From d584f457dbbe86d9d2da3a21f2c132206d3d2e21 Mon Sep 17 00:00:00 2001 From: Jono Yang Date: Wed, 16 Feb 2022 17:34:15 -0800 Subject: [PATCH 01/11] Create new license clarity scoring #2861 Signed-off-by: Jono Yang --- setup.cfg | 1 + src/summarycode/score2.py | 264 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 265 insertions(+) create mode 100644 src/summarycode/score2.py diff --git a/setup.cfg b/setup.cfg index 5f88b4a1ff9..db0e2a8656a 100644 --- a/setup.cfg +++ b/setup.cfg @@ -170,6 +170,7 @@ scancode_post_scan = summary-key-files = summarycode.summarizer:ScanKeyFilesSummary summary-by-facet = summarycode.summarizer:ScanByFacetSummary license-clarity-score = summarycode.score:LicenseClarityScore + license-clarity-score-2 = summarycode.score2:LicenseClarityScore2 license-policy = licensedcode.plugin_license_policy:LicensePolicy mark-source = scancode.plugin_mark_source:MarkSource classify-package = summarycode.classify:PackageTopAndKeyFilesTagger diff --git a/src/summarycode/score2.py b/src/summarycode/score2.py new file mode 100644 index 00000000000..d25c21868d0 --- /dev/null +++ b/src/summarycode/score2.py @@ -0,0 +1,264 @@ +# +# Copyright (c) nexB Inc. and others. All rights reserved. +# ScanCode is a trademark of nexB Inc. +# SPDX-License-Identifier: Apache-2.0 +# See http://www.apache.org/licenses/LICENSE-2.0 for the license text. +# See https://github.com/nexB/scancode-toolkit for support or download. +# See https://aboutcode.org for more information about nexB OSS projects. +# + +from itertools import chain + +import attr +from license_expression import Licensing + +from commoncode.datautils import Mapping +from licensedcode.cache import get_licenses_db +from licensedcode import models +from plugincode.post_scan import PostScanPlugin +from plugincode.post_scan import post_scan_impl +from commoncode.cliutils import PluggableCommandLineOption +from commoncode.cliutils import POST_SCAN_GROUP +from summarycode import facet + + +# Tracing flags +TRACE = False + + +def logger_debug(*args): + pass + + +if TRACE: + import logging + import sys + + logger = logging.getLogger(__name__) + logging.basicConfig(stream=sys.stdout) + logger.setLevel(logging.DEBUG) + + def logger_debug(*args): + return logger.debug(' '.join(isinstance(a, str) and a or repr(a) for a in args)) + +""" +A plugin to compute a licensing clarity score as designed in ClearlyDefined +""" + + +# minimum score to consider a license detection as good. + +# MIN_GOOD_LICENSE_SCORE = 80 + +@attr.s(slots=True) +class LicenseFilter(object): + min_score = attr.ib(default=0) + min_coverage = attr.ib(default=0) + min_relevance = attr.ib(default=0) + + +FILTERS = dict( + is_license_text=LicenseFilter(min_score=70, min_coverage=80), + is_license_notice=LicenseFilter(min_score=80, min_coverage=80), + is_license_tag=LicenseFilter(min_coverage=100), + is_license_reference=LicenseFilter(min_score=50, min_coverage=100), + is_license_intro=LicenseFilter(min_score=100, min_coverage=100), +) + + +def is_good_license(detected_license): + """ + Return True if a `detected license` mapping is consider to a high quality + conclusive match. + """ + score = detected_license['score'] + rule = detected_license['matched_rule'] + coverage = rule.get('match_coverage') or 0 + relevance = rule.get('rule_relevance') or 0 + match_types = dict([ + ('is_license_text', rule['is_license_text']), + ('is_license_notice', rule['is_license_notice']), + ('is_license_reference', rule['is_license_reference']), + ('is_license_tag', rule['is_license_tag']), + ('is_license_intro', rule['is_license_intro']), + ]) + matched = False + for match_type, mval in match_types.items(): + if mval: + matched = True + break + if not matched: + return False + + thresholds = FILTERS[match_type] + + if not coverage or not relevance: + if score >= thresholds.min_score: + return True + else: + if (score >= thresholds.min_score + and coverage >= thresholds.min_coverage + and relevance >= thresholds.min_relevance): + return True + + return False + + +@post_scan_impl +class LicenseClarityScore2(PostScanPlugin): + """ + Compute a License clarity score at the codebase level. + """ + codebase_attributes = dict(license_clarity_score=Mapping( + help='Computed license clarity score as mapping containing the score ' + 'proper and each scoring elements.')) + + sort_order = 110 + + options = [ + PluggableCommandLineOption(('--license-clarity-score-2',), + is_flag=True, + default=False, + help='Compute a summary license clarity score at the codebase level.', + help_group=POST_SCAN_GROUP, + required_options=[ + 'classify', + ], + ) + ] + + def is_enabled(self, license_clarity_score_2, **kwargs): + return license_clarity_score_2 + + def process_codebase(self, codebase, license_clarity_score_2, **kwargs): + if TRACE: + logger_debug('LicenseClarityScore2:process_codebase') + scoring_elements = compute_license_score(codebase) + codebase.attributes.license_clarity_score.update(scoring_elements) + + +def compute_license_score(codebase): + """ + Return a mapping of scoring elements and a license clarity score computed at + the codebase level. + """ + + score = 0 + scoring_elements = dict(score=score) + + for element in SCORING_ELEMENTS: + element_score = element.scorer(codebase) + if element.is_binary: + scoring_elements[element.name] = bool(element_score) + element_score = 1 if element_score else 0 + else: + scoring_elements[element.name] = round(element_score, 2) or 0 + + score += int(element_score * element.weight) + if TRACE: + logger_debug( + 'compute_license_score: element:', element, 'element_score: ', + element_score, ' new score:', score) + + scoring_elements['score'] = score or 0 + return scoring_elements + + +def get_declared_license_keys_in_key_files_from_top_level_dir(codebase): + """ + Return a list of "declared" license keys from the expressions as detected in + key files from top-level directories. + + A project has specific key file(s) at the top level of its code hierarchy + such as LICENSE, NOTICE or similar (and/or a package manifest) containing + structured license information such as an SPDX license expression or SPDX + license identifier: when such a file contains "clearly defined" declared + license information, we return this. + """ + declared = [] + for resource in codebase.walk(topdown=True): + if not (resource.is_dir and resource.is_top_level): + continue + for child in resource.walk(codebase): + if not child.is_key_file: + continue + for detected_license in getattr(child, 'licenses', []) or []: + if not is_good_license(detected_license): + declared.append('unknown') + else: + declared.append(detected_license['key']) + return declared + + +def get_license_text_from_key_files(codebase): + """ + Return a list of license keys that were detected from license text. + """ + license_keys_with_text = [] + for resource in codebase.walk(topdown=True): + if not (resource.is_dir and resource.is_top_level): + continue + for child in resource.walk(codebase): + if not child.is_key_file: + continue + for detected_license in getattr(child, 'licenses', []) or []: + matched_rule = detected_license.get('matched_rule', {}) + is_license_text = matched_rule.get('is_license_text') + if not is_license_text: + continue + license_keys_with_text.append(detected_license['key']) + return license_keys_with_text + + +def get_copyrights_from_key_files(codebase): + """ + Return a list of copyright statements from key files + """ + copyright_statements = [] + for resource in codebase.walk(topdown=True): + if not (resource.is_dir and resource.is_top_level): + continue + for child in resource.walk(codebase): + if not child.is_key_file: + continue + for detected_copyright in getattr(child, 'copyrights', []) or []: + copyright_statement = detected_copyright.get('copyright') + if copyright_statement: + copyright_statements.append(copyright_statement) + return copyright_statements + + +@attr.s +class ScoringElement(object): + is_binary = attr.ib() + name = attr.ib() + scorer = attr.ib() + weight = attr.ib() + + +declared = ScoringElement( + is_binary=True, + name='declared', + scorer=get_declared_license_keys_in_key_files_from_top_level_dir, + weight=40) + + +license_text = ScoringElement( + is_binary=True, + name='license_text', + scorer=get_license_text_from_key_files, + weight=10) + + +copyrights = ScoringElement( + is_binary=True, + name='copyrights', + scorer=get_copyrights_from_key_files, + weight=10) + + +SCORING_ELEMENTS = [ + declared, + license_text, + copyrights, +] From b2f7a3a00fd183479715ed754b74e4d77aeef301 Mon Sep 17 00:00:00 2001 From: Jono Yang Date: Fri, 18 Feb 2022 12:03:50 -0800 Subject: [PATCH 02/11] Replace previous scoring mechanism #2861 Signed-off-by: Jono Yang --- src/summarycode/score2.py | 226 ++++++++++++++++++++------------------ 1 file changed, 118 insertions(+), 108 deletions(-) diff --git a/src/summarycode/score2.py b/src/summarycode/score2.py index d25c21868d0..077e8d2a85a 100644 --- a/src/summarycode/score2.py +++ b/src/summarycode/score2.py @@ -7,19 +7,13 @@ # See https://aboutcode.org for more information about nexB OSS projects. # -from itertools import chain - import attr -from license_expression import Licensing from commoncode.datautils import Mapping -from licensedcode.cache import get_licenses_db -from licensedcode import models from plugincode.post_scan import PostScanPlugin from plugincode.post_scan import post_scan_impl from commoncode.cliutils import PluggableCommandLineOption from commoncode.cliutils import POST_SCAN_GROUP -from summarycode import facet # Tracing flags @@ -41,15 +35,81 @@ def logger_debug(*args): def logger_debug(*args): return logger.debug(' '.join(isinstance(a, str) and a or repr(a) for a in args)) + """ A plugin to compute a licensing clarity score as designed in ClearlyDefined """ +@post_scan_impl +class LicenseClarityScore2(PostScanPlugin): + """ + Compute a License clarity score at the codebase level. + """ + codebase_attributes = dict(license_clarity_score=Mapping( + help='Computed license clarity score as mapping containing the score ' + 'proper and each scoring elements.')) + + sort_order = 110 + + options = [ + PluggableCommandLineOption(('--license-clarity-score-2',), + is_flag=True, + default=False, + help='Compute a summary license clarity score at the codebase level.', + help_group=POST_SCAN_GROUP, + required_options=[ + 'classify', + ], + ) + ] + + def is_enabled(self, license_clarity_score_2, **kwargs): + return license_clarity_score_2 + + def process_codebase(self, codebase, license_clarity_score_2, **kwargs): + if TRACE: + logger_debug('LicenseClarityScore2:process_codebase') + score = calculate(codebase) + codebase.attributes.license_clarity_score['score'] = score + + +def calculate(codebase): + """ + Return a score for how well a codebase defined it's license + """ + score = 0 + declared_licenses = get_declared_license_info_in_key_files_from_top_level_dir(codebase) + declared_license_categories = get_license_categories(declared_licenses) + copyrights = get_copyrights_from_key_files(codebase) + other_licenses = get_other_licenses(codebase) + + if declared_licenses: + score += 40 + + if check_declared_licenses(declared_licenses): + score += 40 + + if check_for_license_texts(declared_licenses): + score += 10 + + if copyrights: + score += 10 + + is_permissively_licensed = 'Copyleft' not in declared_license_categories + if is_permissively_licensed: + contains_copyleft_licenses = check_for_copyleft(other_licenses) + if contains_copyleft_licenses: + score -= 20 + + return score + + # minimum score to consider a license detection as good. # MIN_GOOD_LICENSE_SCORE = 80 + @attr.s(slots=True) class LicenseFilter(object): min_score = attr.ib(default=0) @@ -104,67 +164,7 @@ def is_good_license(detected_license): return False -@post_scan_impl -class LicenseClarityScore2(PostScanPlugin): - """ - Compute a License clarity score at the codebase level. - """ - codebase_attributes = dict(license_clarity_score=Mapping( - help='Computed license clarity score as mapping containing the score ' - 'proper and each scoring elements.')) - - sort_order = 110 - - options = [ - PluggableCommandLineOption(('--license-clarity-score-2',), - is_flag=True, - default=False, - help='Compute a summary license clarity score at the codebase level.', - help_group=POST_SCAN_GROUP, - required_options=[ - 'classify', - ], - ) - ] - - def is_enabled(self, license_clarity_score_2, **kwargs): - return license_clarity_score_2 - - def process_codebase(self, codebase, license_clarity_score_2, **kwargs): - if TRACE: - logger_debug('LicenseClarityScore2:process_codebase') - scoring_elements = compute_license_score(codebase) - codebase.attributes.license_clarity_score.update(scoring_elements) - - -def compute_license_score(codebase): - """ - Return a mapping of scoring elements and a license clarity score computed at - the codebase level. - """ - - score = 0 - scoring_elements = dict(score=score) - - for element in SCORING_ELEMENTS: - element_score = element.scorer(codebase) - if element.is_binary: - scoring_elements[element.name] = bool(element_score) - element_score = 1 if element_score else 0 - else: - scoring_elements[element.name] = round(element_score, 2) or 0 - - score += int(element_score * element.weight) - if TRACE: - logger_debug( - 'compute_license_score: element:', element, 'element_score: ', - element_score, ' new score:', score) - - scoring_elements['score'] = score or 0 - return scoring_elements - - -def get_declared_license_keys_in_key_files_from_top_level_dir(codebase): +def get_declared_license_info_in_key_files_from_top_level_dir(codebase): """ Return a list of "declared" license keys from the expressions as detected in key files from top-level directories. @@ -183,36 +183,29 @@ def get_declared_license_keys_in_key_files_from_top_level_dir(codebase): if not child.is_key_file: continue for detected_license in getattr(child, 'licenses', []) or []: - if not is_good_license(detected_license): - declared.append('unknown') - else: - declared.append(detected_license['key']) + declared.append(detected_license) return declared -def get_license_text_from_key_files(codebase): +def get_other_licenses(codebase): """ - Return a list of license keys that were detected from license text. + Return a list of detected licenses from non-key files under a top-level directory """ - license_keys_with_text = [] + other_licenses = [] for resource in codebase.walk(topdown=True): if not (resource.is_dir and resource.is_top_level): continue for child in resource.walk(codebase): - if not child.is_key_file: + if child.is_key_file: continue for detected_license in getattr(child, 'licenses', []) or []: - matched_rule = detected_license.get('matched_rule', {}) - is_license_text = matched_rule.get('is_license_text') - if not is_license_text: - continue - license_keys_with_text.append(detected_license['key']) - return license_keys_with_text + other_licenses.append(detected_license) + return other_licenses def get_copyrights_from_key_files(codebase): """ - Return a list of copyright statements from key files + Return a list of copyright statements from key files from a top-level directory """ copyright_statements = [] for resource in codebase.walk(topdown=True): @@ -228,37 +221,54 @@ def get_copyrights_from_key_files(codebase): return copyright_statements -@attr.s -class ScoringElement(object): - is_binary = attr.ib() - name = attr.ib() - scorer = attr.ib() - weight = attr.ib() +def get_license_categories(license_infos): + """ + Return a list of license category strings from `license_infos` + """ + license_categories = [] + for license_info in license_infos: + category = license_info.get('category', '') + if category not in license_categories: + license_categories.append(category) + return license_categories + +def check_for_license_texts(declared_licenses): + """ + Check if any license in `declared_licenses` is from a license text or notice. -declared = ScoringElement( - is_binary=True, - name='declared', - scorer=get_declared_license_keys_in_key_files_from_top_level_dir, - weight=40) + If so, return True. Otherwise, return False. + """ + for declared_license in declared_licenses: + matched_rule = declared_license.get('matched_rule', {}) + if any([ + matched_rule.get('is_license_text', False), + matched_rule.get('is_license_notice', False), + ]): + return True + return False -license_text = ScoringElement( - is_binary=True, - name='license_text', - scorer=get_license_text_from_key_files, - weight=10) +def check_declared_licenses(declared_licenses): + """ + Check whether or not all the licenses in `declared_licenses` are good. + If so, return True. Otherwise, return False. + """ + return all( + is_good_license(declared_license) + for declared_license + in declared_licenses + ) -copyrights = ScoringElement( - is_binary=True, - name='copyrights', - scorer=get_copyrights_from_key_files, - weight=10) +def check_for_copyleft(other_licenses): + """ + Check if there is a copyleft license in `other_licenses`. -SCORING_ELEMENTS = [ - declared, - license_text, - copyrights, -] + If so, return True. Otherwise, return False. + """ + for license_info in other_licenses: + if license_info.get('category', '') in ('Copyleft',): + return True + return False From e67f4dd3826d570bf783e0775675f2ce08c7c347 Mon Sep 17 00:00:00 2001 From: Jono Yang Date: Fri, 18 Feb 2022 17:37:41 -0800 Subject: [PATCH 03/11] Check for ambigous compound licensing #2861 * Show boolean flags in scoring_elements to show what license judgement criteria was used Signed-off-by: Jono Yang --- src/summarycode/score2.py | 104 +++++++++++++++++++++++++++++++++----- 1 file changed, 90 insertions(+), 14 deletions(-) diff --git a/src/summarycode/score2.py b/src/summarycode/score2.py index 077e8d2a85a..af6585f568d 100644 --- a/src/summarycode/score2.py +++ b/src/summarycode/score2.py @@ -70,39 +70,92 @@ def is_enabled(self, license_clarity_score_2, **kwargs): def process_codebase(self, codebase, license_clarity_score_2, **kwargs): if TRACE: logger_debug('LicenseClarityScore2:process_codebase') - score = calculate(codebase) - codebase.attributes.license_clarity_score['score'] = score + scoring_elements = compute_license_score(codebase) + codebase.attributes.license_clarity_score.update(scoring_elements) -def calculate(codebase): +def compute_license_score(codebase): """ - Return a score for how well a codebase defined it's license + Return a mapping of scoring elements and a license clarity score computed at + the codebase level. """ + score = 0 - declared_licenses = get_declared_license_info_in_key_files_from_top_level_dir(codebase) + scoring_elements = {'score': score} + declared_licenses = get_declared_license_info_from_top_level_key_files(codebase) + declared_license_expressions = get_declared_license_expressions_from_top_level_key_files(codebase) declared_license_categories = get_license_categories(declared_licenses) copyrights = get_copyrights_from_key_files(codebase) other_licenses = get_other_licenses(codebase) + scoring_elements['declared_license'] = bool(declared_licenses) if declared_licenses: - score += 40 + scoring_elements['score'] += 40 - if check_declared_licenses(declared_licenses): - score += 40 + precise_license_detection = check_declared_licenses(declared_licenses) + scoring_elements['precise_license_detection'] = precise_license_detection + if precise_license_detection: + scoring_elements['score'] += 40 - if check_for_license_texts(declared_licenses): - score += 10 + has_license_text = check_for_license_texts(declared_licenses) + scoring_elements['has_license_text'] = has_license_text + if has_license_text: + scoring_elements['score'] += 10 + scoring_elements['declared_copyrights'] = bool(copyrights) if copyrights: - score += 10 + scoring_elements['score'] += 10 is_permissively_licensed = 'Copyleft' not in declared_license_categories if is_permissively_licensed: contains_copyleft_licenses = check_for_copyleft(other_licenses) + scoring_elements['conflicting_license_categories'] = contains_copyleft_licenses if contains_copyleft_licenses: - score -= 20 + scoring_elements['score'] -= 20 + + ambigous_compound_licensing = check_ambiguous_license_expression(declared_license_expressions) + scoring_elements['ambigous_compound_licensing'] = ambigous_compound_licensing + if ambigous_compound_licensing: + scoring_elements['score'] -= 10 - return score + return scoring_elements + + +def check_ambiguous_license_expression(declared_license_expressions): + unique_declared_license_expressions = set(declared_license_expressions) + if len(unique_declared_license_expressions) == 1: + return False + + joined_expressions = [] + single_expressions = [] + for declared_license_expression in declared_license_expressions: + if ( + 'AND' in declared_license_expression + or 'OR' in declared_license_expression + or 'WITH' in declared_license_expression + ): + joined_expressions.append(declared_license_expression) + else: + single_expressions.append(declared_license_expression) + + single_expressions_by_joined_expressions = { + joined_expression: [] + for joined_expression + in joined_expressions + } + not_in_joined_expressions = [] + # check to see if the single expression is in the joined expression + for joined_expression in joined_expressions: + for expression in single_expressions: + if expression not in joined_expression: + not_in_joined_expressions.append(expression) + else: + single_expressions_by_joined_expressions[joined_expression].append(expression) + + if len(single_expressions_by_joined_expressions) == 1 and not not_in_joined_expressions: + return False + else: + return True # minimum score to consider a license detection as good. @@ -164,7 +217,7 @@ def is_good_license(detected_license): return False -def get_declared_license_info_in_key_files_from_top_level_dir(codebase): +def get_declared_license_info_from_top_level_key_files(codebase): """ Return a list of "declared" license keys from the expressions as detected in key files from top-level directories. @@ -187,6 +240,29 @@ def get_declared_license_info_in_key_files_from_top_level_dir(codebase): return declared +def get_declared_license_expressions_from_top_level_key_files(codebase): + """ + Return a list of "declared" license expressions as detected in key files + from top-level directories. + + A project has specific key file(s) at the top level of its code hierarchy + such as LICENSE, NOTICE or similar (and/or a package manifest) containing + structured license information such as an SPDX license expression or SPDX + license identifier: when such a file contains "clearly defined" declared + license information, we return this. + """ + declared = [] + for resource in codebase.walk(topdown=True): + if not (resource.is_dir and resource.is_top_level): + continue + for child in resource.walk(codebase): + if not child.is_key_file: + continue + for detected_license_expression in getattr(child, 'license_expressions', []) or []: + declared.append(detected_license_expression) + return declared + + def get_other_licenses(codebase): """ Return a list of detected licenses from non-key files under a top-level directory From 0ff6bcb25f9c3fd6f4aeee10b40b75738fa123fe Mon Sep 17 00:00:00 2001 From: Jono