licensecheck

Documentation

Overview

Package licensecheck provides a tool for searching RPMs for bad licenses, as well as several directly callable functions. The core of the tool is the LicenseChecker struct, which is responsible for searching RPMs for bad licenses. The tool is based on a 'simpletoolchroot' which is a wrapper that allows for easy chroot creation and cleanup.

The lifecycle of the LicenseChecker is as follows:

1. Create a new LicenseChecker with New()

2. Call CheckLicenses() to search for bad licenses

3. Either:

• Call FormatResults() to get a formatted string of the results
• Call GetAllResults() to get all the results, split into buckets.

4. Call CleanUp() to tear down the chroot

Also provided are several directly callable functions (these expect to be run in an environment with the necessary macros, i.e. a chroot): CheckRpmLicenses(), IsALicenseFile(), IsASkippedLicenseFile()

The LicenseCheckerResult struct is used to store the results of the search. It contains the path to the RPM, a list of bad documents, a list of bad files, and a list of duplicated documents. The bad documents are %doc files that are not at least also in the license files. The bad files are general files that are misplaced in the licenses directory.

The duplicated documents are %doc files that are also in the license files. These are not technically bad, but are messy and should be cleaned up.

Index

• Constants
• func IsValidLicenseCheckMode(mode LicenseCheckMode) bool
• func SaveLicenseCheckResults(savePath string, resultsList []LicenseCheckResult) error
• func ValidLicenseCheckModeStrings() (modes []string)
• type LicenseCheckMode
• type LicenseCheckResult
  • func SortAndFilterResults(results []LicenseCheckResult, mode LicenseCheckMode) (anyResult, warnings, errors []LicenseCheckResult)
  • func (r *LicenseCheckResult) HasErrorResult(mode LicenseCheckMode) (hasErrorResult bool)
  • func (r *LicenseCheckResult) HasWarningResult(mode LicenseCheckMode) bool
• type LicenseChecker
  • func New(...) (newLicenseChecker *LicenseChecker, err error)
  • func (l *LicenseChecker) CheckLicenses(quiet bool) (latestResults []LicenseCheckResult, err error)
  • func (l *LicenseChecker) Cleanup() error
  • func (l *LicenseChecker) GetResults(mode LicenseCheckMode) (all, warnings, errors []LicenseCheckResult)
• type LicenseExceptions
  • func LoadLicenseExceptions(file string) (LicenseExceptions, error)
  • func (l *LicenseExceptions) ShouldIgnoreFile(packageName, filePath string) bool
• type LicenseNames
  • func LoadLicenseNames(file string) (LicenseNames, error)
  • func (l *LicenseNames) IsALicenseFile(pkgName, licenseFilePath string) bool
  • func (l *LicenseNames) IsASkippedLicenseFile(pkgName, licenseFilePath string) bool
• type PkgExceptions

Constants

const (
	LicenseCheckModeNone      = LicenseCheckMode("none")     // Disable license checking
	LicenseCheckModeWarnOnly  = LicenseCheckMode("warn")     // Convert all findings into warnings
	LicenseCheckModeFatalOnly = LicenseCheckMode("fatal")    // Report critical errors, but allow warnings
	LicenseCheckModePedantic  = LicenseCheckMode("pedantic") // Convert all findings into errors

	LicenseCheckModeDefault = LicenseCheckModeFatalOnly
)

Functions

func IsValidLicenseCheckMode

func IsValidLicenseCheckMode(mode LicenseCheckMode) bool

IsValidLicenseCheckMode returns true if the given mode is a valid license check mode

func SaveLicenseCheckResults

func SaveLicenseCheckResults(savePath string, resultsList []LicenseCheckResult) error

SaveLicenseCheckResults saves a list of all warnings and errors to a json file.

func ValidLicenseCheckModeStrings

func ValidLicenseCheckModeStrings() (modes []string)

ValidLicenseCheckModeStrings returns a list of all valid license check modes as strings for use with the command line

Types

type LicenseCheckMode

type LicenseCheckMode string

Valid license check modes which controls the behavior of the license checker package when filtering issues. These are intended to be used as command line flags in addition to being used in code.

type LicenseCheckResult

type LicenseCheckResult struct {
	RpmPath        string   `json:"RpmPath"`
	PackageName    string   `json:"PackageName,omitempty"`
	BadDocs        []string `json:"BadDocs,omitempty"`
	BadFiles       []string `json:"BadFiles,omitempty"`
	DuplicatedDocs []string `json:"DuplicatedDocs,omitempty"`
}

LicenseCheckResult is the result of a license check on an single RPM

func SortAndFilterResults

func SortAndFilterResults(results []LicenseCheckResult, mode LicenseCheckMode) (anyResult, warnings, errors []LicenseCheckResult)

