Documentation ¶
Index ¶
- Constants
- Variables
- func Check(mainLicenseSpdxID string, config *ConfigDeps, weakCompatible bool) error
- func CheckWithMatrix(mainLicenseSpdxID string, matrix *CompatibilityMatrix, report *Report, ...) error
- func GenerateSummary(tpl *template.Template, head *header.ConfigHeader, rep *Report) (string, error)
- func GetLicenseFromURL(url string, config *ConfigDeps) string
- func ParseTemplate(f fs.FS, path string) (*template.Template, error)
- func Resolve(config *ConfigDeps, report *Report) error
- func SeemLicense(content string) bool
- type CargoMetadata
- type CargoPackage
- type CargoTomlResolver
- func (resolver *CargoTomlResolver) CanResolve(file string) bool
- func (resolver *CargoTomlResolver) Resolve(cargoTomlFile string, config *ConfigDeps, report *Report) error
- func (resolver *CargoTomlResolver) ResolvePackageLicense(config *ConfigDeps, pkg *CargoPackage, report *Report) error
- func (resolver *CargoTomlResolver) ResolvePackages(packages []CargoPackage, config *ConfigDeps, report *Report) error
- type CompatibilityMatrix
- type ConfigDepLicense
- type ConfigDeps
- type Dependency
- type Exclude
- type GoModResolver
- func (resolver *GoModResolver) CanResolve(file string) bool
- func (resolver *GoModResolver) Resolve(goModFile string, config *ConfigDeps, report *Report) error
- func (resolver *GoModResolver) ResolvePackageLicense(config *ConfigDeps, module *packages.Module, report *Report) error
- func (resolver *GoModResolver) ResolvePackages(modules []*packages.Module, config *ConfigDeps, report *Report) error
- type JarResolver
- func (resolver *JarResolver) CanResolve(jarFiles string) bool
- func (resolver *JarResolver) IdentifyLicense(config *ConfigDeps, path, dep, content, version string) (*Result, error)
- func (resolver *JarResolver) ReadFileFromZip(archiveFile *zip.File) (*bytes.Buffer, error)
- func (resolver *JarResolver) Resolve(jarFiles string, config *ConfigDeps, report *Report) error
- func (resolver *JarResolver) ResolveJar(config *ConfigDeps, state *State, jarFile, version string) (*Result, error)
- type Lcs
- type LicenseOperator
- type MavenPomResolver
- func (resolver *MavenPomResolver) CanResolve(mavenPomFile string) bool
- func (resolver *MavenPomResolver) CheckMVN() error
- func (resolver *MavenPomResolver) FindLocalRepository() error
- func (resolver *MavenPomResolver) FindMaven(execName string) error
- func (resolver *MavenPomResolver) LoadDependencies(config *ConfigDeps) ([]*Dependency, error)
- func (resolver *MavenPomResolver) ReadHeaderCommentsFromPom(pomFile string) (string, error)
- func (resolver *MavenPomResolver) ReadLicensesFromPom(pomFile string) (*PomFile, error)
- func (resolver *MavenPomResolver) Resolve(mavenPomFile string, config *ConfigDeps, report *Report) error
- func (resolver *MavenPomResolver) ResolveDependencies(deps []*Dependency, config *ConfigDeps, report *Report) error
- func (resolver *MavenPomResolver) ResolveDeps() error
- func (resolver *MavenPomResolver) ResolveLicense(config *ConfigDeps, state *State, dep *Dependency, report *Report) error
- func (resolver *MavenPomResolver) ResolveLicenseFromPom(config *ConfigDeps, state *State, dep *Dependency) (*Result, error)
- type NpmResolver
- func (resolver *NpmResolver) CanResolve(file string) bool
- func (resolver *NpmResolver) GetInstalledPkgs(pkgDir string) []*Package
- func (resolver *NpmResolver) InstallPkgs()
- func (resolver *NpmResolver) ListPkgPaths() (io.Reader, error)
- func (resolver *NpmResolver) NeedSkipInstallPkgs() bool
- func (resolver *NpmResolver) ParsePkgFile(pkgFile string) (*Package, error)
- func (resolver *NpmResolver) Resolve(pkgFile string, config *ConfigDeps, report *Report) error
- func (resolver *NpmResolver) ResolveLcsFile(result *Result, pkgPath string, config *ConfigDeps) error
- func (resolver *NpmResolver) ResolveLicenseField(rawData []byte) (string, bool)
- func (resolver *NpmResolver) ResolveLicensesField(licenses []Lcs) (string, bool)
- func (resolver *NpmResolver) ResolvePackageLicense(pkgName, pkgPath string, config *ConfigDeps) *Result
- func (resolver *NpmResolver) ResolvePkgFile(result *Result, pkgPath string, config *ConfigDeps) error
- type Package
- type PomFile
- type Report