Yang Date: Fri, 18 Feb 2022 18:53:06 -0800 Subject: [PATCH 04/11] Add tests for new license clarity scoring #2861 Signed-off-by: Jono Yang --- src/summarycode/score2.py | 5 + tests/scancode/data/help/help.txt | 74 ++-- .../data/score2/basic-expected.json | 328 ++++++++++++++ tests/summarycode/data/score2/basic/README.md | 37 ++ tests/summarycode/data/score2/basic/index.js | 74 ++++ .../data/score2/basic/package.json | 30 ++ ...consistent_licenses_copyleft-expected.json | 404 ++++++++++++++++++ .../inconsistent_licenses_copyleft/README.md | 37 ++ .../inconsistent_licenses_copyleft/index.js | 74 ++++ .../package.json | 30 ++ .../inconsistent_licenses_copyleft/util.js | 1 + .../no_license_or_copyright-expected.json | 181 ++++++++ .../score2/no_license_or_copyright/README.md | 16 + .../score2/no_license_or_copyright/index.js | 54 +++ .../no_license_or_copyright/package.json | 30 ++ .../data/score2/no_license_text-expected.json | 234 ++++++++++ .../data/score2/no_license_text/README.md | 18 + .../data/score2/no_license_text/index.js | 54 +++ .../data/score2/no_license_text/package.json | 30 ++ tests/summarycode/test_score2.py | 99 +++++ 20 files changed, 1775 insertions(+), 35 deletions(-) create mode 100644 tests/summarycode/data/score2/basic-expected.json create mode 100644 tests/summarycode/data/score2/basic/README.md create mode 100644 tests/summarycode/data/score2/basic/index.js create mode 100644 tests/summarycode/data/score2/basic/package.json create mode 100644 tests/summarycode/data/score2/inconsistent_licenses_copyleft-expected.json create mode 100644 tests/summarycode/data/score2/inconsistent_licenses_copyleft/README.md create mode 100644 tests/summarycode/data/score2/inconsistent_licenses_copyleft/index.js create mode 100644 tests/summarycode/data/score2/inconsistent_licenses_copyleft/package.json create mode 100644 tests/summarycode/data/score2/inconsistent_licenses_copyleft/util.js create mode 100644 tests/summarycode/data/score2/no_license_or_copyright-expected.json create mode 100644 tests/summarycode/data/score2/no_license_or_copyright/README.md create mode 100644 tests/summarycode/data/score2/no_license_or_copyright/index.js create mode 100644 tests/summarycode/data/score2/no_license_or_copyright/package.json create mode 100644 tests/summarycode/data/score2/no_license_text-expected.json create mode 100644 tests/summarycode/data/score2/no_license_text/README.md create mode 100644 tests/summarycode/data/score2/no_license_text/index.js create mode 100644 tests/summarycode/data/score2/no_license_text/package.json create mode 100644 tests/summarycode/test_score2.py diff --git a/src/summarycode/score2.py b/src/summarycode/score2.py index af6585f568d..ea7e98d353d 100644 --- a/src/summarycode/score2.py +++ b/src/summarycode/score2.py @@ -122,6 +122,9 @@ def compute_license_score(codebase): def check_ambiguous_license_expression(declared_license_expressions): + if not declared_license_expressions: + return False + unique_declared_license_expressions = set(declared_license_expressions) if len(unique_declared_license_expressions) == 1: return False @@ -331,6 +334,8 @@ def check_declared_licenses(declared_licenses): If so, return True. Otherwise, return False. """ + if not declared_licenses: + return False return all( is_good_license(declared_license) for declared_license diff --git a/tests/scancode/data/help/help.txt b/tests/scancode/data/help/help.txt index 350d7b25f62..ae661b46996 100644 --- a/tests/scancode/data/help/help.txt +++ b/tests/scancode/data/help/help.txt @@ -89,41 +89,45 @@ Options: . post-scan: - --consolidate Group resources by Packages or license and copyright - holder and return those groupings as a list of - consolidated packages and a list of consolidated - components. This requires the scan to have/be run - with the copyright, license, and package options - active - --filter-clues Filter redundant duplicated clues already contained - in detected license and copyright texts and notices. - --is-license-text Set the "is_license_text" flag to true for files that - contain mostly license texts and notices (e.g over - 90% of the content).[DEPRECATED] this is now built-in - in the --license-text option with a - "percentage_of_license_text" attribute. - --license-clarity-score Compute a summary license clarity score at the - codebase level. - --license-policy FILE Load a License Policy file and apply it to the scan - at the Resource level. - --licenses-reference Include a reference of all the licenses referenced in - this scan with the data details and full texts. - --mark-source Set the "is_source" to true for directories that - contain over 90% of source files as children and - descendants. Count the number of source files in a - directory as a new source_file_counts attribute - --summary Summarize license, copyright and other scans at the - codebase level. - --summary-by-facet Summarize license, copyright and other scans and - group the results by facet. - --summary-key-files Summarize license, copyright and other scans for key, - top-level files. Key files are top-level codebase - files such as COPYING, README and package manifests - as reported by the --classify option "is_legal", - "is_readme", "is_manifest" and "is_top_level" flags. - --summary-with-details Summarize license, copyright and other scans at the - codebase level, keeping intermediate details at the - file and directory level. + --consolidate Group resources by Packages or license and + copyright holder and return those groupings as a + list of consolidated packages and a list of + consolidated components. This requires the scan to + have/be run with the copyright, license, and + package options active + --filter-clues Filter redundant duplicated clues already contained + in detected license and copyright texts and + notices. + --is-license-text Set the "is_license_text" flag to true for files + that contain mostly license texts and notices (e.g + over 90% of the content).[DEPRECATED] this is now + built-in in the --license-text option with a + "percentage_of_license_text" attribute. + --license-clarity-score Compute a summary license clarity score at the + codebase level. + --license-clarity-score-2 Compute a summary license clarity score at the + codebase level. + --license-policy FILE Load a License Policy file and apply it to the scan + at the Resource level. + --licenses-reference Include a reference of all the licenses referenced + in this scan with the data details and full texts. + --mark-source Set the "is_source" to true for directories that + contain over 90% of source files as children and + descendants. Count the number of source files in a + directory as a new source_file_counts attribute + --summary Summarize license, copyright and other scans at the + codebase level. + --summary-by-facet Summarize license, copyright and other scans and + group the results by facet. + --summary-key-files Summarize license, copyright and other scans for + key, top-level files. Key files are top-level + codebase files such as COPYING, README and package + manifests as reported by the --classify option + "is_legal", "is_readme", "is_manifest" and + "is_top_level" flags. + --summary-with-details Summarize license, copyright and other scans at the + codebase level, keeping intermediate details at the + file and directory level. core: --timeout Stop an unfinished file scan after a timeout in diff --git a/tests/summarycode/data/score2/basic-expected.json b/tests/summarycode/data/score2/basic-expected.json new file mode 100644 index 00000000000..bb4717d38b5 --- /dev/null +++ b/tests/summarycode/data/score2/basic-expected.json @@ -0,0 +1,328 @@ +{ + "headers": [ + { + "tool_name": "scancode-toolkit", + "options": { + "input": "", + "--classify": true, + "--copyright": true, + "--info": true, + "--json": "", + "--license": true, + "--license-clarity-score-2": true + }, + "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", + "output_format_version": "2.0.0", + "message": null, + "errors": [], + "extra_data": { + "spdx_license_list_version": "3.16", + "files_count": 3 + } + } + ], + "license_clarity_score": { + "score": 100, + "declared_license": true, + "precise_license_detection": true, + "has_license_text": true, + "declared_copyrights": true, + "conflicting_license_categories": false, + "ambigous_compound_licensing": false + }, + "files": [ + { + "path": "basic", + "type": "directory", + "name": "basic", + "base_name": "basic", + "extension": "", + "size": 0, + "sha1": null, + "md5": null, + "sha256": null, + "mime_type": null, + "file_type": null, + "programming_language": null, + "is_binary": false, + "is_text": false, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 3, + "dirs_count": 0, + "size_count": 4286, + "scan_errors": [] + }, + { + "path": "basic/README.md", + "type": "file", + "name": "README.md", + "base_name": "README", + "extension": ".md", + "size": 1348, + "sha1": "f4399249b905c17338eb06776a7205d6f643d396", + "md5": "d897358d498fd2dbb1efedfa297fc0f3", + "sha256": "63940bc96c0feeef3b22b96d7d6a4873cdb7f12151ce3362967afdc7f8ec6698", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [ + { + "key": "mit", + "score": 100.0, + "name": "MIT License", + "short_name": "MIT License", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "MIT", + "homepage_url": "http://opensource.org/licenses/mit-license.php", + "text_url": "http://opensource.org/licenses/mit-license.php", + "reference_url": "https://scancode-licensedb.aboutcode.org/mit", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", + "spdx_license_key": "MIT", + "spdx_url": "https://spdx.org/licenses/MIT", + "start_line": 20, + "end_line": 37, + "matched_rule": { + "identifier": "mit.LICENSE", + "license_expression": "mit", + "licenses": [ + "mit" + ], + "referenced_filenames": [], + "is_license_text": true, + "is_license_notice": false, + "is_license_reference": false, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 161, + "matched_length": 161, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "mit" + ], + "percentage_of_license_text": 79.31, + "copyrights": [ + { + "copyright": "Copyright (c) Example, Inc.", + "start_line": 18, + "end_line": 18 + } + ], + "holders": [ + { + "holder": "Example, Inc.", + "start_line": 18, + "end_line": 18 + } + ], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": true, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "basic/index.js", + "type": "file", + "name": "index.js", + "base_name": "index", + "extension": ".js", + "size": 2109, + "sha1": "1ef59e75d33ed8b7b43548fd55843d894db4b910", + "md5": "1385905becfdfd8d777342fcb1242d83", + "sha256": "1780e44cd2317e04461131b34ea6fa5b1da4a571123c9a391ddc3b865c456298", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": "JavaScript", + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": true, + "is_script": false, + "licenses": [ + { + "key": "mit", + "score": 100.0, + "name": "MIT License", + "short_name": "MIT License", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "MIT", + "homepage_url": "http://opensource.org/licenses/mit-license.php", + "text_url": "http://opensource.org/licenses/mit-license.php", + "reference_url": "https://scancode-licensedb.aboutcode.org/mit", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", + "spdx_license_key": "MIT", + "spdx_url": "https://spdx.org/licenses/MIT", + "start_line": 2, + "end_line": 19, + "matched_rule": { + "identifier": "mit.LICENSE", + "license_expression": "mit", + "licenses": [ + "mit" + ], + "referenced_filenames": [], + "is_license_text": true, + "is_license_notice": false, + "is_license_reference": false, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 161, + "matched_length": 161, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "mit" + ], + "percentage_of_license_text": 64.4, + "copyrights": [ + { + "copyright": "Copyright (c) 2007 nexB Inc.", + "start_line": 1, + "end_line": 1 + } + ], + "holders": [ + { + "holder": "nexB Inc.", + "start_line": 1, + "end_line": 1 + } + ], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "basic/package.json", + "type": "file", + "name": "package.json", + "base_name": "package", + "extension": ".json", + "size": 829, + "sha1": "003103b742ebfb1e76e80d9fc05ab0b3046f2ab6", + "md5": "bd8911e2d8af0caa689f76b9975761fd", + "sha256": "d27968b827780212a965387f5ec3421ee59a0bf9166847629db0e716e6d2d9c3", + "mime_type": "application/json", + "file_type": "JSON data", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [ + { + "key": "mit", + "score": 100.0, + "name": "MIT License", + "short_name": "MIT License", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "MIT", + "homepage_url": "http://opensource.org/licenses/mit-license.php", + "text_url": "http://opensource.org/licenses/mit-license.php", + "reference_url": "https://scancode-licensedb.aboutcode.org/mit", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", + "spdx_license_key": "MIT", + "spdx_url": "https://spdx.org/licenses/MIT", + "start_line": 7, + "end_line": 7, + "matched_rule": { + "identifier": "mit_30.RULE", + "license_expression": "mit", + "licenses": [ + "mit" + ], + "referenced_filenames": [], + "is_license_text": false, + "is_license_notice": false, + "is_license_reference": false, + "is_license_tag": true, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 2, + "matched_length": 2, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "mit" + ], + "percentage_of_license_text": 1.83, + "copyrights": [], + "holders": [], + "authors": [ + { + "author": "Alexander Plavinski ", + "start_line": 6, + "end_line": 6 + } + ], + "is_legal": false, + "is_manifest": true, + "is_readme": false, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + } + ] +} \ No newline at end of file diff --git a/tests/summarycode/data/score2/basic/README.md b/tests/summarycode/data/score2/basic/README.md new file mode 100644 index 00000000000..f006181c3c3 --- /dev/null +++ b/tests/summarycode/data/score2/basic/README.md @@ -0,0 +1,37 @@ +# @invisionag/eslint-config-ivx + +# Usage + +Install the peer dependencies as development dependencies: +- `eslint^3.19.0` +- `prettier^1.5.2` + +Install `@invisionag/eslint-config-ivx` as a development dependency. + +In your `.eslintrc.js`: +```js +module.exports = { + extends: '@invisionag/ivx', +}; +``` + +Copyright (c) Example, Inc. + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/tests/summarycode/data/score2/basic/index.js b/tests/summarycode/data/score2/basic/index.js new file mode 100644 index 00000000000..b6127d64177 --- /dev/null +++ b/tests/summarycode/data/score2/basic/index.js @@ -0,0 +1,74 @@ +Copyright (c) 2007 nexB Inc. All right reserved +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +module.exports = { + extends: [ + 'airbnb', + 'prettier', + 'prettier/flowtype', + 'prettier/react', + 'plugin:flowtype/recommended', + ], + parser: 'babel-eslint', + plugins: ['prettier', 'flowtype', 'react-functional-set-state'], + env: { + browser: true, + node: true, + jest: true, + }, + rules: { + 'no-undef-init': 1, + 'react/sort-comp': [ + 1, + { + order: [ + 'type-annotations', + 'static-methods', + 'lifecycle', + 'everything-else', + 'render', + ], + groups: { + rendering: ['/^render.+$/', 'render'], + }, + }, + ], + 'react/jsx-filename-extension': [ + 1, + { + extensions: ['.js'], + }, + ], + 'react-functional-set-state/no-this-state-props': 2, + 'import/no-extraneous-dependencies': [ + 'error', + { + devDependencies: true, + }, + ], + 'prettier/prettier': [ + 'error', + { + trailingComma: 'all', + singleQuote: true, + }, + ], + }, +}; diff --git a/tests/summarycode/data/score2/basic/package.json b/tests/summarycode/data/score2/basic/package.json new file mode 100644 index 00000000000..f54d82ed9fa --- /dev/null +++ b/tests/summarycode/data/score2/basic/package.json @@ -0,0 +1,30 @@ +{ + "name": "@invisionag/eslint-config-ivx", + "version": "0.0.10", + "main": "index.js", + "repository": "https://github.com/ivx/eslint-config-ivx.git", + "author": "Alexander Plavinski ", + "license": "MIT", + "scripts": { + "test": "eslint ." + }, + "peerDependencies": { + "eslint": "^4.5.0", + "prettier": "^1.6.0" + }, + "dependencies": { + "babel-eslint": "^7.2.3", + "eslint-config-airbnb": "^15.1.0", + "eslint-config-prettier": "^2.3.0", + "eslint-plugin-flowtype": "^2.34.1", + "eslint-plugin-import": "^2.6.1", + "eslint-plugin-jsx-a11y": "^5.1.1", + "eslint-plugin-prettier": "^2.2.0", + "eslint-plugin-react": "^7.3.0", + "eslint-plugin-react-functional-set-state": "^1.0.1" + }, + "devDependencies": { + "eslint": "^4.5.0", + "prettier": "^1.6.0" + } +} diff --git a/tests/summarycode/data/score2/inconsistent_licenses_copyleft-expected.json b/tests/summarycode/data/score2/inconsistent_licenses_copyleft-expected.json new file mode 100644 index 00000000000..f5c00121604 --- /dev/null +++ b/tests/summarycode/data/score2/inconsistent_licenses_copyleft-expected.json @@ -0,0 +1,404 @@ +{ + "headers": [ + { + "tool_name": "scancode-toolkit", + "options": { + "input": "", + "--classify": true, + "--copyright": true, + "--info": true, + "--json": "", + "--license": true, + "--license-clarity-score-2": true + }, + "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", + "output_format_version": "2.0.0", + "message": null, + "errors": [], + "extra_data": { + "spdx_license_list_version": "3.16", + "files_count": 4 + } + } + ], + "license_clarity_score": { + "score": 80, + "declared_license": true, + "precise_license_detection": true, + "has_license_text": true, + "declared_copyrights": true, + "conflicting_license_categories": true, + "ambigous_compound_licensing": false + }, + "files": [ + { + "path": "inconsistent_licenses_copyleft", + "type": "directory", + "name": "inconsistent_licenses_copyleft", + "base_name": "inconsistent_licenses_copyleft", + "extension": "", + "size": 0, + "sha1": null, + "md5": null, + "sha256": null, + "mime_type": null, + "file_type": null, + "programming_language": null, + "is_binary": false, + "is_text": false, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 4, + "dirs_count": 0, + "size_count": 4331, + "scan_errors": [] + }, + { + "path": "inconsistent_licenses_copyleft/README.md", + "type": "file", + "name": "README.md", + "base_name": "README", + "extension": ".md", + "size": 1348, + "sha1": "f4399249b905c17338eb06776a7205d6f643d396", + "md5": "d897358d498fd2dbb1efedfa297fc0f3", + "sha256": "63940bc96c0feeef3b22b96d7d6a4873cdb7f12151ce3362967afdc7f8ec6698", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [ + { + "key": "mit", + "score": 100.0, + "name": "MIT License", + "short_name": "MIT License", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "MIT", + "homepage_url": "http://opensource.org/licenses/mit-license.php", + "text_url": "http://opensource.org/licenses/mit-license.php", + "reference_url": "https://scancode-licensedb.aboutcode.org/mit", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", + "spdx_license_key": "MIT", + "spdx_url": "https://spdx.org/licenses/MIT", + "start_line": 20, + "end_line": 37, + "matched_rule": { + "identifier": "mit.LICENSE", + "license_expression": "mit", + "licenses": [ + "mit" + ], + "referenced_filenames": [], + "is_license_text": true, + "is_license_notice": false, + "is_license_reference": false, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 161, + "matched_length": 161, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "mit" + ], + "percentage_of_license_text": 79.31, + "copyrights": [ + { + "copyright": "Copyright (c) Example, Inc.", + "start_line": 18, + "end_line": 18 + } + ], + "holders": [ + { + "holder": "Example, Inc.", + "start_line": 18, + "end_line": 18 + } + ], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": true, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "inconsistent_licenses_copyleft/index.js", + "type": "file", + "name": "index.js", + "base_name": "index", + "extension": ".js", + "size": 2109, + "sha1": "1ef59e75d33ed8b7b43548fd55843d894db4b910", + "md5": "1385905becfdfd8d777342fcb1242d83", + "sha256": "1780e44cd2317e04461131b34ea6fa5b1da4a571123c9a391ddc3b865c456298", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": "JavaScript", + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": true, + "is_script": false, + "licenses": [ + { + "key": "mit", + "score": 100.0, + "name": "MIT License", + "short_name": "MIT License", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "MIT", + "homepage_url": "http://opensource.org/licenses/mit-license.php", + "text_url": "http://opensource.org/licenses/mit-license.php", + "reference_url": "https://scancode-licensedb.aboutcode.org/mit", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", + "spdx_license_key": "MIT", + "spdx_url": "https://spdx.org/licenses/MIT", + "start_line": 2, + "end_line": 19, + "matched_rule": { + "identifier": "mit.LICENSE", + "license_expression": "mit", + "licenses": [ + "mit" + ], + "referenced_filenames": [], + "is_license_text": true, + "is_license_notice": false, + "is_license_reference": false, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 161, + "matched_length": 161, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "mit" + ], + "percentage_of_license_text": 64.4, + "copyrights": [ + { + "copyright": "Copyright (c) 2007 nexB Inc.", + "start_line": 1, + "end_line": 1 + } + ], + "holders": [ + { + "holder": "nexB Inc.", + "start_line": 1, + "end_line": 1 + } + ], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "inconsistent_licenses_copyleft/package.json", + "type": "file", + "name": "package.json", + "base_name": "package", + "extension": ".json", + "size": 829, + "sha1": "003103b742ebfb1e76e80d9fc05ab0b3046f2ab6", + "md5": "bd8911e2d8af0caa689f76b9975761fd", + "sha256": "d27968b827780212a965387f5ec3421ee59a0bf9166847629db0e716e6d2d9c3", + "mime_type": "application/json", + "file_type": "JSON data", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [ + { + "key": "mit", + "score": 100.0, + "name": "MIT License", + "short_name": "MIT License", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "MIT", + "homepage_url": "http://opensource.org/licenses/mit-license.php", + "text_url": "http://opensource.org/licenses/mit-license.php", + "reference_url": "https://scancode-licensedb.aboutcode.org/mit", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", + "spdx_license_key": "MIT", + "spdx_url": "https://spdx.org/licenses/MIT", + "start_line": 7, + "end_line": 7, + "matched_rule": { + "identifier": "mit_30.RULE", + "license_expression": "mit", + "licenses": [ + "mit" + ], + "referenced_filenames": [], + "is_license_text": false, + "is_license_notice": false, + "is_license_reference": false, + "is_license_tag": true, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 2, + "matched_length": 2, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "mit" + ], + "percentage_of_license_text": 1.83, + "copyrights": [], + "holders": [], + "authors": [ + { + "author": "Alexander Plavinski ", + "start_line": 6, + "end_line": 6 + } + ], + "is_legal": false, + "is_manifest": true, + "is_readme": false, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "inconsistent_licenses_copyleft/util.js", + "type": "file", + "name": "util.js", + "base_name": "util", + "extension": ".js", + "size": 45, + "sha1": "b5a76aa5d8949d6ddfc8ef41b0d4e459e3a32d0a", + "md5": "7226e442a172bcf25807246d7ef1eba1", + "sha256": "2daca237bc5b60e3b7ba984cccdd11927fccaa519ba6e0c0ff7dc812e19d8650", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": "JavaScript", + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": true, + "is_script": false, + "licenses": [ + { + "key": "gpl-2.0-plus", + "score": 100.0, + "name": "GNU General Public License 2.0 or later", + "short_name": "GPL 2.0 or later", + "category": "Copyleft", + "is_exception": false, + "is_unknown": false, + "owner": "Free Software Foundation (FSF)", + "homepage_url": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", + "text_url": "http://www.gnu.org/licenses/old-licenses/gpl-2.0-standalone.html", + "reference_url": "https://scancode-licensedb.aboutcode.org/gpl-2.0-plus", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/gpl-2.0-plus.