)
StandardCharsets(java.nio.charset.StandardCharsets)
MojoFailureException(org.apache.maven.plugin.MojoFailureException)
Injector(com.google.inject.Injector)
List(java.util.List)
CreateReviewRequestCollector(org.eclipse.dash.licenses.review.CreateReviewRequestCollector)
Guice(com.google.inject.Guice)
LicenseChecker(org.eclipse.dash.licenses.LicenseChecker)
CSVCollector(org.eclipse.dash.licenses.cli.CSVCollector)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
OutputStream(java.io.OutputStream)
FileOutputStream(java.io.FileOutputStream)
FileWriter(java.io.FileWriter)
LicenseData(org.eclipse.dash.licenses.LicenseData)
ArrayList(java.util.ArrayList)
LicenseChecker(org.eclipse.dash.licenses.LicenseChecker)
NeedsReviewCollector(org.eclipse.dash.licenses.cli.NeedsReviewCollector)
LicenseToolModule(org.eclipse.dash.licenses.context.LicenseToolModule)
MavenProject(org.apache.maven.project.MavenProject)
Injector(com.google.inject.Injector)
CreateReviewRequestCollector(org.eclipse.dash.licenses.review.CreateReviewRequestCollector)
HashSet(java.util.HashSet)
PrintWriter(java.io.PrintWriter)
MojoExecutionException(org.apache.maven.plugin.MojoExecutionException)
IResultsCollector(org.eclipse.dash.licenses.cli.IResultsCollector)
MojoFailureException(org.apache.maven.plugin.MojoFailureException)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
IOException(java.io.IOException)
ISettings(org.eclipse.dash.licenses.ISettings)
Artifact(org.apache.maven.artifact.Artifact)
IContentId(org.eclipse.dash.licenses.IContentId)
FileOutputStream(java.io.FileOutputStream)
Example 4 with LicenseData
use of org.eclipse.dash.licenses.LicenseData in project dash-licenses by eclipse.
the class LicenseCheckerTests method testSingleUnapprovedLicense.
@Test
void testSingleUnapprovedLicense() {
IContentId contentId = ContentId.getContentId("npm/npmjs/@yarnpkg/lockfile/1.1.0");
Map<IContentId, LicenseData> licenseData = licenseChecker.getLicenseData(Collections.singleton(contentId));
LicenseData data = licenseData.get(contentId);
assertEquals("BSD-2-Clause", data.getLicense());
assertEquals(LicenseSupport.Status.Restricted, data.getStatus());
}
Also used :
IContentId(org.eclipse.dash.licenses.IContentId)
LicenseData(org.eclipse.dash.licenses.LicenseData)
Test(org.junit.jupiter.api.Test)
Example 5 with LicenseData
use of org.eclipse.dash.licenses.LicenseData in project dash-licenses by eclipse.
the class GitLabSupport method createReviews.
public void createReviews(List<LicenseData> needsReview, BiConsumer<IContentId, String> monitor) {
execute(connection -> {
var count = 0;
for (LicenseData licenseData : needsReview) {
if (count >= MAXIMUM_REVIEWS)
break;
count++;
if (!licenseData.getId().isValid()) {
logger.info("I don't know what to do with {}.", licenseData.getId().toString());
continue;
}
logger.info("A review is required for {}.", licenseData.getId().toString());
Stream<ExtendedContentData> extendedData = dataService.findFor(licenseData.getId());
/*
* Ideally, we need a way to "create if does not already exist" feature in the
* GitLab API. But since we don't have that, we'll leverage the expectation that
* concurrent requests to review the same content will be relatively rare (there
* is some risk that between asking if we have an existing issue for a review
* for a particular bit of content and creating a new one, that somebody else
* might be doing the same). Our expectation is that the potential additional
* churn on the backend should require significantly less effort than that
* required to prevent rare duplication.
*/
try {
GitLabReview review = new GitLabReview(settings.getProjectId(), licenseData, extendedData);
Issue existing = connection.findIssue(review);
if (existing != null) {
monitor.accept(licenseData.getId(), existing.getWebUrl());
logger.info("A review request already exists {}.", existing.getWebUrl());
continue;
}
Issue created = connection.createIssue(review);
if (created == null) {
logger.error("An error occurred while attempting to create a review request. Aborting.");
// TODO If we break creating a review, then don't try to create any more.
break;
}
monitor.accept(licenseData.getId(), created.getWebUrl());
logger.info("A review request was created {}.", created.getWebUrl());
} catch (GitLabApiException e) {
throw new RuntimeException(e);
}
}
if (count < needsReview.size()) {
logger.info("More content needs to be reviewed.");
logger.info("For now, however, this experimental feature only submits the first {}.\n", count);
}
});
}
Also used :
Issue(org.gitlab4j.api.models.Issue)
LicenseData(org.eclipse.dash.licenses.LicenseData)
GitLabApiException(org.gitlab4j.api.GitLabApiException)
ExtendedContentData(org.eclipse.dash.licenses.extended.ExtendedContentData)
Aggregations
LicenseData (org.eclipse.dash.licenses.LicenseData)6
IContentId (org.eclipse.dash.licenses.IContentId)4
ExtendedContentData (org.eclipse.dash.licenses.extended.ExtendedContentData)2
GitLabApiException (org.gitlab4j.api.GitLabApiException)2
Issue (org.gitlab4j.api.models.Issue)2
Test (org.junit.jupiter.api.Test)2
Guice (com.google.inject.Guice)1
Injector (com.google.inject.Injector)1
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
File (java.io.File)1
FileOutputStream (java.io.FileOutputStream)1
FileWriter (java.io.FileWriter)1
IOException (java.io.IOException)1
OutputStream (java.io.OutputStream)1
PrintWriter (java.io.PrintWriter)1
StandardCharsets (java.nio.charset.StandardCharsets)1
MessageFormat (java.text.MessageFormat)1
ArrayList (java.util.ArrayList)1
HashSet (java.util.HashSet)1
List (java.util.List)1