- type Resolver
- type Result
- type SpdxID
- type State
- type SummaryRenderContext
- type SummaryRenderLicense
- type SummaryRenderLicenseGroup
- type XMLLicense
Constants ¶
const DefaultCoverageThreshold = 75
DefaultCoverageThreshold is the minimum percentage of the file that must contain license text for identifying a license. Reference: https://github.com/golang/pkgsite/blob/d43359e3a135fc391960db4f5800eb081d658412/internal/licenses/licenses.go#L48
const PkgFileName = "package.json"
const (
Unknown string = "Unknown"
)
Variables ¶
var Resolvers = []Resolver{ new(GoModResolver), new(NpmResolver), new(MavenPomResolver), new(JarResolver), new(CargoTomlResolver), }
Functions ¶
func CheckWithMatrix ¶ added in v0.4.0
func CheckWithMatrix(mainLicenseSpdxID string, matrix *CompatibilityMatrix, report *Report, weakCompatible bool) error
func GenerateSummary ¶ added in v0.3.0
func GenerateSummary(tpl *template.Template, head *header.ConfigHeader, rep *Report) (string, error)
GenerateSummary generate the summary content by template, license config and dependency report
func GetLicenseFromURL ¶
func GetLicenseFromURL(url string, config *ConfigDeps) string
func ParseTemplate ¶ added in v0.3.0
func Resolve ¶
func Resolve(config *ConfigDeps, report *Report) error
func SeemLicense ¶
SeemLicense determine whether the content of the file may be a license file
Types ¶
type CargoMetadata ¶ added in v0.4.0
type CargoMetadata struct {
Packages []CargoPackage `json:"packages"`
}
type CargoPackage ¶ added in v0.4.0
type CargoTomlResolver ¶ added in v0.4.0
type CargoTomlResolver struct {
Resolver
}
func (*CargoTomlResolver) CanResolve ¶ added in v0.4.0
func (resolver *CargoTomlResolver) CanResolve(file string) bool
func (*CargoTomlResolver) Resolve ¶ added in v0.4.0
func (resolver *CargoTomlResolver) Resolve(cargoTomlFile string, config *ConfigDeps, report *Report) error
Resolve resolves licenses of all dependencies declared in the Cargo.toml file.
func (*CargoTomlResolver) ResolvePackageLicense ¶ added in v0.4.0
func (resolver *CargoTomlResolver) ResolvePackageLicense(config *ConfigDeps, pkg *CargoPackage, report *Report) error
ResolvePackageLicense resolve the package license. The CargoPackage.LicenseFile is generally used for non-standard licenses and is ignored now.
func (*CargoTomlResolver) ResolvePackages ¶ added in v0.4.0
func (resolver *CargoTomlResolver) ResolvePackages(packages []CargoPackage, config *ConfigDeps, report *Report) error
ResolvePackages resolves the licenses of the given packages.
type CompatibilityMatrix ¶ added in v0.4.0
type ConfigDepLicense ¶ added in v0.3.0
type ConfigDeps ¶
type ConfigDeps struct { Threshold int `yaml:"threshold"` Files []string `yaml:"files"` Licenses []*ConfigDepLicense `yaml:"licenses"` Excludes []Exclude `yaml:"excludes"` }
func (*ConfigDeps) Finalize ¶
func (config *ConfigDeps) Finalize(configFile string) error
func (*ConfigDeps) GetUserConfiguredLicense ¶ added in v0.4.0
func (config *ConfigDeps) GetUserConfiguredLicense(name, version string) (string, bool)
func (*ConfigDeps) IsExcluded ¶ added in v0.4.0
func (config *ConfigDeps) IsExcluded(name, version string) (exclude, recursive bool)
type Dependency ¶
type Dependency struct {
GroupID, ArtifactID, Version, Packaging, Scope string
TransitiveDeps []*Dependency
}
func LoadDependencies ¶
func LoadDependencies(data []byte, config *ConfigDeps) []*Dependency
func LoadDependenciesTree ¶
func LoadDependenciesTree(data []byte) []*Dependency
func (*Dependency) Clone ¶
func (dep *Dependency) Clone() *Dependency
func (*Dependency) Count ¶
func (dep *Dependency) Count() int
func (*Dependency) Jar ¶
func (dep *Dependency) Jar() string
func (*Dependency) Name ¶ added in v0.4.0
func (dep *Dependency) Name() string
func (*Dependency) Path ¶
func (dep *Dependency) Path() string
func (*Dependency) Pom ¶
func (dep *Dependency) Pom() string
type GoModResolver ¶
type GoModResolver struct {
Resolver
}
func (*GoModResolver) CanResolve ¶
func (resolver *GoModResolver) CanResolve(file string) bool
func (*GoModResolver) Resolve ¶
func (resolver *GoModResolver) Resolve(goModFile string, config *ConfigDeps, report *Report) error
Resolve resolves licenses of all dependencies declared in the go.mod file.