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/gpl-2.0-plus.yml", + "spdx_license_key": "GPL-2.0-or-later", + "spdx_url": "https://spdx.org/licenses/GPL-2.0-or-later", + "start_line": 1, + "end_line": 1, + "matched_rule": { + "identifier": "spdx-license-identifier: gpl-2.0-plus", + "license_expression": "gpl-2.0-plus", + "licenses": [ + "gpl-2.0-plus" + ], + "referenced_filenames": [], + "is_license_text": false, + "is_license_notice": false, + "is_license_reference": false, + "is_license_tag": true, + "is_license_intro": false, + "has_unknown": false, + "matcher": "1-spdx-id", + "rule_length": 8, + "matched_length": 8, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "gpl-2.0-plus" + ], + "percentage_of_license_text": 100.0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + } + ] +} \ No newline at end of file diff --git a/tests/summarycode/data/score2/inconsistent_licenses_copyleft/README.md b/tests/summarycode/data/score2/inconsistent_licenses_copyleft/README.md new file mode 100644 index 00000000000..f006181c3c3 --- /dev/null +++ b/tests/summarycode/data/score2/inconsistent_licenses_copyleft/README.md @@ -0,0 +1,37 @@ +# @invisionag/eslint-config-ivx + +# Usage + +Install the peer dependencies as development dependencies: +- `eslint^3.19.0` +- `prettier^1.5.2` + +Install `@invisionag/eslint-config-ivx` as a development dependency. + +In your `.eslintrc.js`: +```js +module.exports = { + extends: '@invisionag/ivx', +}; +``` + +Copyright (c) Example, Inc. + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/tests/summarycode/data/score2/inconsistent_licenses_copyleft/index.js b/tests/summarycode/data/score2/inconsistent_licenses_copyleft/index.js new file mode 100644 index 00000000000..b6127d64177 --- /dev/null +++ b/tests/summarycode/data/score2/inconsistent_licenses_copyleft/index.js @@ -0,0 +1,74 @@ +Copyright (c) 2007 nexB Inc. All right reserved +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +module.exports = { + extends: [ + 'airbnb', + 'prettier', + 'prettier/flowtype', + 'prettier/react', + 'plugin:flowtype/recommended', + ], + parser: 'babel-eslint', + plugins: ['prettier', 'flowtype', 'react-functional-set-state'], + env: { + browser: true, + node: true, + jest: true, + }, + rules: { + 'no-undef-init': 1, + 'react/sort-comp': [ + 1, + { + order: [ + 'type-annotations', + 'static-methods', + 'lifecycle', + 'everything-else', + 'render', + ], + groups: { + rendering: ['/^render.+$/', 'render'], + }, + }, + ], + 'react/jsx-filename-extension': [ + 1, + { + extensions: ['.js'], + }, + ], + 'react-functional-set-state/no-this-state-props': 2, + 'import/no-extraneous-dependencies': [ + 'error', + { + devDependencies: true, + }, + ], + 'prettier/prettier': [ + 'error', + { + trailingComma: 'all', + singleQuote: true, + }, + ], + }, +}; diff --git a/tests/summarycode/data/score2/inconsistent_licenses_copyleft/package.json b/tests/summarycode/data/score2/inconsistent_licenses_copyleft/package.json new file mode 100644 index 00000000000..f54d82ed9fa --- /dev/null +++ b/tests/summarycode/data/score2/inconsistent_licenses_copyleft/package.json @@ -0,0 +1,30 @@ +{ + "name": "@invisionag/eslint-config-ivx", + "version": "0.0.10", + "main": "index.js", + "repository": "https://github.com/ivx/eslint-config-ivx.git", + "author": "Alexander Plavinski ", + "license": "MIT", + "scripts": { + "test": "eslint ." + }, + "peerDependencies": { + "eslint": "^4.5.0", + "prettier": "^1.6.0" + }, + "dependencies": { + "babel-eslint": "^7.2.3", + "eslint-config-airbnb": "^15.1.0", + "eslint-config-prettier": "^2.3.0", + "eslint-plugin-flowtype": "^2.34.1", + "eslint-plugin-import": "^2.6.1", + "eslint-plugin-jsx-a11y": "^5.1.1", + "eslint-plugin-prettier": "^2.2.0", + "eslint-plugin-react": "^7.3.0", + "eslint-plugin-react-functional-set-state": "^1.0.1" + }, + "devDependencies": { + "eslint": "^4.5.0", + "prettier": "^1.6.0" + } +} diff --git a/tests/summarycode/data/score2/inconsistent_licenses_copyleft/util.js b/tests/summarycode/data/score2/inconsistent_licenses_copyleft/util.js new file mode 100644 index 00000000000..0cb46d2c98c --- /dev/null +++ b/tests/summarycode/data/score2/inconsistent_licenses_copyleft/util.js @@ -0,0 +1 @@ +// SPDX-License-Identifier: GPL-2.0-or-later diff --git a/tests/summarycode/data/score2/no_license_or_copyright-expected.json b/tests/summarycode/data/score2/no_license_or_copyright-expected.json new file mode 100644 index 00000000000..0fb33bd217d --- /dev/null +++ b/tests/summarycode/data/score2/no_license_or_copyright-expected.json @@ -0,0 +1,181 @@ +{ + "headers": [ + { + "tool_name": "scancode-toolkit", + "options": { + "input": "", + "--classify": true, + "--copyright": true, + "--info": true, + "--json": "", + "--license": true, + "--license-clarity-score-2": true + }, + "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", + "output_format_version": "2.0.0", + "message": null, + "errors": [], + "extra_data": { + "spdx_license_list_version": "3.16", + "files_count": 3 + } + } + ], + "license_clarity_score": { + "score": 0, + "declared_license": false, + "precise_license_detection": false, + "has_license_text": false, + "declared_copyrights": false, + "conflicting_license_categories": false, + "ambigous_compound_licensing": false + }, + "files": [ + { + "path": "no_license_or_copyright", + "type": "directory", + "name": "no_license_or_copyright", + "base_name": "no_license_or_copyright", + "extension": "", + "size": 0, + "sha1": null, + "md5": null, + "sha256": null, + "mime_type": null, + "file_type": null, + "programming_language": null, + "is_binary": false, + "is_text": false, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 3, + "dirs_count": 0, + "size_count": 2158, + "scan_errors": [] + }, + { + "path": "no_license_or_copyright/README.md", + "type": "file", + "name": "README.md", + "base_name": "README", + "extension": ".md", + "size": 295, + "sha1": "7d770c5ffdcf659c944a670225ab43db9f33d4a8", + "md5": "4b8955afbb3a8aa01933e99e331e4acf", + "sha256": "aac3e1032f4dffd347854cbe37d559223f2d61173caa649ca7cd0cfb11987334", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": true, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "no_license_or_copyright/index.js", + "type": "file", + "name": "index.js", + "base_name": "index", + "extension": ".js", + "size": 1037, + "sha1": "53771edd1e0765de7400174e42ca2e8e5840055f", + "md5": "ec9dc4294f83d24294f07e6a0676c338", + "sha256": "2b61833228890116dded1849a683d31d0273e0cf985a7bf0cc419aa7edefd839", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": "JavaScript", + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": true, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "no_license_or_copyright/package.json", + "type": "file", + "name": "package.json", + "base_name": "package", + "extension": ".json", + "size": 826, + "sha1": "adc72f5ee8e1dde3606dd3abbae6b16ae36147c8", + "md5": "bc23bb45c7f272127a346faa8b97da74", + "sha256": "a93777fcaee28dcc75e8b9187f5fae73ebc651d24f6825587c87553c5260a06d", + "mime_type": "application/json", + "file_type": "JSON data", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [ + { + "author": "Alexander Plavinski ", + "start_line": 6, + "end_line": 6 + } + ], + "is_legal": false, + "is_manifest": true, + "is_readme": false, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + } + ] +} \ No newline at end of file diff --git a/tests/summarycode/data/score2/no_license_or_copyright/README.md b/tests/summarycode/data/score2/no_license_or_copyright/README.md new file mode 100644 index 00000000000..5609113f254 --- /dev/null +++ b/tests/summarycode/data/score2/no_license_or_copyright/README.md @@ -0,0 +1,16 @@ +# @invisionag/eslint-config-ivx + +# Usage + +Install the peer dependencies as development dependencies: +- `eslint^3.19.0` +- `prettier^1.5.2` + +Install `@invisionag/eslint-config-ivx` as a development dependency. + +In your `.eslintrc.js`: +```js +module.exports = { + extends: '@invisionag/ivx', +}; +``` diff --git a/tests/summarycode/data/score2/no_license_or_copyright/index.js b/tests/summarycode/data/score2/no_license_or_copyright/index.js new file mode 100644 index 00000000000..c98f2d67c87 --- /dev/null +++ b/tests/summarycode/data/score2/no_license_or_copyright/index.js @@ -0,0 +1,54 @@ +module.exports = { + extends: [ + 'airbnb', + 'prettier', + 'prettier/flowtype', + 'prettier/react', + 'plugin:flowtype/recommended', + ], + parser: 'babel-eslint', + plugins: ['prettier', 'flowtype', 'react-functional-set-state'], + env: { + browser: true, + node: true, + jest: true, + }, + rules: { + 'no-undef-init': 1, + 'react/sort-comp': [ + 1, + { + order: [ + 'type-annotations', + 'static-methods', + 'lifecycle', + 'everything-else', + 'render', + ], + groups: { + rendering: ['/^render.+$/', 'render'], + }, + }, + ], + 'react/jsx-filename-extension': [ + 1, + { + extensions: ['.js'], + }, + ], + 'react-functional-set-state/no-this-state-props': 2, + 'import/no-extraneous-dependencies': [ + 'error', + { + devDependencies: true, + }, + ], + 'prettier/prettier': [ + 'error', + { + trailingComma: 'all', + singleQuote: true, + }, + ], + }, +}; diff --git a/tests/summarycode/data/score2/no_license_or_copyright/package.json b/tests/summarycode/data/score2/no_license_or_copyright/package.json new file mode 100644 index 00000000000..a39b1f8f9fc --- /dev/null +++ b/tests/summarycode/data/score2/no_license_or_copyright/package.json @@ -0,0 +1,30 @@ +{ + "name": "@invisionag/eslint-config-ivx", + "version": "0.0.10", + "main": "index.js", + "repository": "https://github.com/ivx/eslint-config-ivx.git", + "author": "Alexander Plavinski ", + "license": "", + "scripts": { + "test": "eslint ." + }, + "peerDependencies": { + "eslint": "^4.5.0", + "prettier": "^1.6.0" + }, + "dependencies": { + "babel-eslint": "^7.2.3", + "eslint-config-airbnb": "^15.1.0", + "eslint-config-prettier": "^2.3.0", + "eslint-plugin-flowtype": "^2.34.1", + "eslint-plugin-import": "^2.6.1", + "eslint-plugin-jsx-a11y": "^5.1.1", + "eslint-plugin-prettier": "^2.2.0", + "eslint-plugin-react": "^7.3.0", + "eslint-plugin-react-functional-set-state": "^1.0.1" + }, + "devDependencies": { + "eslint": "^4.5.0", + "prettier": "^1.6.0" + } +} diff --git a/tests/summarycode/data/score2/no_license_text-expected.json b/tests/summarycode/data/score2/no_license_text-expected.json new file mode 100644 index 00000000000..92e16f60040 --- /dev/null +++ b/tests/summarycode/data/score2/no_license_text-expected.json @@ -0,0 +1,234 @@ +{ + "headers": [ + { + "tool_name": "scancode-toolkit", + "options": { + "input": "", + "--classify": true, + "--copyright": true, + "--info": true, + "--json": "", + "--license": true, + "--license-clarity-score-2": true + }, + "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", + "output_format_version": "2.0.0", + "message": null, + "errors": [], + "extra_data": { + "spdx_license_list_version": "3.16", + "files_count": 3 + } + } + ], + "license_clarity_score": { + "score": 90, + "declared_license": true, + "precise_license_detection": true, + "has_license_text": false, + "declared_copyrights": true, + "conflicting_license_categories": false, + "ambigous_compound_licensing": false + }, + "files": [ + { + "path": "no_license_text", + "type": "directory", + "name": "no_license_text", + "base_name": "no_license_text", + "extension": "", + "size": 0, + "sha1": null, + "md5": null, + "sha256": null, + "mime_type": null, + "file_type": null, + "programming_language": null, + "is_binary": false, + "is_text": false, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 3, + "dirs_count": 0, + "size_count": 2190, + "scan_errors": [] + }, + { + "path": "no_license_text/README.md", + "type": "file", + "name": "README.md", + "base_name": "README", + "extension": ".md", + "size": 324, + "sha1": "5ddd71551f75d62539ba1c629268c05dea33df70", + "md5": "5e86afc76a17ee8be9cf19a6e0fd5226", + "sha256": "2ce5c5aee36b67f7a1ba28494ad150f9db7a6c2706830d071184e8d8e3ce29d4", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [ + { + "copyright": "Copyright (c) Example, Inc.", + "start_line": 18, + "end_line": 18 + } + ], + "holders": [ + { + "holder": "Example, Inc.", + "start_line": 18, + "end_line": 18 + } + ], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": true, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "no_license_text/index.js", + "type": "file", + "name": "index.js", + "base_name": "index", + "extension": ".js", + "size": 1037, + "sha1": "53771edd1e0765de7400174e42ca2e8e5840055f", + "md5": "ec9dc4294f83d24294f07e6a0676c338", + "sha256": "2b61833228890116dded1849a683d31d0273e0cf985a7bf0cc419aa7edefd839", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": "JavaScript", + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": true, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "no_license_text/package.json", + "type": "file", + "name": "package.json", + "base_name": "package", + "extension": ".json", + "size": 829, + "sha1": "003103b742ebfb1e76e80d9fc05ab0b3046f2ab6", + "md5": "bd8911e2d8af0caa689f76b9975761fd", + "sha256": "d27968b827780212a965387f5ec3421ee59a0bf9166847629db0e716e6d2d9c3", + "mime_type": "application/json", + "file_type": "JSON data", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [ + { + "key": "mit", + "score": 100.0, + "name": "MIT License", + "short_name": "MIT License", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "MIT", + "homepage_url": "http://opensource.org/licenses/mit-license.php", + "text_url": "http://opensource.org/licenses/mit-license.php", + "reference_url": "https://scancode-licensedb.aboutcode.org/mit", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", + "spdx_license_key": "MIT", + "spdx_url": "https://spdx.org/licenses/MIT", + "start_line": 7, + "end_line": 7, + "matched_rule": { + "identifier": "mit_30.RULE", + "license_expression": "mit", + "licenses": [ + "mit" + ], + "referenced_filenames": [], + "is_license_text": false, + "is_license_notice": false, + "is_license_reference": false, + "is_license_tag": true, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 2, + "matched_length": 2, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "mit" + ], + "percentage_of_license_text": 1.83, + "copyrights": [], + "holders": [], + "authors": [ + { + "author": "Alexander Plavinski ", + "start_line": 6, + "end_line": 6 + } + ], + "is_legal": false, + "is_manifest": true, + "is_readme": false, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + } + ] +} \ No newline at end of file diff --git a/tests/summarycode/data/score2/no_license_text/README.md b/tests/summarycode/data/score2/no_license_text/README.md new file mode 100644 index 00000000000..7d56e86b881 --- /dev/null +++ b/tests/summarycode/data/score2/no_license_text/README.md @@ -0,0 +1,18 @@ +# @invisionag/eslint-config-ivx + +# Usage + +Install the peer dependencies as development dependencies: +- `eslint^3.19.0` +- `prettier^1.5.2` + +Install `@invisionag/eslint-config-ivx` as a development dependency. + +In your `.eslintrc.js`: +```js +module.exports = { + extends: '@invisionag/ivx', +}; +``` + +Copyright (c) Example, Inc. diff --git a/tests/summarycode/data/score2/no_license_text/index.js b/tests/summarycode/data/score2/no_license_text/index.js new file mode 100644 index 00000000000..c98f2d67c87 --- /dev/null +++ b/tests/summarycode/data/score2/no_license_text/index.js @@ -0,0 +1,54 @@ +module.exports = { + extends: [ + 'airbnb', + 'prettier', + 'prettier/flowtype', + 'prettier/react', + 'plugin:flowtype/recommended', + ], + parser: 'babel-eslint', + plugins: ['prettier', 'flowtype', 'react-functional-set-state'], + env: { + browser: true, + node: true, + jest: true, + }, + rules: { + 'no-undef-init': 1, + 'react/sort-comp': [ + 1, + { + order: [ + 'type-annotations', + 'static-methods', + 'lifecycle', + 'everything-else', + 'render', + ], + groups: { + rendering: ['/^render.+$/', 'render'], + }, + }, + ], + 'react/jsx-filename-extension': [ + 1, + { + extensions: ['.js'], + }, + ], + 'react-functional-set-state/no-this-state-props': 2, + 'import/no-extraneous-dependencies': [ + 'error', + { + devDependencies: true, + }, + ], + 'prettier/prettier': [ + 'error', + { + trailingComma: 'all', + singleQuote: true, + }, + ], + }, +}; diff --git a/tests/summarycode/data/score2/no_license_text/package.json b/tests/summarycode/data/score2/no_license_text/package.json new file mode 100644 index 00000000000..f54d82ed9fa --- /dev/null +++ b/tests/summarycode/data/score2/no_license_text/package.json @@ -0,0 +1,30 @@ +{ + "name": "@invisionag/eslint-config-ivx", + "version": "0.0.10", + "main": "index.js", + "repository": "https://github.com/ivx/eslint-config-ivx.git", + "author": "Alexander Plavinski ", + "license": "MIT", + "scripts": { + "test": "eslint ." + }, + "peerDependencies": { + "eslint": "^4.5.0", + "prettier": "^1.6.0" + }, + "dependencies": { + "babel-eslint": "^7.2.3", + "eslint-config-airbnb": "^15.1.0", + "eslint-config-prettier": "^2.3.0", + "eslint-plugin-flowtype": "^2.34.1", + "eslint-plugin-import": "^2.6.1", + "eslint-plugin-jsx-a11y": "^5.1.1", + "eslint-plugin-prettier": "^2.2.0", + "eslint-plugin-react": "^7.3.0", + "eslint-plugin-react-functional-set-state": "^1.0.1" + }, + "devDependencies": { + "eslint": "^4.5.0", + "prettier": "^1.6.0" + } +} diff --git a/tests/summarycode/test_score2.py b/tests/summarycode/test_score2.py new file mode 100644 index 00000000000..81019192a42 --- /dev/null +++ b/tests/summarycode/test_score2.py @@ -0,0 +1,99 @@ +# +# Copyright (c) nexB Inc. and others. All rights reserved. +# ScanCode is a trademark of nexB Inc. +# SPDX-License-Identifier: Apache-2.0 +# See http://www.apache.org/licenses/LICENSE-2.0 for the license text. +# See https://github.com/nexB/scancode-toolkit for support or download. +# See https://aboutcode.org for more information about nexB OSS projects. +# + +import io +import os + +import click +import pytest + +from commoncode.testcase import FileDrivenTesting +from commoncode.text import python_safe_name +from scancode.cli_test_utils import check_json_scan +from scancode.cli_test_utils import run_scan_click + + +pytestmark = pytest.mark.scanslow + + +""" +Data-driven Score test utilities. +""" + + +test_env = FileDrivenTesting() +test_env.test_data_dir = os.path.join(os.path.dirname(__file__), 'data') + + +def make_test_function(test_name, test_dir, expected_file, regen=False): + """ + Build and return a test function closing on tests arguments and the function + name. Create only a single function for multiple tests (e.g. copyrights and + holders together). + """ + + def closure_test_function(*args, **kwargs): + result_file = test_env.get_temp_file('json') + args = ['--license', + '--copyright', + '--info', + '--classify', + '--license-clarity-score-2', + test_dir, '--json', result_file] + run_scan_click(args) + run_scan_click(args) + check_json_scan( + test_env.get_test_loc(expected_file), + result_file, + remove_file_date=True, + regen=regen, + ) + + test_name = 'test_license_clarity_score_%(test_name)s' % locals() + test_name = python_safe_name(test_name) + if isinstance(test_name, bytes): + test_name = test_name.decode('utf-8') + + closure_test_function.