SortAndFilterResults sorts the provided input slice, then filters them into three categories: anyResult, warnings, and errors. The results slice passed to the function will also be sorted in-place. The mode flag will control how the results are filtered.

func (*LicenseCheckResult) HasErrorResult

func (r *LicenseCheckResult) HasErrorResult(mode LicenseCheckMode) (hasErrorResult bool)

HasErrorResult returns true if the result contains at least one finding that should be treated as an error based on the provided mode.

func (*LicenseCheckResult) HasWarningResult

func (r *LicenseCheckResult) HasWarningResult(mode LicenseCheckMode) bool

HasWarningResult returns true if the result contains at least one finding that should be treated as a warning based on the provided mode.

type LicenseChecker

type LicenseChecker struct {
	// contains filtered or unexported fields
}

LicenseChecker is a tool for searching RPMs for bad licenses

func New

func New(buildDirPath, workerTarPath, rpmDirPath, nameFilePath, exceptionFilePath, distTag string,
) (newLicenseChecker *LicenseChecker, err error)

New creates a new license checker. If this returns successfully the caller is responsible for calling CleanUp(). - buildDirPath: The path to create the chroot inside - workerTarPath: The path to the worker tarball - rpmDirPath: The path to the directory containing the RPMs - nameFilePath: The path to the .json file containing license names - exceptionFilePath: Optional, the path to the .json file containing license exceptions to ignore - distTag: The distribution tag to use when parsing RPMs

func (*LicenseChecker) CheckLicenses

func (l *LicenseChecker) CheckLicenses(quiet bool) (latestResults []LicenseCheckResult, err error)

CheckLicenses will scan all .rpm files in the chroot for bad licenses. New unfiltered results will be returned but also appended to the internal results list which can be accessed with GetResults().

func (*LicenseChecker) Cleanup

func (l *LicenseChecker) Cleanup() error

Cleanup tears down the chroot. If the chroot was created it will be cleaned up. Reset the struct to its initial state.

func (*LicenseChecker) GetResults

func (l *LicenseChecker) GetResults(mode LicenseCheckMode) (all, warnings, errors []LicenseCheckResult)

GetResults returns the cumulative results of the search, split into: - All results: Every scan result - Any result that has at least one warning - Any result that has at least one error

type LicenseExceptions

type LicenseExceptions struct {
	PkgExceptions             []PkgExceptions `json:"PkgExceptions"`
	GlobalExceptionsRegexList []string        `json:"GlobalExceptionsRegexList"`
	// contains filtered or unexported fields
}

func LoadLicenseExceptions

func LoadLicenseExceptions(file string) (LicenseExceptions, error)

LoadLicenseExceptions loads the license exceptions from the given .json file into a LicenseExceptions struct

func (*LicenseExceptions) ShouldIgnoreFile

func (l *LicenseExceptions) ShouldIgnoreFile(packageName, filePath string) bool

ShouldIgnoreFile checks if the given file should be ignored based on the license exceptions - packageName: the name of the package as returned by rpm query '%{NAME}' - filePath: the path of the file to be checked as returned by rpm query '%{FILENAMES}'

type LicenseNames

type LicenseNames struct {
	FuzzyLicenseNamesRegexList []string `json:"FuzzyLicenseNamesRegexList"`

	VerbatimLicenseNamesRegexList []string `json:"VerbatimLicenseNamesRegexList"`

	SkipLicenseNamesRegexList []string `json:"SkipLicenseNamesRegexList"`
	// contains filtered or unexported fields
}

func LoadLicenseNames

func LoadLicenseNames(file string) (LicenseNames, error)

LoadLicenseNames loads the license name regexes from the given .json file into a LicenseNames struct

func (*LicenseNames) IsALicenseFile

func (l *LicenseNames) IsALicenseFile(pkgName, licenseFilePath string) bool

IsALicenseFile makes a best effort guess if a file is a license file or not. This is a heuristic and is NOT foolproof however. Some examples of files that may be incorrectly identified as licenses: - /path/to/code/gpl/README.md ("gpl") - /path/to/a/hash/CC05f4dcc3b5aa765d61d8327deb882cf ("cc0") - /path/to/freebsd-parts/file.ext ("bds")

func (*LicenseNames) IsASkippedLicenseFile

func (l *LicenseNames) IsASkippedLicenseFile(pkgName, licenseFilePath string) bool

IsASkippedLicenseFile checks if a file is a known non-license file.

type PkgExceptions

type PkgExceptions struct {
	PackageName           string   `json:"PackageName"`
	IgnoredFilesRegexList []string `json:"IgnoredFilesRegexList"`
	// contains filtered or unexported fields
}