func (*GoModResolver) ResolvePackageLicense ¶
func (resolver *GoModResolver) ResolvePackageLicense(config *ConfigDeps, module *packages.Module, report *Report) error
func (*GoModResolver) ResolvePackages ¶
func (resolver *GoModResolver) ResolvePackages(modules []*packages.Module, config *ConfigDeps, report *Report) error
ResolvePackages resolves the licenses of the given packages.
type JarResolver ¶
type JarResolver struct{}
func (*JarResolver) CanResolve ¶
func (resolver *JarResolver) CanResolve(jarFiles string) bool
func (*JarResolver) IdentifyLicense ¶
func (resolver *JarResolver) IdentifyLicense(config *ConfigDeps, path, dep, content, version string) (*Result, error)
func (*JarResolver) ReadFileFromZip ¶
func (*JarResolver) Resolve ¶
func (resolver *JarResolver) Resolve(jarFiles string, config *ConfigDeps, report *Report) error
func (*JarResolver) ResolveJar ¶
func (resolver *JarResolver) ResolveJar(config *ConfigDeps, state *State, jarFile, version string) (*Result, error)
type LicenseOperator ¶ added in v0.4.0
type LicenseOperator int
const ( LicenseOperatorNone LicenseOperator = iota LicenseOperatorAND LicenseOperatorOR LicenseOperatorWITH )
type MavenPomResolver ¶
type MavenPomResolver struct { JarResolver // contains filtered or unexported fields }
func (*MavenPomResolver) CanResolve ¶
func (resolver *MavenPomResolver) CanResolve(mavenPomFile string) bool
CanResolve determine whether the file can be resolve by name of the file
func (*MavenPomResolver) CheckMVN ¶
func (resolver *MavenPomResolver) CheckMVN() error
CheckMVN check available maven tools, find local repositories and download all dependencies
func (*MavenPomResolver) FindLocalRepository ¶
func (resolver *MavenPomResolver) FindLocalRepository() error
func (*MavenPomResolver) FindMaven ¶
func (resolver *MavenPomResolver) FindMaven(execName string) error
func (*MavenPomResolver) LoadDependencies ¶
func (resolver *MavenPomResolver) LoadDependencies(config *ConfigDeps) ([]*Dependency, error)
func (*MavenPomResolver) ReadHeaderCommentsFromPom ¶
func (resolver *MavenPomResolver) ReadHeaderCommentsFromPom(pomFile string) (string, error)
func (*MavenPomResolver) ReadLicensesFromPom ¶
func (resolver *MavenPomResolver) ReadLicensesFromPom(pomFile string) (*PomFile, error)
func (*MavenPomResolver) Resolve ¶
func (resolver *MavenPomResolver) Resolve(mavenPomFile string, config *ConfigDeps, report *Report) error
Resolve resolves licenses of all dependencies declared in the pom.xml file.
func (*MavenPomResolver) ResolveDependencies ¶
func (resolver *MavenPomResolver) ResolveDependencies(deps []*Dependency, config *ConfigDeps, report *Report) error
ResolveDependencies resolves the licenses of the given dependencies
func (*MavenPomResolver) ResolveDeps ¶ added in v0.5.0
func (resolver *MavenPomResolver) ResolveDeps() error
func (*MavenPomResolver) ResolveLicense ¶
func (resolver *MavenPomResolver) ResolveLicense(config *ConfigDeps, state *State, dep *Dependency, report *Report) error
ResolveLicense search all possible locations of the license, such as pom file, jar package
func (*MavenPomResolver) ResolveLicenseFromPom ¶
func (resolver *MavenPomResolver) ResolveLicenseFromPom(config *ConfigDeps, state *State, dep *Dependency) (*Result, error)
ResolveLicenseFromPom search for license in the pom file, which may appear in the header comments or in license element of xml
type NpmResolver ¶
type NpmResolver struct {
Resolver
}
func (*NpmResolver) CanResolve ¶
func (resolver *NpmResolver) CanResolve(file string) bool
CanResolve checks whether the given file is the npm package file
func (*NpmResolver) GetInstalledPkgs ¶
func (resolver *NpmResolver) GetInstalledPkgs(pkgDir string) []*Package
GetInstalledPkgs gathers all the installed packages' names and paths it uses a package directory's relative path from the node_modules directory, to infer its package name
func (*NpmResolver) InstallPkgs ¶
func (resolver *NpmResolver) InstallPkgs()
InstallPkgs runs command 'npm ci' to install node packages, using `npm ci` instead of `npm install` to ensure the reproducible builds. See https://blog.npmjs.org/post/171556855892/introducing-npm-ci-for-faster-more-reliable
func (*NpmResolver) ListPkgPaths ¶
func (resolver *NpmResolver) ListPkgPaths() (io.Reader, error)
ListPkgPaths runs npm command to list all the production only packages' absolute paths, one path per line Note that although the flag `--long` can show more information line like a package's name, its realization and printing format is not uniform in different npm-cli versions
func (*NpmResolver) NeedSkipInstallPkgs ¶
func (resolver *NpmResolver) NeedSkipInstallPkgs() bool
NeedSkipInstallPkgs queries whether to skip the procedure of installing or updating packages
func (*NpmResolver) ParsePkgFile ¶
func (resolver *NpmResolver) ParsePkgFile(pkgFile string) (*Package, error)
ParsePkgFile parses the content of the package file
func (*NpmResolver) Resolve ¶
func (resolver *NpmResolver) Resolve(pkgFile string, config *ConfigDeps, report *Report) error
Resolve resolves licenses of all dependencies declared in the package.json file.