__name__ = test_name + + return closure_test_function, test_name + + +def build_tests(test_base_dir, clazz, regen=False): + """ + Dynamically build test methods from a sequence of CopyrightTest and attach + these method to the clazz test class. + """ + test_dirs = test_env.get_test_loc(test_base_dir) + for td in os.listdir(test_dirs): + td_loc = os.path.join(test_dirs, td) + if not os.path.isdir(td_loc): + continue + expected_file_loc = td_loc.rstrip('/\\') + '-expected.json' + + if regen and not os.path.exists(expected_file_loc): + with io.open(expected_file_loc, 'w') as o: + o.write(u'') + + method, name = make_test_function( + test_name=td, + test_dir=td_loc, + expected_file=expected_file_loc, + regen=regen) + + # attach that method to our test class + setattr(clazz, name, method) + + +class TestLicenseScore(FileDrivenTesting): + # test functions are attached to this class at module import time + pass + + +build_tests(test_base_dir='score2', clazz=TestLicenseScore, regen=False) From d572bd45a58f81b0c63d19faa3a881ee3fe913cf Mon Sep 17 00:00:00 2001 From: Jono Yang Date: Tue, 22 Feb 2022 13:10:53 -0800 Subject: [PATCH 05/11] Use a class to store scoring elements #2861 Signed-off-by: Jono Yang --- src/summarycode/score2.py | 53 ++-- .../score2/imprecise_license-expected.json | 234 ++++++++++++++++++ 2 files changed, 271 insertions(+), 16 deletions(-) create mode 100644 tests/summarycode/data/score2/imprecise_license-expected.json diff --git a/src/summarycode/score2.py b/src/summarycode/score2.py index ea7e98d353d..662bb21f271 100644 --- a/src/summarycode/score2.py +++ b/src/summarycode/score2.py @@ -80,45 +80,66 @@ def compute_license_score(codebase): the codebase level. """ - score = 0 - scoring_elements = {'score': score} + scoring_elements = ScoringElements() declared_licenses = get_declared_license_info_from_top_level_key_files(codebase) declared_license_expressions = get_declared_license_expressions_from_top_level_key_files(codebase) declared_license_categories = get_license_categories(declared_licenses) copyrights = get_copyrights_from_key_files(codebase) other_licenses = get_other_licenses(codebase) - scoring_elements['declared_license'] = bool(declared_licenses) + scoring_elements.declared_license = bool(declared_licenses) if declared_licenses: - scoring_elements['score'] += 40 + scoring_elements.score += 40 precise_license_detection = check_declared_licenses(declared_licenses) - scoring_elements['precise_license_detection'] = precise_license_detection + scoring_elements.precise_license_detection = precise_license_detection if precise_license_detection: - scoring_elements['score'] += 40 + scoring_elements.score += 40 has_license_text = check_for_license_texts(declared_licenses) - scoring_elements['has_license_text'] = has_license_text + scoring_elements.has_license_text = has_license_text if has_license_text: - scoring_elements['score'] += 10 + scoring_elements.score += 10 - scoring_elements['declared_copyrights'] = bool(copyrights) + scoring_elements.declared_copyrights = bool(copyrights) if copyrights: - scoring_elements['score'] += 10 + scoring_elements.score += 10 is_permissively_licensed = 'Copyleft' not in declared_license_categories if is_permissively_licensed: contains_copyleft_licenses = check_for_copyleft(other_licenses) - scoring_elements['conflicting_license_categories'] = contains_copyleft_licenses + scoring_elements.conflicting_license_categories = contains_copyleft_licenses if contains_copyleft_licenses: - scoring_elements['score'] -= 20 + scoring_elements.score -= 20 ambigous_compound_licensing = check_ambiguous_license_expression(declared_license_expressions) - scoring_elements['ambigous_compound_licensing'] = ambigous_compound_licensing + scoring_elements.ambigous_compound_licensing = ambigous_compound_licensing if ambigous_compound_licensing: - scoring_elements['score'] -= 10 - - return scoring_elements + scoring_elements.score -= 10 + + return scoring_elements.to_dict() + + +@attr.s() +class ScoringElements: + score = attr.ib(default=0) + declared_license = attr.ib(default=False) + precise_license_detection = attr.ib(default=False) + has_license_text = attr.ib(default=False) + declared_copyrights = attr.ib(default=False) + conflicting_license_categories = attr.ib(default=False) + ambigous_compound_licensing = attr.ib(default=False) + + def to_dict(self): + return { + 'score': self.score, + 'declared_license': self.declared_license, + 'precise_license_detection': self.precise_license_detection, + 'has_license_text': self.has_license_text, + 'declared_copyrights': self.declared_copyrights, + 'conflicting_license_categories': self.conflicting_license_categories, + 'ambigous_compound_licensing': self.ambigous_compound_licensing + } def check_ambiguous_license_expression(declared_license_expressions): diff --git a/tests/summarycode/data/score2/imprecise_license-expected.json b/tests/summarycode/data/score2/imprecise_license-expected.json new file mode 100644 index 00000000000..fdc92c23334 --- /dev/null +++ b/tests/summarycode/data/score2/imprecise_license-expected.json @@ -0,0 +1,234 @@ +{ + "headers": [ + { + "tool_name": "scancode-toolkit", + "options": { + "input": "", + "--classify": true, + "--copyright": true, + "--info": true, + "--json": "", + "--license": true, + "--license-clarity-score-2": true + }, + "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", + "output_format_version": "2.0.0", + "message": null, + "errors": [], + "extra_data": { + "spdx_license_list_version": "3.16", + "files_count": 3 + } + } + ], + "license_clarity_score": { + "score": 90, + "declared_license": true, + "precise_license_detection": true, + "has_license_text": false, + "declared_copyrights": true, + "conflicting_license_categories": false, + "ambigous_compound_licensing": false + }, + "files": [ + { + "path": "imprecise_license", + "type": "directory", + "name": "imprecise_license", + "base_name": "imprecise_license", + "extension": "", + "size": 0, + "sha1": null, + "md5": null, + "sha256": null, + "mime_type": null, + "file_type": null, + "programming_language": null, + "is_binary": false, + "is_text": false, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 3, + "dirs_count": 0, + "size_count": 2179, + "scan_errors": [] + }, + { + "path": "imprecise_license/README.md", + "type": "file", + "name": "README.md", + "base_name": "README", + "extension": ".md", + "size": 333, + "sha1": "6ad868c919fb46bb2e1dd203807915877710e305", + "md5": "3010ccc5b2e6c635308485b84d2e8d8f", + "sha256": "ed83c367801018f9b7e2d7c3d024d5f0fb3c6112fbf77ef2e6a1c05d7fd65c7a", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [ + { + "key": "apache-2.0", + "score": 100.0, + "name": "Apache License 2.0", + "short_name": "Apache 2.0", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "Apache Software Foundation", + "homepage_url": "http://www.apache.org/licenses/", + "text_url": "http://www.apache.org/licenses/LICENSE-2.0", + "reference_url": "https://scancode-licensedb.aboutcode.org/apache-2.0", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.yml", + "spdx_license_key": "Apache-2.0", + "spdx_url": "https://spdx.org/licenses/Apache-2.0", + "start_line": 19, + "end_line": 19, + "matched_rule": { + "identifier": "apache-2.0_1050.RULE", + "license_expression": "apache-2.0", + "licenses": [ + "apache-2.0" + ], + "referenced_filenames": [], + "is_license_text": false, + "is_license_notice": false, + "is_license_reference": true, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 2, + "matched_length": 2, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "apache-2.0" + ], + "percentage_of_license_text": 4.55, + "copyrights": [ + { + "copyright": "Copyright (c) Example, Inc.", + "start_line": 18, + "end_line": 18 + } + ], + "holders": [ + { + "holder": "Example, Inc.", + "start_line": 18, + "end_line": 18 + } + ], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": true, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "imprecise_license/index.js", + "type": "file", + "name": "index.js", + "base_name": "index", + "extension": ".js", + "size": 1037, + "sha1": "53771edd1e0765de7400174e42ca2e8e5840055f", + "md5": "ec9dc4294f83d24294f07e6a0676c338", + "sha256": "2b61833228890116dded1849a683d31d0273e0cf985a7bf0cc419aa7edefd839", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": "JavaScript", + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": true, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "imprecise_license/package.json", + "type": "file", + "name": "package.json", + "base_name": "package", + "extension": ".json", + "size": 809, + "sha1": "c07fce758705b949299768f7a404a51ce31ead7a", + "md5": "6670be3f86bde3893f575303b9b33b24", + "sha256": "77891e545535e7cd9b8de9eb9633d60083e17a4120c2edb5181cef3abd906c9f", + "mime_type": "application/json", + "file_type": "JSON data", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [ + { + "author": "Alexander Plavinski ", + "start_line": 6, + "end_line": 6 + } + ], + "is_legal": false, + "is_manifest": true, + "is_readme": false, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + } + ] +} \ No newline at end of file From 425f8b32fe45a2596fbffa933f9586ec82ab9117 Mon Sep 17 00:00:00 2001 From: Jono Yang Date: Tue, 22 Feb 2022 16:35:10 -0800 Subject: [PATCH 06/11] Check for more conflicting license categories #2861 Signed-off-by: Jono Yang --- src/summarycode/score2.py | 120 +++++++++++++++++++++++--------------- 1 file changed, 73 insertions(+), 47 deletions(-) diff --git a/src/summarycode/score2.py b/src/summarycode/score2.py index 662bb21f271..c474f82b4d8 100644 --- a/src/summarycode/score2.py +++ b/src/summarycode/score2.py @@ -105,11 +105,11 @@ def compute_license_score(codebase): if copyrights: scoring_elements.score += 10 - is_permissively_licensed = 'Copyleft' not in declared_license_categories + is_permissively_licensed = check_declared_license_categories(declared_license_categories) if is_permissively_licensed: - contains_copyleft_licenses = check_for_copyleft(other_licenses) - scoring_elements.conflicting_license_categories = contains_copyleft_licenses - if contains_copyleft_licenses: + contains_conflicting_license = check_for_conflicting_licenses(other_licenses) + scoring_elements.conflicting_license_categories = contains_conflicting_license + if contains_conflicting_license: scoring_elements.score -= 20 ambigous_compound_licensing = check_ambiguous_license_expression(declared_license_expressions) @@ -142,46 +142,6 @@ def to_dict(self): } -def check_ambiguous_license_expression(declared_license_expressions): - if not declared_license_expressions: - return False - - unique_declared_license_expressions = set(declared_license_expressions) - if len(unique_declared_license_expressions) == 1: - return False - - joined_expressions = [] - single_expressions = [] - for declared_license_expression in declared_license_expressions: - if ( - 'AND' in declared_license_expression - or 'OR' in declared_license_expression - or 'WITH' in declared_license_expression - ): - joined_expressions.append(declared_license_expression) - else: - single_expressions.append(declared_license_expression) - - single_expressions_by_joined_expressions = { - joined_expression: [] - for joined_expression - in joined_expressions - } - not_in_joined_expressions = [] - # check to see if the single expression is in the joined expression - for joined_expression in joined_expressions: - for expression in single_expressions: - if expression not in joined_expression: - not_in_joined_expressions.append(expression) - else: - single_expressions_by_joined_expressions[joined_expression].append(expression) - - if len(single_expressions_by_joined_expressions) == 1 and not not_in_joined_expressions: - return False - else: - return True - - # minimum score to consider a license detection as good. # MIN_GOOD_LICENSE_SCORE = 80 @@ -364,13 +324,79 @@ def check_declared_licenses(declared_licenses): ) -def check_for_copyleft(other_licenses): +CONFLICTING_LICENSE_CATEGORIES = ( + 'Commercial', + 'Copyleft', + 'Copyleft Limited', + 'Proprietary Free' +) + + +def check_declared_license_categories(declared_licenses): + """ + Check whether or not if the licenses in `declared_licenses` are permissively + licensed, or compatible with permissive licenses. + + If so, return True. Otherwise, return False. + """ + + for category in CONFLICTING_LICENSE_CATEGORIES: + if category in declared_licenses: + return False + return True + + +def check_for_conflicting_licenses(other_licenses): """ - Check if there is a copyleft license in `other_licenses`. + Check if there is a license in `other_licenses` that conflicts with + permissive licenses. If so, return True. Otherwise, return False. """ for license_info in other_licenses: - if license_info.get('category', '') in ('Copyleft',): + if ( + license_info.get('category', '') + in CONFLICTING_LICENSE_CATEGORIES + ): return True return False + + +def check_ambiguous_license_expression(declared_license_expressions): + if not declared_license_expressions: + return False + + unique_declared_license_expressions = set(declared_license_expressions) + if len(unique_declared_license_expressions) == 1: + return False + + joined_expressions = [] + single_expressions = [] + for declared_license_expression in declared_license_expressions: + if ( + 'AND' in declared_license_expression + or 'OR' in declared_license_expression + or 'WITH' in declared_license_expression + ): + joined_expressions.append(declared_license_expression) + else: + single_expressions.append(declared_license_expression) + + single_expressions_by_joined_expressions = { + joined_expression: [] + for joined_expression + in joined_expressions + } + not_in_joined_expressions = [] + # check to see if the single expression is in the joined expression + for joined_expression in joined_expressions: + for expression in single_expressions: + if expression not in joined_expression: + not_in_joined_expressions.append(expression) + else: + single_expressions_by_joined_expressions[joined_expression].append(expression) + + if len(single_expressions_by_joined_expressions) == 1 and not not_in_joined_expressions: + return False + else: + return True From 584f990045e5709fb0f5827dd844e04a527e18bf Mon Sep 17 00:00:00 2001 From: Jono Yang Date: Thu, 24 Feb 2022 13:14:36 -0800 Subject: [PATCH 07/11] Compare expressions with license_expression #2861 Signed-off-by: Jono Yang --- src/summarycode/score2.py | 59 +++++++++++++++++++++++++++++---------- 1 file changed, 44 insertions(+), 15 deletions(-) diff --git a/src/summarycode/score2.py b/src/summarycode/score2.py index c474f82b4d8..7aa8f825655 100644 --- a/src/summarycode/score2.py +++ b/src/summarycode/score2.py @@ -15,6 +15,8 @@ from commoncode.cliutils import PluggableCommandLineOption from commoncode.cliutils import POST_SCAN_GROUP +from license_expression import Licensing + # Tracing flags TRACE = False @@ -311,13 +313,11 @@ def check_for_license_texts(declared_licenses): def check_declared_licenses(declared_licenses): """ - Check whether or not all the licenses in `declared_licenses` are good. + Check if at least one of the licenses in `declared_licenses` is good. If so, return True. Otherwise, return False. """ - if not declared_licenses: - return False - return all( + return any( is_good_license(declared_license) for declared_license in declared_licenses @@ -327,8 +327,8 @@ def check_declared_licenses(declared_licenses): CONFLICTING_LICENSE_CATEGORIES = ( 'Commercial', 'Copyleft', - 'Copyleft Limited', - 'Proprietary Free' + 'Proprietary Free', + 'Source Available', ) @@ -362,17 +362,20 @@ def check_for_conflicting_licenses(other_licenses): return False -def check_ambiguous_license_expression(declared_license_expressions): - if not declared_license_expressions: - return False +def group_license_expressions(declared_license_expressions): + """ + Return a tuple that contains two list of license expressions. - unique_declared_license_expressions = set(declared_license_expressions) - if len(unique_declared_license_expressions) == 1: - return False + The first list in the tuple contains unique license expressions with "AND", + "OR, or "WITH" in it. + The second list in the tuple contains unique license + expressions without "AND", "OR", or "WITH". + """ + unique_declared_license_expressions = set(declared_license_expressions) joined_expressions = [] single_expressions = [] - for declared_license_expression in declared_license_expressions: + for declared_license_expression in unique_declared_license_expressions: if ( 'AND' in declared_license_expression or 'OR' in declared_license_expression @@ -382,14 +385,40 @@ def check_ambiguous_license_expression(declared_license_expressions): else: single_expressions.append(declared_license_expression) + licensing = Licensing() + unique_joined_expressions = [] + seen_joined_expression = [] + for j in joined_expressions: + for j1 in joined_expressions[1:]: + if licensing.is_equivalent(j, j1): + if ( + j not in unique_joined_expressions + and j not in seen_joined_expression + ): + unique_joined_expressions.append(j) + seen_joined_expression.append(j1) + + return unique_joined_expressions, single_expressions + + +def check_ambiguous_license_expression(declared_license_expressions): + # Get lists of unique license expressions + unique_joined_expressions, single_expressions = group_license_expressions( + declared_license_expressions + ) + if not unique_joined_expressions and not single_expressions: + return True + + # Group single expressions to joined expressions to see if single + # expressions are accounted for in a joined expression single_expressions_by_joined_expressions = { joined_expression: [] for joined_expression - in joined_expressions + in unique_joined_expressions } not_in_joined_expressions = [] # check to see if the single expression is in the joined expression - for joined_expression in joined_expressions: + for joined_expression in unique_joined_expressions: for expression in single_expressions: if expression not in joined_expression: not_in_joined_expressions.append(expression) From a65472a507b1a2f00296a8975857a222b0dd99a2 Mon Sep 17 00:00:00 2001 From: Jono Yang Date: Mon, 28 Feb 2022 16:32:17 -0800 Subject: [PATCH 08/11] Do not go below a score of zero #2861 * If a package has conflicting or ambigous licenses and the score is already zero, do not subtract from the score Signed-off-by: Jono Yang --- src/summarycode/score2.py | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/summarycode/score2.py b/src/summarycode/score2.py index 7aa8f825655..9a8ced3a1c9 100644 --- a/src/summarycode/score2.py +++ b/src/summarycode/score2.py @@ -111,12 +111,12 @@ def compute_license_score(codebase): if is_permissively_licensed: contains_conflicting_license = check_for_conflicting_licenses(other_licenses) scoring_elements.conflicting_license_categories = contains_conflicting_license - if contains_conflicting_license: + if contains_conflicting_license and scoring_elements.score > 0: scoring_elements.score -= 20 ambigous_compound_licensing = check_ambiguous_license_expression(declared_license_expressions) scoring_elements.ambigous_compound_licensing = ambigous_compound_licensing - if ambigous_compound_licensing: + if ambigous_compound_licensing and scoring_elements.score > 0: scoring_elements.score -= 10 return scoring_elements.to_dict() @@ -388,8 +388,12 @@ def group_license_expressions(declared_license_expressions): licensing = Licensing() unique_joined_expressions = [] seen_joined_expression = [] - for j in joined_expressions: - for j1 in joined_expressions[1:]: + len_joined_expressions = len(joined_expressions) + for i, j in enumerate(joined_expressions): + starting_index = i + 1 + if starting_index > len_joined_expressions: + break + for j1 in joined_expressions[starting_index:]: if licensing.is_equivalent(j, j1): if ( j not in unique_joined_expressions From c118f91423d593682e93c8e4d95f3ce013a04f04 Mon Sep 17 00:00:00 2001 From: Jono Yang Date: Mon, 28 Feb 2022 16:35:32 -0800 Subject: [PATCH 09/11] Check Resource basename when classifying #2861 * The classify plugin was determining the types of key files by checking the start or end of file names to see if they are a special type of file. However, the code checked the full filename with extension. This would cause us to not classify certain key files properly. Signed-off-by: Jono Yang --- src/summarycode/classify.py | 24 +++++++++++++++---- .../data/classify/legal/mit-license.txt | 0 2 files changed, 19 insertions(+), 5 deletions(-) create mode 100644 tests/summarycode/data/classify/legal/mit-license.txt diff --git a/src/summarycode/classify.py b/src/summarycode/classify.py index b77da5b05d3..31c2e1dc5a5 100644 --- a/src/summarycode/classify.py +++ b/src/summarycode/classify.py @@ -172,7 +172,7 @@ def process_codebase(self, codebase, classify, **kwargs): has_package_manifests = hasattr(codebase.root, 'package_manifests') if not has_package_manifests: # FIXME: this is not correct... we may still have cases where this - # is wrong: e.g. a META-INF directory and we may not have a package + # is wrong: e.g. a META-INF directory and we may not have a package return @@ -286,7 +286,7 @@ def process_codebase(self, codebase, classify, **kwargs): '/setup.cfg': 'pypi', '/setup.py': 'pypi', '/PKG-INFO': 'pypi', - '/pyproject.toml': 'pypi', + '/pyproject.toml': 'pypi', '.spec': 'rpm', '/cargo.toml': 'rust', '.spdx': 'spdx', @@ -310,6 +310,21 @@ def process_codebase(self, codebase, classify, **kwargs): ) +def check_resource_name_start_and_end(resource, STARTS_ENDS): + """ + Return True if `resource.name` or `resource.base_name` begins or ends with + an element of `STARTS_ENDS` + """ + name = resource.name.lower() + base_name = resource.base_name.lower() + return ( + name.startswith(STARTS_ENDS) + or name.endswith(STARTS_ENDS) + or base_name.startswith(STARTS_ENDS) + or base_name.endswith(STARTS_ENDS) + ) + + def set_classification_flags(resource, _LEGAL=LEGAL_STARTS_ENDS, _MANIF=MANIFEST_ENDS, @@ -317,11 +332,10 @@ def set_classification_flags(resource, """ Set classification flags on the `resource` Resource """ - name = resource.name.lower() path = resource.path.lower() - resource.is_legal = is_legal = name.startswith(_LEGAL) or name.endswith(_LEGAL) - resource.is_readme = is_readme = name.startswith(_README) or name.endswith(_README) + resource.is_legal = is_legal = check_resource_name_start_and_end(resource, _LEGAL) + resource.is_readme = is_readme = check_resource_name_start_and_end(resource, _README) resource.is_manifest = is_manifest = path.endswith(_MANIF) resource.is_key_file = (resource.is_top_level and (is_readme or is_legal or is_manifest)) diff --git a/tests/summarycode/data/classify/legal/mit-license.txt b/tests/summarycode/data/classify/legal/mit-license.txt new file mode 100644 index 00000000000..e69de29bb2d From 9a5bad6d5a44423bb4d9084c99540a399d7d97e3 Mon Sep 17 00:00:00 2001 From: Jono Yang Date: Mon, 28 Feb 2022 18:16:16 -0800 Subject: [PATCH 10/11] Use common function to collect values #2861 * Fix logic in check_for_license_ambiguity * Removed unused test file Signed-off-by: Jono Yang --- src/summarycode/score2.py | 175 ++++++------- .../score2/imprecise_license-expected.json | 234 ------------------ 2 files changed, 73 insertions(+), 336 deletions(-) delete mode 100644 tests/summarycode/data/score2/imprecise_license-expected.json diff --git a/src/summarycode/score2.py b/src/summarycode/score2.py index 9a8ced3a1c9..59ca3571d83 100644 --- a/src/summarycode/score2.py +++ b/src/summarycode/score2.py @@ -83,40 +83,42 @@ def compute_license_score(codebase): """ scoring_elements = ScoringElements() - declared_licenses = get_declared_license_info_from_top_level_key_files(codebase) - declared_license_expressions = get_declared_license_expressions_from_top_level_key_files(codebase) + declared_licenses = get_field_values_from_codebase_resources(codebase, 'licenses', key_files_only=True) + declared_license_expressions = get_field_values_from_codebase_resources(codebase, 'license_expressions', key_files_only=True) declared_license_categories = get_license_categories(declared_licenses) - copyrights = get_copyrights_from_key_files(codebase) - other_licenses = get_other_licenses(codebase) + copyrights = get_field_values_from_codebase_resources(codebase, 'copyrights', key_files_only=True) + other_licenses = get_field_values_from_codebase_resources(codebase, 'licenses', key_files_only=False) scoring_elements.declared_license = bool(declared_licenses) - if declared_licenses: + if scoring_elements.declared_license: scoring_elements.score += 40 - precise_license_detection = check_declared_licenses(declared_licenses) - scoring_elements.precise_license_detection = precise_license_detection - if precise_license_detection: + scoring_elements.precise_license_detection = check_declared_licenses(declared_licenses) + if scoring_elements.precise_license_detection: scoring_elements.score += 40 - has_license_text = check_for_license_texts(declared_licenses) - scoring_elements.has_license_text = has_license_text - if has_license_text: + scoring_elements.has_license_text = check_for_license_texts(declared_licenses) + if scoring_elements.has_license_text: scoring_elements.score += 10 scoring_elements.declared_copyrights = bool(copyrights) - if copyrights: + if scoring_elements.declared_copyrights: scoring_elements.score += 10 is_permissively_licensed = check_declared_license_categories(declared_license_categories) if is_permissively_licensed: - contains_conflicting_license = check_for_conflicting_licenses(other_licenses) - scoring_elements.conflicting_license_categories = contains_conflicting_license - if contains_conflicting_license and scoring_elements.score > 0: + scoring_elements.conflicting_license_categories = check_for_conflicting_licenses(other_licenses) + if ( + scoring_elements.conflicting_license_categories + and scoring_elements.score > 0 + ): scoring_elements.score -= 20 - ambigous_compound_licensing = check_ambiguous_license_expression(declared_license_expressions) - scoring_elements.ambigous_compound_licensing = ambigous_compound_licensing - if ambigous_compound_licensing and scoring_elements.score > 0: + scoring_elements.ambigous_compound_licensing = check_for_license_ambiguity(declared_license_expressions) + if ( + scoring_elements.ambigous_compound_licensing + and scoring_elements.score > 0 + ): scoring_elements.score -= 10 return scoring_elements.to_dict() @@ -203,84 +205,31 @@ def is_good_license(detected_license): return False -def get_declared_license_info_from_top_level_key_files(codebase): - """ - Return a list of "declared" license keys from the expressions as detected in - key files from top-level directories. - - A project has specific key file(s) at the top level of its code hierarchy - such as LICENSE, NOTICE or similar (and/or a package manifest) containing - structured license information such as an SPDX license expression or SPDX - license identifier: when such a file contains "clearly defined" declared - license information, we return this. +def get_field_values_from_codebase_resources(codebase, field_name, key_files_only=False): """ - declared = [] - for resource in codebase.walk(topdown=True): - if not (resource.is_dir and resource.is_top_level): - continue - for child in resource.walk(codebase): - if not child.is_key_file: - continue - for detected_license in getattr(child, 'licenses', []) or []: - declared.append(detected_license) - return declared + Return a list of values from the `field_name` field of the Resources from + `codebase` + If `key_files_only` is True, then we only return the field values from + Resources classified as key files. -def get_declared_license_expressions_from_top_level_key_files(codebase): - """ - Return a list of "declared" license expressions as detected in key files - from top-level directories. - - A project has specific key file(s) at the top level of its code hierarchy - such as LICENSE, NOTICE or similar (and/or a package manifest) containing - structured license information such as an SPDX license expression or SPDX - license identifier: when such a file contains "clearly defined" declared - license information, we return this. + If `key_files_only` is False, then we return the field values from Resources + that are not classified as key files. """ - declared = [] + values = [] for resource in codebase.walk(topdown=True): if not (resource.is_dir and resource.is_top_level): continue for child in resource.walk(codebase): - if not child.is_key_file: - continue - for detected_license_expression in getattr(child, 'license_expressions', []) or []: - declared.append(detected_license_expression) - return declared - - -def get_other_licenses(codebase): - """ - Return a list of detected licenses from non-key files under a top-level directory - """ - other_licenses = [] - for resource in codebase.walk(topdown=True): - if not (resource.is_dir and resource.is_top_level): - continue - for child in resource.walk(codebase): - if child.is_key_file: - continue - for detected_license in getattr(child, 'licenses', []) or []: - other_licenses.append(detected_license) - return other_licenses - - -def get_copyrights_from_key_files(codebase): - """ - Return a list of copyright statements from key files from a top-level directory - """ - copyright_statements = [] - for resource in codebase.walk(topdown=True): - if not (resource.is_dir and resource.is_top_level): - continue - for child in resource.walk(codebase): - if not child.is_key_file: - continue - for detected_copyright in getattr(child, 'copyrights', []) or []: - copyright_statement = detected_copyright.get('copyright') - if copyright_statement: - copyright_statements.append(copyright_statement) - return copyright_statements + if key_files_only: + if not child.is_key_file: + continue + else: + if child.is_key_file: + continue + for detected_license in getattr(child, field_name, []) or []: + values.append(detected_license) + return values def get_license_categories(license_infos): @@ -362,7 +311,7 @@ def check_for_conflicting_licenses(other_licenses): return False -def group_license_expressions(declared_license_expressions): +def group_license_expressions(unique_license_expressions): """ Return a tuple that contains two list of license expressions. @@ -372,18 +321,17 @@ def group_license_expressions(declared_license_expressions): The second list in the tuple contains unique license expressions without "AND", "OR", or "WITH". """ - unique_declared_license_expressions = set(declared_license_expressions) joined_expressions = [] single_expressions = [] - for declared_license_expression in unique_declared_license_expressions: + for license_expression in unique_license_expressions: if ( - 'AND' in declared_license_expression - or 'OR' in declared_license_expression - or 'WITH' in declared_license_expression + 'AND' in license_expression + or 'OR' in license_expression + or 'WITH' in license_expression ): - joined_expressions.append(declared_license_expression) + joined_expressions.append(license_expression) else: - single_expressions.append(declared_license_expression) + single_expressions.append(license_expression) licensing = Licensing() unique_joined_expressions = [] @@ -405,13 +353,33 @@ def group_license_expressions(declared_license_expressions): return unique_joined_expressions, single_expressions -def check_ambiguous_license_expression(declared_license_expressions): - # Get lists of unique license expressions +def check_for_license_ambiguity(declared_license_expressions): + """ + License ambiguity is the situation where there is a license declaration that makes + it difficult to construct a reliable license expression, such as in the case + of multiple licenses where the conjunctive versus disjunctive relationship + is not well defined. + + We determine if a list of `declared_license_expressions` has license ambiguity if + we cannot resolve the `declared_license_expressions` into one expression. + """ + unique_declared_license_expressions = set(declared_license_expressions) + # If we only have a single unique license expression, then we do not have + # any ambiguity about the licensing + if len(unique_declared_license_expressions) == 1: + return False + unique_joined_expressions, single_expressions = group_license_expressions( - declared_license_expressions + unique_declared_license_expressions ) - if not unique_joined_expressions and not single_expressions: - return True + + if not unique_joined_expressions: + # If we do not have any joined expressions, but multiple single + # expressions remaining, then we have license ambiguity + if len(single_expressions) > 1: + return True + else: + return False # Group single expressions to joined expressions to see if single # expressions are accounted for in a joined expression @@ -421,7 +389,7 @@ def check_ambiguous_license_expression(declared_license_expressions): in unique_joined_expressions } not_in_joined_expressions = [] - # check to see if the single expression is in the joined expression + # Check to see if the single expression is in the joined expression for joined_expression in unique_joined_expressions: for expression in single_expressions: if expression not in joined_expression: @@ -429,6 +397,9 @@ def check_ambiguous_license_expression(declared_license_expressions): else: single_expressions_by_joined_expressions[joined_expression].append(expression) + # If we have a single joined license expression and no license expressions + # that have not been associated with a joined license expression, then we do + # not have any ambiguity about the license if len(single_expressions_by_joined_expressions) == 1 and not not_in_joined_expressions: return False else: diff --git a/tests/summarycode/data/score2/imprecise_license-expected.json b/tests/summarycode/data/score2/imprecise_license-expected.json deleted file mode 100644 index fdc92c23334..00000000000 --- a/tests/summarycode/data/score2/imprecise_license-expected.json +++ /dev/null @@ -1,234 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score-2": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "2.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.16", - "files_count": 3 - } - } - ], - "license_clarity_score": { - "score": 90, - "declared_license": true, - "precise_license_detection": true, - "has_license_text": false, - "declared_copyrights": true, - "conflicting_license_categories": false, - "ambigous_compound_licensing": false - }, - "files": [ - { - "path": "imprecise_license", - "type": "directory", - "name": "imprecise_license", - "base_name": "imprecise_license", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 3, - "dirs_count": 0, - "size_count": 2179, - "scan_errors": [] - }, - { - "path": "imprecise_license/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 333, - "sha1": "6ad868c919fb46bb2e1dd203807915877710e305", - "md5": "3010ccc5b2e6c635308485b84d2e8d8f", - "sha256": "ed83c367801018f9b7e2d7c3d024d5f0fb3c6112fbf77ef2e6a1c05d7fd65c7a", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "apache-2.0", - "score": 100.0, - "name": "Apache License 2.0", - "short_name": "Apache 2.0", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "Apache Software Foundation", - "homepage_url": "http://www.apache.org/licenses/", - "text_url": "http://www.apache.org/licenses/LICENSE-2.0", - "reference_url": "https://scancode-licensedb.aboutcode.org/apache-2.0", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.yml", - "spdx_license_key": "Apache-2.0", - "spdx_url": "https://spdx.org/licenses/Apache-2.0", - "start_line": 19, - "end_line": 19, - "matched_rule": { - "identifier": "apache-2.0_1050.RULE", - "license_expression": "apache-2.0", - "licenses": [ - "apache-2.0" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": true, - "is_license_tag": false, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 2, - "matched_length": 2, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "apache-2.0" - ], - "percentage_of_license_text": 4.55, - "copyrights": [ - { - "copyright": "Copyright (c) Example, Inc.", - "start_line": 18, - "end_line": 18 - } - ], - "holders": [ - { - "holder": "Example, Inc.", - "start_line": 18, - "end_line": 18 - } - ], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "imprecise_license/index.js", - "type": "file", - "name": "index.js", - "base_name": "index", - "extension": ".js", - "size": 1037, - "sha1": "53771edd1e0765de7400174e42ca2e8e5840055f", - "md5": "ec9dc4294f83d24294f07e6a0676c338", - "sha256": "2b61833228890116dded1849a683d31d0273e0cf985a7bf0cc419aa7edefd839", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "imprecise_license/package.json", - "type": "file", - "name": "package.json", - "base_name": "package", - "extension": ".json", - "size": 809, - "sha1": "c07fce758705b949299768f7a404a51ce31ead7a", - "md5": "6670be3f86bde3893f575303b9b33b24", - "sha256": "77891e545535e7cd9b8de9eb9633d60083e17a4120c2edb5181cef3abd906c9f", - "mime_type": "application/json", - "file_type": "JSON data", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [ - { - "author": "Alexander Plavinski ", - "start_line": 6, - "end_line": 6 - } - ], - "is_legal": false, - "is_manifest": true, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file From f998e21b317b4aab9e1e92182c1127f0e65fd67f Mon Sep 17 00:00:00 2001 From: Jono Yang Date: Thu, 3 Mar 2022 12:20:28 -0800 Subject: [PATCH 11/11] Update CHANGELOG and docs #2861 * Add test for license ambiguity * Remove previous license clarity scoring plugin Signed-off-by: Jono Yang --- CHANGELOG.rst | 202 +++-- setup.cfg | 1 - src/summarycode/score.py | 711 +++++++--------- src/summarycode/score2.py | 406 --------- tests/scancode/data/help/help.txt | 74 +- .../data/score/basic-expected.json | 164 +++- tests/summarycode/data/score/basic/README.md | 1 + .../score/consistent_licenses-expected.json | 297 ------- .../score/consistent_licenses/src/index.js | 1 - .../consistent_licenses_not-expected.json | 297 ------- .../score/consistent_licenses_not/README.md | 16 - .../consistent_licenses_not/src/index.js | 1 - ...consistent_licenses_not_spdx-expected.json | 297 ------- .../consistent_licenses_not_spdx/README.md | 24 - .../consistent_licenses_not_spdx/package.json | 29 - .../consistent_licenses_not_spdx/src/index.js | 8 - .../data/score/file_coverage-expected.json | 403 --------- .../data/score/file_coverage/README.md | 16 - .../data/score/file_coverage/package.json | 30 - .../data/score/file_coverage/src/index.js | 2 - .../data/score/file_coverage/src/index2.js | 1 - .../data/score/file_coverage/src/test.java | 2 - .../data/score/full_text-expected.json | 373 -------- .../data/score/full_text/README.md | 16 - .../data/score/full_text/package.json | 30 - .../data/score/full_text/src/COPYING.md | 18 - .../data/score/full_text/src/index.js | 1 - .../full_text_in_key_files-expected.json | 373 -------- .../score/full_text_in_key_files/COPYING.md | 18 - .../score/full_text_in_key_files/README.md | 16 - .../score/full_text_in_key_files/package.json | 30 - .../score/full_text_in_key_files/src/index.js | 1 - ...consistent_licenses_copyleft-expected.json | 2 +- .../inconsistent_licenses_copyleft}/README.md | 0 .../inconsistent_licenses_copyleft}/index.js | 0 .../package.json | 0 .../inconsistent_licenses_copyleft/util.js | 0 .../score/no_license_ambiguity-expected.json | 794 ++++++++++++++++++ .../score/no_license_ambiguity/CHANGELOG.md | 699 +++++++++++++++ .../data/score/no_license_ambiguity/COPYRIGHT | 12 + .../score/no_license_ambiguity/Cargo.toml | 85 ++ .../score/no_license_ambiguity/LICENSE-APACHE | 176 ++++ .../score/no_license_ambiguity/LICENSE-MIT | 26 + .../data/score/no_license_ambiguity/README.md | 158 ++++ .../score/no_license_ambiguity/SECURITY.md | 69 ++ .../score/no_license_ambiguity/rustfmt.toml | 32 + .../no_license_or_copyright-expected.json | 2 +- .../README.md | 0 .../index.js | 0 .../no_license_or_copyright/package.json | 0 .../no_license_text-expected.json | 2 +- .../no_license_text/README.md | 0 .../index.js | 0 .../package.json | 0 .../data/score/single_file-expected.json | 104 --- .../data/score/single_file/README.md | 1 - .../data/score/spdx_licenses-expected.json | 373 -------- .../data/score/spdx_licenses/README.md | 16 - .../data/score/spdx_licenses/package.json | 30 - .../data/score/spdx_licenses/src/index.js | 1 - .../data/score/spdx_licenses/src/index2.js | 1 - .../score/spdx_licenses_not-expected.json | 373 -------- .../data/score/spdx_licenses_not/README.md | 16 - .../data/score/spdx_licenses_not/package.json | 30 - .../data/score/spdx_licenses_not/src/index.js | 1 - .../score/spdx_licenses_not/src/index2.js | 1 - .../data/score/top_declared-expected.json | 221 ----- .../data/score/top_declared/README.md | 16 - .../data/score/top_declared/package.json | 30 - .../data/score/top_declared_not-expected.json | 180 ---- .../data/score/top_declared_not/README.md | 16 - .../data/score/top_declared_not/package.json | 29 - .../data/score2/basic-expected.json | 328 -------- .../data/score2/basic/package.json | 30 - .../inconsistent_licenses_copyleft/README.md | 37 - .../inconsistent_licenses_copyleft/index.js | 74 -- .../package.json | 30 - .../score2/no_license_or_copyright/README.md | 16 - .../score2/no_license_or_copyright/index.js | 54 -- .../data/score2/no_license_text/index.js | 54 -- .../data/score2/no_license_text/package.json | 30 - tests/summarycode/test_score.py | 2 +- tests/summarycode/test_score2.py | 99 --- 83 files changed, 2660 insertions(+), 5449 deletions(-) delete mode 100644 src/summarycode/score2.py delete mode 100644 tests/summarycode/data/score/consistent_licenses-expected.json delete mode 100644 tests/summarycode/data/score/consistent_licenses/src/index.js delete mode 100644 tests/summarycode/data/score/consistent_licenses_not-expected.json delete mode 100644 tests/summarycode/data/score/consistent_licenses_not/README.md delete mode 100644 tests/summarycode/data/score/consistent_licenses_not/src/index.js delete mode 100644 tests/summarycode/data/score/consistent_licenses_not_spdx-expected.json delete mode 100644 tests/summarycode/data/score/consistent_licenses_not_spdx/README.md delete mode 100644 tests/summarycode/data/score/consistent_licenses_not_spdx/package.json delete mode 100644 tests/summarycode/data/score/consistent_licenses_not_spdx/src/index.js delete mode 100644 tests/summarycode/data/score/file_coverage-expected.json delete mode 100644 tests/summarycode/data/score/file_coverage/README.md delete mode 100644 tests/summarycode/data/score/file_coverage/package.json delete mode 100644 tests/summarycode/data/score/file_coverage/src/index.js delete mode 100644 tests/summarycode/data/score/file_coverage/src/index2.js delete mode 100644 tests/summarycode/data/score/file_coverage/src/test.java delete mode 100644 tests/summarycode/data/score/full_text-expected.json delete mode 100644 tests/summarycode/data/score/full_text/README.md delete mode 100644 tests/summarycode/data/score/full_text/package.json delete mode 100644 tests/summarycode/data/score/full_text/src/COPYING.md delete mode 100644 tests/summarycode/data/score/full_text/src/index.js delete mode 100644 tests/summarycode/data/score/full_text_in_key_files-expected.json delete mode 100644 tests/summarycode/data/score/full_text_in_key_files/COPYING.md delete mode 100644 tests/summarycode/data/score/full_text_in_key_files/README.md delete mode 100644 tests/summarycode/data/score/full_text_in_key_files/package.json delete mode 100644 tests/summarycode/data/score/full_text_in_key_files/src/index.js rename tests/summarycode/data/{score2 => score}/inconsistent_licenses_copyleft-expected.json (99%) rename tests/summarycode/data/{score2/basic => score/inconsistent_licenses_copyleft}/README.md (100%) rename tests/summarycode/data/{score2/basic => score/inconsistent_licenses_copyleft}/index.js (100%) rename tests/summarycode/data/score/{consistent_licenses => inconsistent_licenses_copyleft}/package.json (100%) rename tests/summarycode/data/{score2 => score}/inconsistent_licenses_copyleft/util.js (100%) create mode 100644 tests/summarycode/data/score/no_license_ambiguity-expected.json create mode 100644 tests/summarycode/data/score/no_license_ambiguity/CHANGELOG.md create mode 100644 tests/summarycode/data/score/no_license_ambiguity/COPYRIGHT create mode 100644 tests/summarycode/data/score/no_license_ambiguity/Cargo.toml create mode 100644 tests/summarycode/data/score/no_license_ambiguity/LICENSE-APACHE create mode 100644 tests/summarycode/data/score/no_license_ambiguity/LICENSE-MIT create mode 100644 tests/summarycode/data/score/no_license_ambiguity/README.md create mode 100644 tests/summarycode/data/score/no_license_ambiguity/SECURITY.md create mode 100644 tests/summarycode/data/score/no_license_ambiguity/rustfmt.toml rename tests/summarycode/data/{score2 => score}/no_license_or_copyright-expected.json (99%) rename tests/summarycode/data/score/{consistent_licenses => no_license_or_copyright}/README.md (100%) rename tests/summarycode/data/score/{top_declared => no_license_or_copyright}/index.js (100%) rename tests/summarycode/data/{score2 => score}/no_license_or_copyright/package.json (100%) rename tests/summarycode/data/{score2 => score}/no_license_text-expected.json (99%) rename tests/summarycode/data/{score2 => score}/no_license_text/README.md (100%) rename tests/summarycode/data/score/{top_declared_not => no_license_text}/index.js (100%) rename tests/summarycode/data/score/{consistent_licenses_not => no_license_text}/package.json (100%) delete mode 100644 tests/summarycode/data/score/single_file-expected.json delete mode 100644 tests/summarycode/data/score/single_file/README.md delete mode 100644 tests/summarycode/data/score/spdx_licenses-expected.json delete mode 100644 tests/summarycode/data/score/spdx_licenses/README.md delete mode 100644 tests/summarycode/data/score/spdx_licenses/package.json delete mode 100644 tests/summarycode/data/score/spdx_licenses/src/index.js delete mode 100644 tests/summarycode/data/score/spdx_licenses/src/index2.js delete mode 100644 tests/summarycode/data/score/spdx_licenses_not-expected.json delete mode 100644 tests/summarycode/data/score/spdx_licenses_not/README.md delete mode 100644 tests/summarycode/data/score/spdx_licenses_not/package.json delete mode 100644 tests/summarycode/data/score/spdx_licenses_not/src/index.js delete mode 100644 tests/summarycode/data/score/spdx_licenses_not/src/index2.js delete mode 100644 tests/summarycode/data/score/top_declared-expected.json delete mode 100644 tests/summarycode/data/score/top_declared/README.md delete mode 100644 tests/summarycode/data/score/top_declared/package.json delete mode 100644 tests/summarycode/data/score/top_declared_not-expected.json delete mode 100644 tests/summarycode/data/score/top_declared_not/README.md delete mode 100644 tests/summarycode/data/score/top_declared_not/package.json delete mode 100644 tests/summarycode/data/score2/basic-expected.json delete mode 100644 tests/summarycode/data/score2/basic/package.json delete mode 100644 tests/summarycode/data/score2/inconsistent_licenses_copyleft/README.md delete mode 100644 tests/summarycode/data/score2/inconsistent_licenses_copyleft/index.js delete mode 100644 tests/summarycode/data/score2/inconsistent_licenses_copyleft/package.json delete mode 100644 tests/summarycode/data/score2/no_license_or_copyright/README.md delete mode 100644 tests/summarycode/data/score2/no_license_or_copyright/index.js delete mode 100644 tests/summarycode/data/score2/no_license_text/index.js delete mode 100644 tests/summarycode/data/score2/no_license_text/package.json delete mode 100644 tests/summarycode/test_score2.py diff --git a/CHANGELOG.rst b/CHANGELOG.rst index ea906892fba..4a2ef4a5f16 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -63,7 +63,7 @@ License detection: - There have been significant license detection rules and licenses updates: - - XX new licenses have been added, + - XX new licenses have been added, - XX existing license metadata have been updated, - XXXX new license detection rules have been added, and - XXXX existing license rules have been updated. @@ -73,7 +73,7 @@ License detection: - The rule attribute "only_known_words" has been renamed to "is_continuous" and its meaning has been updated and expanded. A rule tagged as "is_continuous" can only be matched if there are no gaps between matched words, be they stopwords, extra - unknown or known words. This improves several false positive license detections. + unknown or known words. This improves several false positive license detections. The processing for "is_continous" has been merged in "key phrases" processing below. @@ -149,6 +149,66 @@ Package detection: instances created from package_manifests detected in the codebase. +License Clarity Scoring Update +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + - We are moving away from the license clarity scoring defined by ClearlyDefined + in the license clarity score plugin. The previous license clarity scoring + logic produced a score that was misleading, where it would return a low score + when scanning packages due to the stringent scoring criteria. We are now + using more general criteria to get a sense of what provenance information has + been provided and whether or not there is a conflict in licensing between + what licenses were declared at the top-level key files and what licenses have + been detected in the files under the top-level. + + - The license clarity score