func (*NpmResolver) ResolveLcsFile ¶
func (resolver *NpmResolver) ResolveLcsFile(result *Result, pkgPath string, config *ConfigDeps) error
ResolveLcsFile tries to find the license file to identify the license
func (*NpmResolver) ResolveLicenseField ¶
func (resolver *NpmResolver) ResolveLicenseField(rawData []byte) (string, bool)
ResolveLicenseField parses and validates the "license" field in package.json file
func (*NpmResolver) ResolveLicensesField ¶
func (resolver *NpmResolver) ResolveLicensesField(licenses []Lcs) (string, bool)
ResolveLicensesField parses and validates the "licenses" field in package.json file Additionally, the output is converted into the SPDX license expression syntax version 2.0 string, like "ISC OR GPL-3.0"
func (*NpmResolver) ResolvePackageLicense ¶
func (resolver *NpmResolver) ResolvePackageLicense(pkgName, pkgPath string, config *ConfigDeps) *Result
ResolvePackageLicense resolves the licenses of the given packages. First, try to find and parse the package's package.json file to check the license file If the previous step fails, then try to identify the package's LICENSE file It's a necessary procedure to check the LICENSE file, because the resolver needs to record the license content
func (*NpmResolver) ResolvePkgFile ¶
func (resolver *NpmResolver) ResolvePkgFile(result *Result, pkgPath string, config *ConfigDeps) error
ResolvePkgFile tries to find and parse the package.json file to capture the license field
type Package ¶
type Package struct { Name string `json:"name"` License json.RawMessage `json:"license"` Licenses []Lcs `json:"licenses"` Path string `json:"-"` Version string `json:"version"` }
Package represents package.json License field has inconsistent styles, so we just store the byte array here to postpone unmarshalling
type PomFile ¶
type PomFile struct { XMLName xml.Name `xml:"project"` Licenses []*XMLLicense `xml:"licenses>license,omitempty"` }
PomFile is used to extract license from the pom.xml file
func (*PomFile) AllLicenses ¶
func (pom *PomFile) AllLicenses(config *ConfigDeps) string
AllLicenses return all licenses found in pom.xml file
type Report ¶
Report is a collection of resolved Result.
type Result ¶
type Result struct { Dependency string LicenseFilePath string LicenseContent string LicenseSpdxID string ResolveErrors []error Version string }
Result is a single item that represents a resolved dependency license.
type SummaryRenderContext ¶ added in v0.3.0
type SummaryRenderContext struct { LicenseContent string // Current project license content Groups []*SummaryRenderLicenseGroup // All dependency license groups }
type SummaryRenderLicense ¶ added in v0.3.0
type SummaryRenderLicenseGroup ¶ added in v0.3.0
type SummaryRenderLicenseGroup struct { LicenseID string // Aggregate all same license ID dependencies Deps []*SummaryRenderLicense // Same license ID dependencies }
type XMLLicense ¶
type XMLLicense struct { Name string `xml:"name,omitempty"` URL string `xml:"url,omitempty"` Distribution string `xml:"distribution,omitempty"` Comments string `xml:"comments,omitempty"` }
func (*XMLLicense) Item ¶
func (l *XMLLicense) Item(config *ConfigDeps) string
func (*XMLLicense) Raw ¶
func (l *XMLLicense) Raw() string