is a value from 0-100 calculated by combining the + weighted values determined for each of the scoring elements: + + - Declared license: + + - When true, indicates that the software package licensing is documented at + top-level or well-known locations in the software project, typically in a + package manifest, NOTICE, LICENSE, COPYING or README file. + - Scoring Weight = 40 + + - Identification precision: + + - Indicates how well the license statement(s) of the software identify known + licenses that can be designated by precise keys (identifiers) as provided in + a publicly available license list, such as the ScanCode LicenseDB, the SPDX + license list, the OSI license list, or a URL pointing to a specific license + text in a project or organization website. + - Scoring Weight = 40 + + - License texts: + + - License texts are provided to support the declared license expression in + files such as a package manifest, NOTICE, LICENSE, COPYING or README. + - Scoring Weight = 10 + + - Declared copyright: + + - When true, indicates that the software package copyright is documented at + top-level or well-known locations in the software project, typically in a + package manifest, NOTICE, LICENSE, COPYING or README file. + - Scoring Weight = 10 + + - Ambiguous compound licensing: + + - When true, indicates that the software has a license declaration that + makes it difficult to construct a reliable license expression, such as in + the case of multiple licenses where the conjunctive versus disjunctive + relationship is not well defined. + - Scoring Weight = -10 + + - Conflicting license categories: + + - When true, indicates the declared license expression of the software is in + the permissive category, but that other potentially conflicting categories, + such as copyleft and proprietary, have been detected in lower level code. + - Scoring Weight = -20 + + Outputs: ~~~~~~~~ @@ -187,7 +247,7 @@ values in the summaries for license, copyrights, etc. Thank you to: -- Thomas Druez @tdruez +- Thomas Druez @tdruez @@ -199,11 +259,11 @@ This is a minor bug fix release for these bugs: - https://github.com/nexB/commoncode/issues/31 - https://github.com/nexB/scancode-toolkit/issues/2713 -We now correctly work with all supported Click versions. +We now correctly work with all supported Click versions. Thank you to: - Konstantin Kochin @vznncv -- Thomas Druez @tdruez +- Thomas Druez @tdruez @@ -257,7 +317,7 @@ License detection: There have been some significant updates in license detection. We now track 34,164 license and license notices: - - 84 new licenses have been added, + - 84 new licenses have been added, - 34 existing license metadata have been updated, - 2765 new license detection rules have been added, and - 2041 existing license rules have been updated. @@ -317,13 +377,13 @@ Many thanks to the many contributors that made this release possible and in particular: - Akanksha Garg @akugarg -- Armijn Hemel @armijnhemel +- Armijn Hemel @armijnhemel - Ayan Sinha Mahapatra @AyanSinhaMahapatra - Bryan Sutula @sutula - Chin-Yeung Li @chinyeungli - Dennis Clark @DennisClark - dyh @yunhua-deng -- Dr. Frank Heimes @FrankHeimes +- Dr. Frank Heimes @FrankHeimes - gunaztar @gunaztar - Helio Chissini de Castro @heliocastro - Henrik Sandklef @hesa @@ -338,16 +398,16 @@ particular: - Michael Herzog @mjherzog - MMarwedel @MMarwedel - Mikko Murto @mmurto -- Nishchith Shetty @inishchith +- Nishchith Shetty @inishchith - Peter Gardfjäll @petergardfjall - Philippe Ombredanne @pombredanne -- Rainer Bieniek @rbieniek +- Rainer Bieniek @rbieniek - Roshan Thomas @Thomshan - Sadhana @s4-2 - Sarita Singh @itssingh - Siddhant Khare @Siddhant-K-code - Soim Kim @soimkim -- Thomas Druez @tdruez +- Thomas Druez @tdruez - Thorsten Godau @tgodau - Yunus Rahbar @yns88 @@ -387,7 +447,7 @@ Many thanks to every contributors that made this possible and in particular: - Ayan Sinha Mahapatra @AyanSinhaMahapatra - Dennis Clark @DennisClark - Jono Yang @JonoYang -- Mayur Agarwal @mrmayurgithub +- Mayur Agarwal @mrmayurgithub - Philippe Ombredanne @pombredanne - Pierre Tardy @tardyp @@ -452,7 +512,7 @@ Many thanks to every contributors that made this possible and in particular: - Sarita Singh @itssingh - Sebastian Thomas @sebathomas - Steven Esser @majurg -- Till Jaeger @LeChasseur +- Till Jaeger @LeChasseur - Thomas Druez @tdruez @@ -521,7 +581,7 @@ Package detection: - The PyPI package detection and manifest parsing has been reworked and significantly improved. - + - The detection of Windows executables and DLLs metadata has been enabled. These metadata are returned as packages. @@ -603,8 +663,8 @@ Package scanning: - Improve handling of Debian copyright files with faster and more accurate license detection - Thank you to Thomas Druez @tdruez - + Thank you to Thomas Druez @tdruez + - Add new built-in support for installed_files report. Only available when used as a library. @@ -615,7 +675,7 @@ Package scanning: - Steven Esser @majurg - Add new support to collect information from semi-structured Readme files - and related metadata files. + and related metadata files. Thank you to Jonothan Yang @JonoYang and Steven Esser @majurg @@ -624,7 +684,7 @@ Outputs: - Add new Debian copyright-formatted output. Thank you to Jelmer Vernooij @jelmer - + - Fix bug in --include where directories where not skipped correctly Thank you to Pierre Tardy @tardyp @@ -768,11 +828,11 @@ v3.2.0rc1 (2020-09-08) - Add and improve support for package lockfiles for Pipfile.lock, requirements.tx, Cargo.lock - Rohit Potter @rpotter12 - Add new --max-depth option to limit sca depth - Hanif Ali @hanif-ali - Add initial Debian packaging - @aj4ayushjain - - Add new documentation web site and documentation generation system + - Add new documentation web site and documentation generation system - The "headers" attribute in JSON outputs now contains a 'duration' field. #1942 - Rework packaging and third-party support handling: Create new scripts and process to provision, install and manage third-party dependencies - Abhishek Kumar @Abhishek-Dev09 - - Improve CSV output and fix manifest path bug #1718 Aditya Viki8 + - Improve CSV output and fix manifest path bug #1718 Aditya Viki8 - Add new documentation, as well as tools and process. Ayan Sinha Mahapatra - Add new license detection rules - Ayan Sinha Mahapatra - Improve license detection #1999 - Bryan Sutula @@ -800,9 +860,9 @@ v3.2.0rc1 (2020-09-08) - Add new checksum type for sha256 - Nitish @nitish81299 - Improve documentation - Philippe Ombredanne - Add new license detection rules and improve detection #1777 #1720 #1734 #1486 #1757 #1749 #1283 #1795 #2214 #1978 - - Add new license detection rules and improve detection #2187 #2188 #2189 #1904 #2207 #1905 #419 #2190 #1910 #1911 + - Add new license detection rules and improve detection #2187 #2188 #2189 #1904 #2207 #1905 #419 #2190 #1910 #1911 - Add new license detection rules and improve detection #1841 #1913 #1795 #2124 #2145 #1800 #2200 #2206 #2186 - - Allow to call "run_scan" as a function #1780 + - Allow to call "run_scan" as a function #1780 - Update license data to SPDX 3.7 #1789 - Collect matched license text correctly including with Turkish diacritics #1872 - Detect SPDX license identifiers #2007 @@ -830,7 +890,7 @@ v3.2.0rc1 (2020-09-08) - Fix license name and data - Thomas Steenbergen - Improve runtime support for FreeBSD #1695 @knobix - Update macOS image on azure pipeline @TG1999 - - Improve documentation - @Vinay0001 + - Improve documentation - @Vinay0001 v3.1.1 (2019-09-04) @@ -855,7 +915,7 @@ Other features and fixes: - Improve handling of plugins for native binaries @aj4ayushjain - Add CODE OF CONDUCT @inishchith - Fix extractcode error #749 - - Add new version notification #111 #1688 @jdaguil + - Add new version notification #111 #1688 @jdaguil v3.1.0 (2019-08-12) @@ -865,7 +925,7 @@ v3.1.0 (2019-08-12) - Add plugin to collect dwarf references #1167 @licodeli - Add fingerprint plugin #1651 @arnav-mandal1234 - Add summary and consolidation plugin #1673 - - Improve license detection #1606 #1659 #1675 + - Improve license detection #1606 #1659 #1675 - Improve copyright detection #1672 - Add owned files to package manifests #1554 @JonoYang - Improve package manifest support for Conda #1147, Bower and Python @licodeli @@ -887,14 +947,14 @@ v3.0.0 (2019-02-14) ------------------- License detection: - - Add new and improved licenses and license detection rules #1334 #1335 #1336 #1337 ##1357 + - Add new and improved licenses and license detection rules #1334 #1335 #1336 #1337 ##1357 - Fix-up the license text inside the `bsl-*.LICENSE` files #1338 by @fviernau - Add tests for commnon NuGet license bare URLs (until recently NuGet nupsec - only had a license URL as licensing documentation) + only had a license URL as licensing documentation) - Add a license for the `PSK` contributions to OpenSSL #1341 by @fviernau - Improve License Match scoring and filtering for very short rules - Do not run license and copyright detection on media files: Media should not - contain text #1347 #1348 + contain text #1347 #1348 - Detect scea-1.0 license correctly #1346 - Do not detect warranty disclaimer as GPL #1345 - Support quoted SPDX expressions and more comment marker prefixes @@ -906,9 +966,9 @@ License detection: Packages: - Improve npm vcs_url handling #1314 by @majurg - Improve Maven POM license detection #1344 - - Add Maven POM URL detection - - Recognize .gem archives as packages - - Improve parsing of Pypi Python setup.py + - Add Maven POM URL detection + - Recognize .gem archives as packages + - Improve parsing of Pypi Python setup.py - Improve package summaries. Add new plugin to improve package classification #1339 Other: @@ -927,9 +987,9 @@ API changes: Other changes: - Copyright detection improvements #1305 by @JonoYang - Correct CC-BY V3.0 and V4.0 license texts by correct one by @sschuberth #1320 - - Add new and improved licenses and license detection rules including the latest SPDX list 3.4 and #1322 #1324 - - Rename proprietary license key to proprietary-license - - Rename commercial license key to commercial-license + - Add new and improved licenses and license detection rules including the latest SPDX list 3.4 and #1322 #1324 + - Rename proprietary license key to proprietary-license + - Rename commercial license key to commercial-license - Improve npm package.json handling #1308 and #1314 by @majurg @@ -939,7 +999,7 @@ v2.9.8 (2018-12-12) This is a close-to-final pre-release of what will come up for 3.0 with some API change for packages. API changes: - - In Package models, rename normalized_license to license_expression and + - In Package models, rename normalized_license to license_expression and add license detection on the declared_license to populate the license_expression #1092 #1268 #1278 Outputs: @@ -961,14 +1021,14 @@ License detection: as a rule. - Licenses have been synchronized with the latest v3.3 SPDX license list and the latest DejaCode licenses #1242 - Duplicated SPDX keys have been fixed #1264 - - Add new and improved license detection rules #1313 #1306 #1302 #1298 #1293 + - Add new and improved license detection rules #1313 #1306 #1302 #1298 #1293 #1291 #1289 #1270 #1269 #1192 #1186 #1170 #1164 #1128 #1124 #1112 #1110 #1108 #1098 #1069 #1063 #1058 #1052 #1050 #1039 #987 #962 #929 Packages: - Add support for haxe "haxelib" package manifests #1227 - Remove code_type attribute from Package models - - In Package models, rename normalized_license to license_expression and + - In Package models, rename normalized_license to license_expression and add license detection on the declared_license to populate the license_expression #1092 #1268 #1278 - Improve data returned for PHP Composer packages - Add PackageURL to top level output for packages @@ -982,10 +1042,10 @@ Misc: - Ensure all temporary directories are prefixed with "scancode-" - Drop support for Linux 32 bits #1259 - Do not attempt to scan encrypted PDF documents - - Improve "data" files detection + - Improve "data" files detection - ScanCode can be installed from Pypi correctly #1214 #1183 - - Improve reporting of programming languages #1194 - - Fix running post scan plugins #1141 + - Improve reporting of programming languages #1194 + - Fix running post scan plugins #1141 Command line: - Always delete temporary files when no longer needed. #1231 @@ -1019,7 +1079,7 @@ Credits: Many thanks to everyone that contributed to this release with code and - @geneh - @jonassmedegaard -and many other that I may have missed. +and many other that I may have missed. @@ -1033,7 +1093,7 @@ No changes. v2.9.6 (2018-10-25) ------------------- - - Add declared license normalization #1092 + - Add declared license normalization #1092 - Add new and improved license rules - Add mising and clean up ABOUT files for all embedded third-party libraries - Improve npm package.json handling (better keuword support) @@ -1063,7 +1123,7 @@ related to packages. - Add Package URL field to top-level package output #1149 - --package option should collect homepage URL for packages #645 - Support installation from Pypi and update various third-parties to their - latest version #1183 + latest version #1183 - Fix bug where multiple outputs with --html would crash scancode # - Add new and improved licenses and license detection rules #1192 #1186 - Ensure that plugin failure trigger a proper error exit code #1199 @@ -1073,15 +1133,15 @@ related to packages. - Fix incorrect copyright detection #1198 - Detect programming language more strictly and efficiently #1194 - Use simpler list of source package URLs/purls #1206 - - Add purl to the packages data #1149 - - Use direct attributes for package checksums #1189 + - Add purl to the packages data #1149 + - Use direct attributes for package checksums #1189 - Remove package_manifest attribute for packages - Add new Package "manifest_path" attribute which is a relative path to the manifest file if any, such as a Maven .pom or a npm package.json. - + Credits: Many thanks to everyone that contributed to this release with code and bug reports - - @MartinPetkov + - @MartinPetkov - @majurg - @JonoYang @@ -1098,7 +1158,7 @@ Licenses: - Add new license and rules and improve licene rules #1186 #1108 #1124 #1171 #1173 #1039 #1098 #1111 - Add new license clarity scoring #1180 This is also for use in the ClearlyDefined project - - Add is_exception to license scan results #1159 + - Add is_exception to license scan results #1159 Copyrights: - Copyright detection has been improved #930 #965 #1103 @@ -1111,7 +1171,7 @@ Packages: Misc: - - Add facet, classification and summarizer plugins #357 + - Add facet, classification and summarizer plugins #357 - Fix file counts #1055 - Fix corrupted license cache error - Upgrade all thridparty libraries #1070 @@ -1125,7 +1185,7 @@ Credits: Many thanks to everyone that contributed to this release with code and - @mueller-ma - @MartinPetkov - @techytushar - + v2.9.2 (2018-05-08) @@ -1134,14 +1194,14 @@ This is a major pre-release of what will come up for 3.0. with significant packages and license API changes. API changes: - - Simplify output option names #789 + - Simplify output option names #789 - Update the packages data structure and introduce Package URLs #275 - Add support for license expressions #74 with full exceptions support Licenses: - Add support for license expressions #74 with full exceptions support - Enable SPDX license identifier match #81 - - Update and change handling of composite licenses now that we support expressions + - Update and change handling of composite licenses now that we support expressions - Symchronize licenses with latest from SPDX and DejaCode #41 - Add new licenses ofr odds and ends: other-permissive and other-copyleft - refine license index cache handling @@ -1161,11 +1221,11 @@ Packages: - Rename asserted_license to declared_licensing #275 - Add basic Godeps parsing support #275 - Add basic gemspec and Rubygems parsing support #275 - - Add basic Gemfile.lock parsing support #275 + - Add basic Gemfile.lock parsing support #275 - Add basic Win DLL parsing support #275 - - Replace MD5/SHA1 by a list of checksums #275 - - Use a single download_url, not a list #275 - - Add namespace to npm. Compute defaults URL #275 + - Replace MD5/SHA1 by a list of checksums #275 + - Use a single download_url, not a list #275 + - Add namespace to npm. Compute defaults URL #275 Misc: - multiple minor bug fixes @@ -1190,7 +1250,7 @@ Licenses: Copyrights: - Copyright detection has been improved #930 #965 - + Misc: - Improve support for JavaScript map files: they may contain both debugging information and whole package source code. @@ -1210,7 +1270,7 @@ v2.9.0b1 (2018-03-02) This is a major pre-release of what will come up for 3.0 -This has a lot of new changes including improved plugins, speed and detection +This has a lot of new changes including improved plugins, speed and detection that are not yet fully documented but it can be used for testing. API changes: @@ -1254,7 +1314,7 @@ Licenses: - License match have a notion of "coverage" which is the number of matched words compared to the number of words in the matched rule. - The license cache is not checked anymore for consistency once created which - improved startup times. (unless you are using a Git checkout and you are + improved startup times. (unless you are using a Git checkout and you are developping with a SCANCODE_DEV_MODE tag file present) - License catagory names have been improved @@ -1273,7 +1333,7 @@ Misc: each file (with a default to 50) #384 - When configuring in dev mode, VS Code settings are created - Archive detection has been improved - - There is a new cache and temporary file configuration with --cache-dir and + - There is a new cache and temporary file configuration with --cache-dir and --temp-dir CLI options. The --no-cache option has been removed - Add new --examples to show usage examples help - Move essential configuration to a scancode_config.py module @@ -1281,10 +1341,10 @@ Misc: - Improve handling of files with weird characters in their names on all OSses - Improve detection of archive vs. comrpessed files - Make all copyright tests data driven using YAML files like for license tests - + Plugins - - Prescan plugins can now exclude files from the scans + - Prescan plugins can now exclude files from the scans - Plugins can now contribute arbitrary command line options #787 and #748 - there is a new plugin stage called output_filter to optionally filter a scan before output. One example is to keep "only findings" #787 @@ -1294,7 +1354,7 @@ Plugins - All scanners are also plugins #698 and now everything is a plugin including the scans - The interface for output plugins is the same as other plugins #715 - + Credits: Many thanks to everyone that contributed to this release with code and bug reports (and this list is likely missing some) @@ -1365,7 +1425,7 @@ Other changes: - Several other package types are now detected with --package even though only a few attribute may be returned for now until full parser are added. - - Several parsing NPM packages bugs have been fixed. + - Several parsing NPM packages bugs have been fixed. - There are some minor performance improvements when scanning some large file for licenses. @@ -1425,14 +1485,14 @@ v2.0.1 (2017-07-03) - New "base_name" attribute returned with file information. Reported by @chinyeungli - Bug fixed in Maven POM package detection. Reported by @kalagp - + v2.0.0 (2017-06-23) ------------------- This is a major release with several new and improved features and bug fixes. - + Some of the key highlights include: License detection: @@ -1471,7 +1531,7 @@ Package and dependencies: considered API at this stage -Scan outputs: +Scan outputs: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - New SPDX tag/values and RDF outputs. @@ -1500,7 +1560,7 @@ Performance: - Everything is generally faster, and license detection performance has been significantly improved. - - Scans can run on multiple processes in parallel with the new + - Scans can run on multiple processes in parallel with the new `--processes` option speeding up things even further. A scan of a full Debian pool of source packages was reported to scan in about 11 hours (on a rather beefy 144 cores, 256GB machine) @@ -1521,7 +1581,7 @@ Other notes: - New `--diag option`: display additional debug and diagnostic data - The scanned file paths can now reported as relative, rooted or absolute with new command line options with a default to a rooted - path. + path. Thank you to all contributors to this release and the 200+ stars @@ -1583,7 +1643,7 @@ New features - New email and url scan options: scan for URLs and emails - New and improved license and detection rules -These scans are for now only available in the JSON output +These scans are for now only available in the JSON output v1.4.3 (2015-12-03) @@ -1676,7 +1736,7 @@ v1.2.3 (2015-07-16) Major bug fixes on Windows. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - - This is a major bug fix release for Windows. + - This is a major bug fix release for Windows. The -extract option was not working on Windows in previous 1.2.x pre-releases diff --git a/setup.cfg b/setup.cfg index db0e2a8656a..5f88b4a1ff9 100644 --- a/setup.cfg +++ b/setup.cfg @@ -170,7 +170,6 @@ scancode_post_scan = summary-key-files = summarycode.summarizer:ScanKeyFilesSummary summary-by-facet = summarycode.summarizer:ScanByFacetSummary license-clarity-score = summarycode.score:LicenseClarityScore - license-clarity-score-2 = summarycode.score2:LicenseClarityScore2 license-policy = licensedcode.plugin_license_policy:LicensePolicy mark-source = scancode.plugin_mark_source:MarkSource classify-package = summarycode.classify:PackageTopAndKeyFilesTagger diff --git a/src/summarycode/score.py b/src/summarycode/score.py index be61409adb1..971aadbe9ec 100644 --- a/src/summarycode/score.py +++ b/src/summarycode/score.py @@ -7,19 +7,15 @@ # See https://aboutcode.org for more information about nexB OSS projects. # -from itertools import chain - import attr -from license_expression import Licensing from commoncode.datautils import Mapping -from licensedcode.cache import get_licenses_db -from licensedcode import models from plugincode.post_scan import PostScanPlugin from plugincode.post_scan import post_scan_impl from commoncode.cliutils import PluggableCommandLineOption from commoncode.cliutils import POST_SCAN_GROUP -from summarycode import facet + +from license_expression import Licensing # Tracing flags @@ -41,15 +37,161 @@ def logger_debug(*args): def logger_debug(*args): return logger.debug(' '.join(isinstance(a, str) and a or repr(a) for a in args)) + """ A plugin to compute a licensing clarity score as designed in ClearlyDefined """ +@post_scan_impl +class LicenseClarityScore(PostScanPlugin): + """ + Compute a License clarity score at the codebase level. + """ + codebase_attributes = dict(license_clarity_score=Mapping( + help='Computed license clarity score as mapping containing the score ' + 'proper and each scoring elements.')) + + sort_order = 110 + + options = [ + PluggableCommandLineOption(('--license-clarity-score',), + is_flag=True, + default=False, + help='Compute a summary license clarity score at the codebase level.', + help_group=POST_SCAN_GROUP, + required_options=[ + 'classify', + ], + ) + ] + + def is_enabled(self, license_clarity_score, **kwargs): + return license_clarity_score + + def process_codebase(self, codebase, license_clarity_score, **kwargs): + if TRACE: + logger_debug('LicenseClarityScore:process_codebase') + scoring_elements = compute_license_score(codebase) + codebase.attributes.license_clarity_score.update(scoring_elements) + + +def compute_license_score(codebase): + """ + Return a mapping of scoring elements and a license clarity score computed at + the codebase level. + + The license clarity score is a value from 0-100 calculated by combining the + weighted values determined for each of the scoring elements: + + Declared license: + - When true, indicates that the software package licensing is documented at + top-level or well-known locations in the software project, typically in a + package manifest, NOTICE, LICENSE, COPYING or README file. + - Scoring Weight = 40 + + Identification precision: + - Indicates how well the license statement(s) of the software identify known + licenses that can be designated by precise keys (identifiers) as provided in + a publicly available license list, such as the ScanCode LicenseDB, the SPDX + license list, the OSI license list, or a URL pointing to a specific license + text in a project or organization website. + - Scoring Weight = 40 + + License texts: + - License texts are provided to support the declared license expression in + files such as a package manifest, NOTICE, LICENSE, COPYING or README. + - Scoring Weight = 10 + + Declared copyright: + - When true, indicates that the software package copyright is documented at + top-level or well-known locations in the software project, typically in a + package manifest, NOTICE, LICENSE, COPYING or README file. + - Scoring Weight = 10 + + Ambiguous compound licensing + - When true, indicates that the software has a license declaration that + makes it difficult to construct a reliable license expression, such as in + the case of multiple licenses where the conjunctive versus disjunctive + relationship is not well defined. + - Scoring Weight = -10 + + Conflicting license categories + - When true, indicates the declared license expression of the software is in + the permissive category, but that other potentially conflicting categories, + such as copyleft and proprietary, have been detected in lower level code. + - Scoring Weight = -20 + """ + + scoring_elements = ScoringElements() + declared_licenses = get_field_values_from_codebase_resources(codebase, 'licenses', key_files_only=True) + declared_license_expressions = get_field_values_from_codebase_resources(codebase, 'license_expressions', key_files_only=True) + declared_license_categories = get_license_categories(declared_licenses) + copyrights = get_field_values_from_codebase_resources(codebase, 'copyrights', key_files_only=True) + other_licenses = get_field_values_from_codebase_resources(codebase, 'licenses', key_files_only=False) + + scoring_elements.declared_license = bool(declared_licenses) + if scoring_elements.declared_license: + scoring_elements.score += 40 + + scoring_elements.precise_license_detection = check_declared_licenses(declared_licenses) + if scoring_elements.precise_license_detection: + scoring_elements.score += 40 + + scoring_elements.has_license_text = check_for_license_texts(declared_licenses) + if scoring_elements.has_license_text: + scoring_elements.score += 10 + + scoring_elements.declared_copyrights = bool(copyrights) + if scoring_elements.declared_copyrights: + scoring_elements.score += 10 + + is_permissively_licensed = check_declared_license_categories(declared_license_categories) + if is_permissively_licensed: + scoring_elements.conflicting_license_categories = check_for_conflicting_licenses(other_licenses) + if ( + scoring_elements.conflicting_license_categories + and scoring_elements.score > 0 + ): + scoring_elements.score -= 20 + + scoring_elements.ambigous_compound_licensing = check_for_license_ambiguity(declared_license_expressions) + if ( + scoring_elements.ambigous_compound_licensing + and scoring_elements.score > 0 + ): + scoring_elements.score -= 10 + + return scoring_elements.to_dict() + + +@attr.s() +class ScoringElements: + score = attr.ib(default=0) + declared_license = attr.ib(default=False) + precise_license_detection = attr.ib(default=False) + has_license_text = attr.ib(default=False) + declared_copyrights = attr.ib(default=False) + conflicting_license_categories = attr.ib(default=False) + ambigous_compound_licensing = attr.ib(default=False) + + def to_dict(self): + return { + 'score': self.score, + 'declared_license': self.declared_license, + 'precise_license_detection': self.precise_license_detection, + 'has_license_text': self.has_license_text, + 'declared_copyrights': self.declared_copyrights, + 'conflicting_license_categories': self.conflicting_license_categories, + 'ambigous_compound_licensing': self.ambigous_compound_licensing + } + + # minimum score to consider a license detection as good. # MIN_GOOD_LICENSE_SCORE = 80 + @attr.s(slots=True) class LicenseFilter(object): min_score = attr.ib(default=0) @@ -104,467 +246,202 @@ def is_good_license(detected_license): return False -@post_scan_impl -class LicenseClarityScore(PostScanPlugin): - """ - Compute a License clarity score at the codebase level. +def check_declared_licenses(declared_licenses): """ - codebase_attributes = dict(license_clarity_score=Mapping( - help='Computed license clarity score as mapping containing the score ' - 'proper and each scoring elements.')) - - sort_order = 110 - - options = [ - PluggableCommandLineOption(('--license-clarity-score',), - is_flag=True, - default=False, - help='Compute a summary license clarity score at the codebase level.', - help_group=POST_SCAN_GROUP, - required_options=[ - 'classify', - ], - ) - ] + Check if at least one of the licenses in `declared_licenses` is good. - def is_enabled(self, license_clarity_score, **kwargs): - return license_clarity_score - - def process_codebase(self, codebase, license_clarity_score, **kwargs): - if TRACE: - logger_debug('LicenseClarityScore:process_codebase') - scoring_elements = compute_license_score(codebase) - codebase.attributes.license_clarity_score.update(scoring_elements) - - -def compute_license_score(codebase): + If so, return True. Otherwise, return False. """ - Return a mapping of scoring elements and a license clarity score computed at - the codebase level. - """ - - score = 0 - scoring_elements = dict(score=score) - - for element in SCORING_ELEMENTS: - element_score = element.scorer(codebase) - if element.is_binary: - scoring_elements[element.name] = bool(element_score) - element_score = 1 if element_score else 0 - else: - scoring_elements[element.name] = round(element_score, 2) or 0 - - score += int(element_score * element.weight) - if TRACE: - logger_debug( - 'compute_license_score: element:', element, 'element_score: ', - element_score, ' new score:', score) - - scoring_elements['score'] = score or 0 - return scoring_elements - - -def get_declared_license_keys(codebase): - """ - Return a list of declared license keys found in packages and key files. - """ - return ( - get_declared_license_keys_in_key_files(codebase) + - get_declared_license_keys_in_packages(codebase) + return any( + is_good_license(declared_license) + for declared_license + in declared_licenses ) -def get_declared_license_keys_in_packages(codebase): +def get_field_values_from_codebase_resources(codebase, field_name, key_files_only=False): """ - Return a list of declared license keys found in packages. + Return a list of values from the `field_name` field of the Resources from + `codebase` - A package manifest (such as Maven POM file or an npm package.json file) - contains structured declared license information. This is further normalized - as a license_expression. We extract the list of licenses from the normalized - license expressions. - """ - packages = chain.from_iterable( - getattr(res, 'packages', []) or [] - for res in codebase.walk(topdown=True)) - - licensing = Licensing() - detected_good_licenses = [] - for package in packages: - expression = package.get('license_expression') - if expression: - exp = licensing.parse( - expression, validate=False, strict=False, simple=True) - keys = licensing.license_keys(exp, unique=True) - detected_good_licenses.extend(keys) - return detected_good_licenses - - -def get_declared_license_keys_in_key_files(codebase): - """ - Return a list of "declared" license keys from the expressions as detected in - key files. - - A project has specific key file(s) at the top level of its code hierarchy - such as LICENSE, NOTICE or similar (and/or a package manifest) containing - structured license information such as an SPDX license expression or SPDX - license identifier: when such a file contains "clearly defined" declared - license information, we return this. + If `key_files_only` is True, then we only return the field values from + Resources classified as key files. - Note: this ignores facets. + If `key_files_only` is False, then we return the field values from Resources + that are not classified as key files. """ - declared = [] + values = [] for resource in codebase.walk(topdown=True): - if not resource.is_key_file: + if not (resource.is_dir and resource.is_top_level): continue - - for detected_license in getattr(resource, 'licenses', []) or []: - if not is_good_license(detected_license): - declared.append('unknown') + for child in resource.walk(codebase): + if key_files_only: + if not child.is_key_file: + continue else: - declared.append(detected_license['key']) - return declared + if child.is_key_file: + continue + for detected_license in getattr(child, field_name, []) or []: + values.append(detected_license) + return values -def is_core_facet(resource, core_facet=facet.FACET_CORE): +def get_license_categories(license_infos): """ - Return True if the resource is in the core facet. - If we do not have facets, everything is considered as being core by default. + Return a list of license category strings from `license_infos` """ - has_facets = hasattr(resource, 'facets') - if not has_facets: - return True - # facets is a list - return not resource.facets or core_facet in resource.facets + license_categories = [] + for license_info in license_infos: + category = license_info.get('category', '') + if category not in license_categories: + license_categories.append(category) + return license_categories -def has_good_licenses(resource): +def check_for_license_texts(declared_licenses): """ - Return True if a Resource licenses are all detected as a "good license" - detection-wise. + Check if any license in `declared_licenses` is from a license text or notice. + + If so, return True. Otherwise, return False. """ - licenses = getattr(resource, 'licenses', []) or [] + for declared_license in declared_licenses: + matched_rule = declared_license.get('matched_rule', {}) + if any([ + matched_rule.get('is_license_text', False), + matched_rule.get('is_license_notice', False), + ]): + return True + return False - if not licenses: - return False - for detected_license in licenses: - # the license score must be above some threshold - if not is_good_license(detected_license): - return False - # and not an "unknown" license - if is_unknown_license(detected_license['key']): - return False - return True +CONFLICTING_LICENSE_CATEGORIES = ( + 'Commercial', + 'Copyleft', + 'Proprietary Free', + 'Source Available', +) -def is_unknown_license(lic_key): - """ - Return True if a license key is for some lesser known or unknown license. +def check_declared_license_categories(declared_licenses): """ - return lic_key.startswith(('unknown', 'other-',)) or 'unknown' in lic_key + Check whether or not if the licenses in `declared_licenses` are permissively + licensed, or compatible with permissive licenses. - -def has_unkown_licenses(resource): - """ - Return True if some Resource licenses are unknown. + If so, return True. Otherwise, return False. """ - return not any(is_unknown_license(lic['key']) - for lic in getattr(resource, 'licenses', []) or []) - -_spdx_keys = None + for category in CONFLICTING_LICENSE_CATEGORIES: + if category in declared_licenses: + return False + return True -def get_spdx_keys(): - """ - Return a set of ScanCode license keys for licenses that are listed in SPDX. +def check_for_conflicting_licenses(other_licenses): """ - global _spdx_keys - if not _spdx_keys: - _spdx_keys = frozenset(models.get_all_spdx_keys(get_licenses_db())) - return _spdx_keys + Check if there is a license in `other_licenses` that conflicts with + permissive licenses. - -def is_using_only_spdx_licenses(codebase): - """ - Return True if all file-level detected licenses are SPDX licenses. + If so, return True. Otherwise, return False. """ - licenses = chain.from_iterable( - res.licenses for res in codebase.walk() if res.is_file) - keys = set(l['key'] for l in licenses) - spdx_keys = get_spdx_keys() - return keys and spdx_keys and all(k in spdx_keys for k in keys) + for license_info in other_licenses: + if ( + license_info.get('category', '') + in CONFLICTING_LICENSE_CATEGORIES + ): + return True + return False -def has_consistent_key_and_file_level_licenses(codebase): - """ - Return True if the file-level licenses are consistent with top level key - files licenses. +def group_license_expressions(unique_license_expressions): """ - key_files_licenses, other_files_licenses = get_unique_licenses(codebase) - - if (key_files_licenses - and key_files_licenses == other_files_licenses - and not any(is_unknown_license(l) for l in key_files_licenses)): - return True - else: - return False + Return a tuple that contains two list of license expressions. + The first list in the tuple contains unique license expressions with "AND", + "OR, or "WITH" in it. -def get_unique_licenses(codebase, good_only=True): + The second list in the tuple contains unique license + expressions without "AND", "OR", or "WITH". """ - Return a tuple of two sets of license keys found in the codebase: - - the set license found in key files - - the set license found in non-key files - - This is only for files in the core facet. - """ - key_license_keys = set() - other_license_keys = set() - - for resource in codebase.walk(): - # FIXME: consider only text, source-like files for now - if not resource.is_file: - continue - if not (resource.is_key_file or is_core_facet(resource)): - # we only cover either core code/core facet or top level, key files - continue - - if resource.is_key_file: - license_keys = key_license_keys + joined_expressions = [] + single_expressions = [] + for license_expression in unique_license_expressions: + if ( + 'AND' in license_expression + or 'OR' in license_expression + or 'WITH' in license_expression + ): + joined_expressions.append(license_expression) else: - license_keys = other_license_keys - - for detected_license in getattr(resource, 'licenses', []) or []: - if good_only and not is_good_license(detected_license): - license_keys.add('unknown') - else: - license_keys.add(detected_license['key']) - - return key_license_keys, other_license_keys - - -def get_detected_license_keys_with_full_text(codebase, key_files_only=False, good_only=True): - """ - Return a set of license keys for which at least one detection includes the - full license text. - - This is for any files in the core facet or not. - """ - license_keys = set() - - for resource in codebase.walk(): - # FIXME: consider only text, source-like files for now - if not resource.is_file: - continue - - if key_files_only and not resource.is_key_file: - continue - - for detected_license in getattr(resource, 'licenses', []) or []: - if good_only and not is_good_license(detected_license): - continue - if detected_license['matched_rule']['is_license_text']: - license_keys.add(detected_license['key']) - - return license_keys + single_expressions.append(license_expression) + licensing = Licensing() + unique_joined_expressions = [] + seen_joined_expression = [] + len_joined_expressions = len(joined_expressions) + for i, j in enumerate(joined_expressions): + starting_index = i + 1 + if starting_index > len_joined_expressions: + break + for j1 in joined_expressions[starting_index:]: + if licensing.is_equivalent(j, j1): + if ( + j not in unique_joined_expressions + and j not in seen_joined_expression + ): + unique_joined_expressions.append(j) + seen_joined_expression.append(j1) -def has_full_text_in_key_files_for_all_licenses(codebase): - """ - Return True if the full text of all licenses is preset in the codebase key, - top level files. - """ - return _has_full_text(codebase, key_files_only=True) + return unique_joined_expressions, single_expressions -def has_full_text_for_all_licenses(codebase): +def check_for_license_ambiguity(declared_license_expressions): """ - Return True if the full text of all licenses is preset in the codebase. - """ - return _has_full_text(codebase, key_files_only=False) - + License ambiguity is the situation where there is a license declaration that makes + it difficult to construct a reliable license expression, such as in the case + of multiple licenses where the conjunctive versus disjunctive relationship + is not well defined. -def _has_full_text(codebase, key_files_only=False): - """ - Return True if the full text of all licenses is preset in the codebase. - Consider only key files if key_files_only is True. + We determine if a list of `declared_license_expressions` has license ambiguity if + we cannot resolve the `declared_license_expressions` into one expression. """ - - # consider all licenses, not only good ones - key_files_licenses, other_files_licenses = get_unique_licenses( - codebase, good_only=False) - - if TRACE: - logger_debug( - '_has_full_text: key_files_licenses:', key_files_licenses, - 'other_files_licenses:', other_files_licenses) - - all_keys = key_files_licenses | other_files_licenses - if not all_keys: + unique_declared_license_expressions = set(declared_license_expressions) + # If we only have a single unique license expression, then we do not have + # any ambiguity about the licensing + if len(unique_declared_license_expressions) == 1: return False - if TRACE: - logger_debug( - '_has_full_text: all_keys:', all_keys) - - keys_with_license_text = get_detected_license_keys_with_full_text( - codebase, key_files_only, good_only=False) - - if TRACE: - logger_debug( - '_has_full_text: keys_with_license_text:', keys_with_license_text) - logger_debug( - '_has_full_text: all_keys == keys_with_license_text:', - all_keys == keys_with_license_text) - - return all_keys == keys_with_license_text - - -def get_file_level_license_and_copyright_coverage(codebase): - """ - Return a float between 0 and 1 that represent the proportions of files that - have a license and a copyright vs. all files. - """ - scoring_element = 0 - covered_files, files_count = get_other_licenses_and_copyrights_counts(codebase) - - if TRACE: - logger_debug('compute_license_score:covered_files:', - covered_files, 'files_count:', files_count) - - if files_count: - # avoid floats for zero - scoring_element = (covered_files / files_count) or 0 - - if TRACE: - logger_debug('compute_license_score:scoring_element:', scoring_element) - - return scoring_element - - -def get_other_licenses_and_copyrights_counts(codebase): - """ - Return a tuple of (count of files with a license/copyright, total count of - files). - - Do files that can contain licensing and copyright information reliably carry - such information? This is based on a percentage of files in the core facet - of the project that have both: - - - A license text, notice or an SPDX-License-Identifier and, - - A copyright statement in standard (e.g. recognized) format. - - Here "reliably" means that these are reliably detected by tool(s) with a - high level of confidence This is a progressive element that is computed - based on: - - - LICCOP: the number of files with a license notice and copyright statement - - TOT: the total number of files - - """ - total_files_count = 0 - files_with_good_license_and_copyright_count = 0 - files_with_a_license_count = 0 - files_with_a_good_license_count = 0 - files_with_a_copyright_count = 0 - - for resource in codebase.walk(): - # consider non-key files - if resource.is_key_file or not resource.is_file: - continue - - # ... in the core facet - if not is_core_facet(resource): - continue - - total_files_count += 1 - - licenses = getattr(resource, 'licenses', []) or [] - # ... with a license - if licenses: - files_with_a_license_count += 1 - - is_public_domain = [l['key'] for l in licenses] == 'public-domain' - - copyrights = getattr(resource, 'copyrights', []) or [] - - # ... with a copyright, unless public-domain - if copyrights or (not copyrights and is_public_domain): - files_with_a_copyright_count += 1 - - # ... where the license is a "good one" - if has_good_licenses(resource): - files_with_a_good_license_count += 1 - if copyrights: - files_with_good_license_and_copyright_count += 1 - - return files_with_good_license_and_copyright_count, total_files_count - - -@attr.s -class ScoringElement(object): - is_binary = attr.ib() - name = attr.ib() - scorer = attr.ib() - weight = attr.ib() - - -declared = ScoringElement( - is_binary=True, - name='declared', - scorer=get_declared_license_keys, - weight=30) - - -discovered = ScoringElement( - is_binary=False, - name='discovered', - scorer=get_file_level_license_and_copyright_coverage, - weight=25) - - -consistency = ScoringElement( - is_binary=True, - name='consistency', - scorer=has_consistent_key_and_file_level_licenses, - weight=15) - - -spdx_license = ScoringElement( - is_binary=True, - name='spdx', - scorer=is_using_only_spdx_licenses, - weight=15) - - -full_text = ScoringElement( - is_binary=True, - name='license_texts', - scorer=has_full_text_for_all_licenses, - weight=15) - - -# not used for now -unknown = ScoringElement( - is_binary=True, - name='unknown', - scorer=has_unkown_licenses, - weight=15) - + unique_joined_expressions, single_expressions = group_license_expressions( + unique_declared_license_expressions + ) -# not used for now -full_text_in_key_files = ScoringElement( - is_binary=True, - name='license_text_in_key_files', - scorer=has_full_text_in_key_files_for_all_licenses, - weight=15) + if not unique_joined_expressions: + # If we do not have any joined expressions, but multiple single + # expressions remaining, then we have license ambiguity + if len(single_expressions) > 1: + return True + else: + return False + # Group single expressions to joined expressions to see if single + # expressions are accounted for in a joined expression + single_expressions_by_joined_expressions = { + joined_expression: [] + for joined_expression + in unique_joined_expressions + } + not_in_joined_expressions = [] + # Check to see if the single expression is in the joined expression + for joined_expression in unique_joined_expressions: + for expression in single_expressions: + if expression not in joined_expression: + not_in_joined_expressions.append(expression) + else: + single_expressions_by_joined_expressions[joined_expression].append(expression) -SCORING_ELEMENTS = [ - declared, - discovered, - consistency, - spdx_license, - full_text -] + # If we have a single joined license expression and no license expressions + # that have not been associated with a joined license expression, then we do + # not have any ambiguity about the license + if len(single_expressions_by_joined_expressions) == 1 and not not_in_joined_expressions: + return False + else: + return True diff --git a/src/summarycode/score2.py b/src/summarycode/score2.py deleted file mode 100644 index 59ca3571d83..00000000000 --- a/src/summarycode/score2.py +++ /dev/null @@ -1,406 +0,0 @@ -# -# Copyright (c) nexB Inc. and others. All rights reserved. -# ScanCode is a trademark of nexB Inc. -# SPDX-License-Identifier: Apache-2.0 -# See http://www.apache.org/licenses/LICENSE-2.0 for the license text. -# See https://github.com/nexB/scancode-toolkit for support or download. -# See https://aboutcode.org for more information about nexB OSS projects. -# - -import attr - -from commoncode.datautils import Mapping -from plugincode.post_scan import PostScanPlugin -from plugincode.post_scan import post_scan_impl -from commoncode.cliutils import PluggableCommandLineOption -from commoncode.cliutils import POST_SCAN_GROUP - -from license_expression import Licensing - - -# Tracing flags -TRACE = False - - -def logger_debug(*args): - pass - - -if TRACE: - import logging - import sys - - logger = logging.getLogger(__name__) - logging.basicConfig(stream=sys.stdout) - logger.setLevel(logging.DEBUG) - - def logger_debug(*args): - return logger.debug(' '.join(isinstance(a, str) and a or repr(a) for a in args)) - - -""" -A plugin to compute a licensing clarity score as designed in ClearlyDefined -""" - - -@post_scan_impl -class LicenseClarityScore2(PostScanPlugin): - """ - Compute a License clarity score at the codebase level. - """ - codebase_attributes = dict(license_clarity_score=Mapping( - help='Computed license clarity score as mapping containing the score ' - 'proper and each scoring elements.')) - - sort_order = 110 - - options = [ - PluggableCommandLineOption(('--license-clarity-score-2',), - is_flag=True, - default=False, - help='Compute a summary license clarity score at the codebase level.', - help_group=POST_SCAN_GROUP, - required_options=[ - 'classify', - ], - ) - ] - - def is_enabled(self, license_clarity_score_2, **kwargs): - return license_clarity_score_2 - - def process_codebase(self, codebase, license_clarity_score_2, **kwargs): - if TRACE: - logger_debug('LicenseClarityScore2:process_codebase') - scoring_elements = compute_license_score(codebase) - codebase.attributes.license_clarity_score.update(scoring_elements) - - -def compute_license_score(codebase): - """ - Return a mapping of scoring elements and a license clarity score computed at - the codebase level. - """ - - scoring_elements = ScoringElements() - declared_licenses = get_field_values_from_codebase_resources(codebase, 'licenses', key_files_only=True) - declared_license_expressions = get_field_values_from_codebase_resources(codebase, 'license_expressions', key_files_only=True) - declared_license_categories = get_license_categories(declared_licenses) - copyrights = get_field_values_from_codebase_resources(codebase, 'copyrights', key_files_only=True) - other_licenses = get_field_values_from_codebase_resources(codebase, 'licenses', key_files_only=False) - - scoring_elements.declared_license = bool(declared_licenses) - if scoring_elements.declared_license: - scoring_elements.score += 40 - - scoring_elements.precise_license_detection = check_declared_licenses(declared_licenses) - if scoring_elements.precise_license_detection: - scoring_elements.score += 40 - - scoring_elements.has_license_text = check_for_license_texts(declared_licenses) - if scoring_elements.has_license_text: - scoring_elements.score += 10 - - scoring_elements.declared_copyrights = bool(copyrights) - if scoring_elements.declared_copyrights: - scoring_elements.score += 10 - - is_permissively_licensed = check_declared_license_categories(declared_license_categories) - if is_permissively_licensed: - scoring_elements.conflicting_license_categories = check_for_conflicting_licenses(other_licenses) - if ( - scoring_elements.conflicting_license_categories - and scoring_elements.score > 0 - ): - scoring_elements.score -= 20 - - scoring_elements.ambigous_compound_licensing = check_for_license_ambiguity(declared_license_expressions) - if ( - scoring_elements.ambigous_compound_licensing - and scoring_elements.score > 0 - ): - scoring_elements.score -= 10 - - return scoring_elements.to_dict() - - -@attr.s() -class ScoringElements: - score = attr.ib(default=0) - declared_license = attr.ib(default=False) - precise_license_detection = attr.ib(default=False) - has_license_text = attr.ib(default=False) - declared_copyrights = attr.ib(default=False) - conflicting_license_categories = attr.ib(default=False) - ambigous_compound_licensing = attr.ib(default=False) - - def to_dict(self): - return { - 'score': self.score, - 'declared_license': self.declared_license, - 'precise_license_detection': self.precise_license_detection, - 'has_license_text': self.has_license_text, - 'declared_copyrights': self.declared_copyrights, - 'conflicting_license_categories': self.conflicting_license_categories, - 'ambigous_compound_licensing': self.ambigous_compound_licensing - } - - -# minimum score to consider a license detection as good. - -# MIN_GOOD_LICENSE_SCORE = 80 - - -@attr.s(slots=True) -class LicenseFilter(object): - min_score = attr.ib(default=0) - min_coverage = attr.ib(default=0) - min_relevance = attr.ib(default=0) - - -FILTERS = dict( - is_license_text=LicenseFilter(min_score=70, min_coverage=80), - is_license_notice=LicenseFilter(min_score=80, min_coverage=80), - is_license_tag=LicenseFilter(min_coverage=100), - is_license_reference=LicenseFilter(min_score=50, min_coverage=100), - is_license_intro=LicenseFilter(min_score=100, min_coverage=100), -) - - -def is_good_license(detected_license): - """ - Return True if a `detected license` mapping is consider to a high quality - conclusive match. - """ - score = detected_license['score'] - rule = detected_license['matched_rule'] - coverage = rule.get('match_coverage') or 0 - relevance = rule.get('rule_relevance') or 0 - match_types = dict([ - ('is_license_text', rule['is_license_text']), - ('is_license_notice', rule['is_license_notice']), - ('is_license_reference', rule['is_license_reference']), - ('is_license_tag', rule['is_license_tag']), - ('is_license_intro', rule['is_license_intro']), - ]) - matched = False - for match_type, mval in match_types.items(): - if mval: - matched = True - break - if not matched: - return False - - thresholds = FILTERS[match_type] - - if not coverage or not relevance: - if score >= thresholds.min_score: - return True - else: - if (score >= thresholds.min_score - and coverage >= thresholds.min_coverage - and relevance >= thresholds.min_relevance): - return True - - return False - - -def get_field_values_from_codebase_resources(codebase, field_name, key_files_only=False): - """ - Return a list of values from the `field_name` field of the Resources from - `codebase` - - If `key_files_only` is True, then we only return the field values from - Resources classified as key files. - - If `key_files_only` is False, then we return the field values from Resources - that are not classified as key files. - """ - values = [] - for resource in codebase.walk(topdown=True): - if not (resource.is_dir and resource.is_top_level): - continue - for child in resource.walk(codebase): - if key_files_only: - if not child.is_key_file: - continue - else: - if child.is_key_file: - continue - for detected_license in getattr(child, field_name, []) or []: - values.append(detected_license) - return values - - -def get_license_categories(license_infos): - """ - Return a list of license category strings from `license_infos` - """ - license_categories = [] - for license_info in license_infos: - category = license_info.get('category', '') - if category not in license_categories: - license_categories.append(category) - return license_categories - - -def check_for_license_texts(declared_licenses): - """ - Check if any license in `declared_licenses` is from a license text or notice. - - If so, return True. Otherwise, return False. - """ - for declared_license in declared_licenses: - matched_rule = declared_license.get('matched_rule', {}) - if any([ - matched_rule.get('is_license_text', False), - matched_rule.get('is_license_notice', False), - ]): - return True - return False - - -def check_declared_licenses(declared_licenses): - """ - Check if at least one of the licenses in `declared_licenses` is good. - - If so, return True. Otherwise, return False. - """ - return any( - is_good_license(declared_license) - for declared_license - in declared_licenses - ) - - -CONFLICTING_LICENSE_CATEGORIES = ( - 'Commercial', - 'Copyleft', - 'Proprietary Free', - 'Source Available', -) - - -def check_declared_license_categories(declared_licenses): - """ - Check whether or not if the licenses in `declared_licenses` are permissively - licensed, or compatible with permissive licenses. - - If so, return True. Otherwise, return False. - """ - - for category in CONFLICTING_LICENSE_CATEGORIES: - if category in declared_licenses: - return False - return True - - -def check_for_conflicting_licenses(other_licenses): - """ - Check if there is a license in `other_licenses` that conflicts with - permissive licenses. - - If so, return True. Otherwise, return False. - """ - for license_info in other_licenses: - if ( - license_info.get('category', '') - in CONFLICTING_LICENSE_CATEGORIES - ): - return True - return False - - -def group_license_expressions(unique_license_expressions): - """ - Return a tuple that contains two list of license expressions. - - The first list in the tuple contains unique license expressions with "AND", - "OR, or "WITH" in it. - - The second list in the tuple contains unique license - expressions without "AND", "OR", or "WITH". - """ - joined_expressions = [] - single_expressions = [] - for license_expression in unique_license_expressions: - if ( - 'AND' in license_expression - or 'OR' in license_expression - or 'WITH' in license_expression - ): - joined_expressions.append(license_expression) - else: - single_expressions.append(license_expression) - - licensing = Licensing() - unique_joined_expressions = [] - seen_joined_expression = [] - len_joined_expressions = len(joined_expressions) - for i, j in enumerate(joined_expressions): - starting_index = i + 1 - if starting_index > len_joined_expressions: - break - for j1 in joined_expressions[starting_index:]: - if licensing.is_equivalent(j, j1): - if ( - j not in unique_joined_expressions - and j not in seen_joined_expression - ): - unique_joined_expressions.append(j) - seen_joined_expression.append(j1) - - return unique_joined_expressions, single_expressions - - -def check_for_license_ambiguity(declared_license_expressions): - """ - License ambiguity is the situation where there is a license declaration that makes - it difficult to construct a reliable license expression, such as in the case - of multiple licenses where the conjunctive versus disjunctive relationship - is not well defined. - - We determine if a list of `declared_license_expressions` has license ambiguity if - we cannot resolve the `declared_license_expressions` into one expression. - """ - unique_declared_license_expressions = set(declared_license_expressions) - # If we only have a single unique license expression, then we do not have - # any ambiguity about the licensing - if len(unique_declared_license_expressions) == 1: - return False - - unique_joined_expressions, single_expressions = group_license_expressions( - unique_declared_license_expressions - ) - - if not unique_joined_expressions: - # If we do not have any joined expressions, but multiple single - # expressions remaining, then we have license ambiguity - if len(single_expressions) > 1: - return True - else: - return False - - # Group single expressions to joined expressions to see if single - # expressions are accounted for in a joined expression - single_expressions_by_joined_expressions = { - joined_expression: [] - for joined_expression - in unique_joined_expressions - } - not_in_joined_expressions = [] - # Check to see if the single expression is in the joined expression - for joined_expression in unique_joined_expressions: - for expression in single_expressions: - if expression not in joined_expression: - not_in_joined_expressions.append(expression) - else: - single_expressions_by_joined_expressions[joined_expression].append(expression) - - # If we have a single joined license expression and no license expressions - # that have not been associated with a joined license expression, then we do - # not have any ambiguity about the license - if len(single_expressions_by_joined_expressions) == 1 and not not_in_joined_expressions: - return False - else: - return True diff --git a/tests/scancode/data/help/help.txt b/tests/scancode/data/help/help.txt index ae661b46996..350d7b25f62 100644 --- a/tests/scancode/data/help/help.txt +++ b/tests/scancode/data/help/help.txt @@ -89,45 +89,41 @@ Options: . post-scan: - --consolidate Group resources by Packages or license and - copyright holder and return those groupings as a - list of consolidated packages and a list of - consolidated components. This requires the scan to - have/be run with the copyright, license, and - package options active - --filter-clues Filter redundant duplicated clues already contained - in detected license and copyright texts and - notices. - --is-license-text Set the "is_license_text" flag to true for files - that contain mostly license texts and notices (e.g - over 90% of the content).[DEPRECATED] this is now - built-in in the --license-text option with a - "percentage_of_license_text" attribute. - --license-clarity-score Compute a summary license clarity score at the - codebase level. - --license-clarity-score-2 Compute a summary license clarity score at the - codebase level. - --license-policy FILE Load a License Policy file and apply it to the scan - at the Resource level. - --licenses-reference Include a reference of all the licenses referenced - in this scan with the data details and full texts. - --mark-source Set the "is_source" to true for directories that - contain over 90% of source files as children and - descendants. Count the number of source files in a - directory as a new source_file_counts attribute - --summary Summarize license, copyright and other scans at the - codebase level. - --summary-by-facet Summarize license, copyright and other scans and - group the results by facet. - --summary-key-files Summarize license, copyright and other scans for - key, top-level files. Key files are top-level - codebase files such as COPYING, README and package - manifests as reported by the --classify option - "is_legal", "is_readme", "is_manifest" and - "is_top_level" flags. - --summary-with-details Summarize license, copyright and other scans at the - codebase level, keeping intermediate details at the - file and directory level. + --consolidate Group resources by Packages or license and copyright + holder and return those groupings as a list of + consolidated packages and a list of consolidated + components. This requires the scan to have/be run + with the copyright, license, and package options + active + --filter-clues Filter redundant duplicated clues already contained + in detected license and copyright texts and notices. + --is-license-text Set the "is_license_text" flag to true for files that + contain mostly license texts and notices (e.g over + 90% of the content).[DEPRECATED] this is now built-in + in the --license-text option with a + "percentage_of_license_text" attribute. + --license-clarity-score Compute a summary license clarity score at the + codebase level. + --license-policy FILE Load a License Policy file and apply it to the scan + at the Resource level. + --licenses-reference Include a reference of all the licenses referenced in + this scan with the data details and full texts. + --mark-source Set the "is_source" to true for directories that + contain over 90% of source files as children and + descendants. Count the number of source files in a + directory as a new source_file_counts attribute + --summary Summarize license, copyright and other scans at the + codebase level. + --summary-by-facet Summarize license, copyright and other scans and + group the results by facet. + --summary-key-files Summarize license, copyright and other scans for key, + top-level files. Key files are top-level codebase + files such as COPYING, README and package manifests + as reported by the --classify option "is_legal", + "is_readme", "is_manifest" and "is_top_level" flags. + --summary-with-details Summarize license, copyright and other scans at the + codebase level, keeping intermediate details at the + file and directory level. core: --timeout Stop an unfinished file scan after a timeout in diff --git a/tests/summarycode/data/score/basic-expected.json b/tests/summarycode/data/score/basic-expected.json index 5be65aa30d3..4f0829e0faa 100644 --- a/tests/summarycode/data/score/basic-expected.json +++ b/tests/summarycode/data/score/basic-expected.json @@ -12,22 +12,23 @@ "--license-clarity-score": true }, "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "1.0.0", + "output_format_version": "2.0.0", "message": null, "errors": [], "extra_data": { - "spdx_license_list_version": "3.14", - "files_count": 3 + "spdx_license_list_version": "3.16", + "files_count": 5 } } ], "license_clarity_score": { - "score": 85, - "declared": true, - "discovered": 1.0, - "consistency": true, - "spdx": false, - "license_texts": true + "score": 90, + "declared_license": true, + "precise_license_detection": true, + "has_license_text": true, + "declared_copyrights": true, + "conflicting_license_categories": false, + "ambigous_compound_licensing": true }, "files": [ { @@ -60,9 +61,120 @@ "is_readme": false, "is_top_level": true, "is_key_file": false, - "files_count": 3, + "files_count": 5, "dirs_count": 0, - "size_count": 4258, + "size_count": 4438, + "scan_errors": [] + }, + { + "path": "basic/Issues 9.desktop", + "type": "file", + "name": "Issues 9.desktop", + "base_name": "Issues 9", + "extension": ".desktop", + "size": 130, + "sha1": "a5c1c14a04a772ece820f5102547829f9e2825dc", + "md5": "0f4c458da9a63962580f062196ebe50d", + "sha256": "023132bf8f1bfa519790fd56a0bc2fa2c7a771f6390f04deee529def68e6c161", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "basic/Licence: public-.txt", + "type": "file", + "name": "Licence: public-.txt", + "base_name": "Licence: public-", + "extension": ".txt", + "size": 22, + "sha1": "ef7a232ef046ed4b960e40c958098b6c5b0f9153", + "md5": "c32a80bc1cd5e03ddd219f1002af830c", + "sha256": "b1ce3d34a2f0c7f07d6f6e6b6ae8d8cd2b0bd41d3229d184ad334e637e1dd82f", + "mime_type": "text/plain", + "file_type": "ASCII text, with no line terminators", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [ + { + "key": "public-domain", + "score": 70.0, + "name": "Public Domain", + "short_name": "Public Domain", + "category": "Public Domain", + "is_exception": false, + "is_unknown": false, + "owner": "Unspecified", + "homepage_url": "http://www.linfo.org/publicdomain.html", + "text_url": "", + "reference_url": "https://scancode-licensedb.aboutcode.org/public-domain", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/public-domain.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/public-domain.yml", + "spdx_license_key": "LicenseRef-scancode-public-domain", + "spdx_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/public-domain.LICENSE", + "start_line": 1, + "end_line": 1, + "matched_rule": { + "identifier": "public-domain_bare_words.RULE", + "license_expression": "public-domain", + "licenses": [ + "public-domain" + ], + "referenced_filenames": [], + "is_license_text": false, + "is_license_notice": false, + "is_license_reference": true, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 2, + "matched_length": 2, + "match_coverage": 100.0, + "rule_relevance": 70 + } + } + ], + "license_expressions": [ + "public-domain" + ], + "percentage_of_license_text": 66.67, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": true, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, "scan_errors": [] }, { @@ -71,10 +183,10 @@ "name": "README.md", "base_name": "README", "extension": ".md", - "size": 1320, - "sha1": "00f197776bbbca2726c6f1ccf258b6f08e6d3455", - "md5": "c284e8c75f00df967ea1c26065937335", - "sha256": "632d6c3d76c21bcf0dc6a7042caf29606cc604d9d20812787ea6dd193498d474", + "size": 1348, + "sha1": "f4399249b905c17338eb06776a7205d6f643d396", + "md5": "d897358d498fd2dbb1efedfa297fc0f3", + "sha256": "63940bc96c0feeef3b22b96d7d6a4873cdb7f12151ce3362967afdc7f8ec6698", "mime_type": "text/plain", "file_type": "ASCII text", "programming_language": null, @@ -101,8 +213,8 @@ "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", "spdx_license_key": "MIT", "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 19, - "end_line": 36, + "start_line": 20, + "end_line": 37, "matched_rule": { "identifier": "mit.LICENSE", "license_expression": "mit", @@ -127,9 +239,21 @@ "license_expressions": [ "mit" ], - "percentage_of_license_text": 80.9, - "copyrights": [], - "holders": [], + "percentage_of_license_text": 79.31, + "copyrights": [ + { + "copyright": "Copyright (c) Example, Inc.", + "start_line": 18, + "end_line": 18 + } + ], + "holders": [ + { + "holder": "Example, Inc.", + "start_line": 18, + "end_line": 18 + } + ], "authors": [], "is_legal": false, "is_manifest": false, diff --git a/tests/summarycode/data/score/basic/README.md b/tests/summarycode/data/score/basic/README.md index 55f0759acfe..f006181c3c3 100644 --- a/tests/summarycode/data/score/basic/README.md +++ b/tests/summarycode/data/score/basic/README.md @@ -15,6 +15,7 @@ module.exports = { }; ``` +Copyright (c) Example, Inc. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the diff --git a/tests/summarycode/data/score/consistent_licenses-expected.json b/tests/summarycode/data/score/consistent_licenses-expected.json deleted file mode 100644 index 7a1b4c4d3e0..00000000000 --- a/tests/summarycode/data/score/consistent_licenses-expected.json +++ /dev/null @@ -1,297 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "1.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.14", - "files_count": 3 - } - } - ], - "license_clarity_score": { - "score": 45, - "declared": true, - "discovered": 0, - "consistency": true, - "spdx": false, - "license_texts": false - }, - "files": [ - { - "path": "consistent_licenses", - "type": "directory", - "name": "consistent_licenses", - "base_name": "consistent_licenses", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 3, - "dirs_count": 1, - "size_count": 1156, - "scan_errors": [] - }, - { - "path": "consistent_licenses/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 295, - "sha1": "7d770c5ffdcf659c944a670225ab43db9f33d4a8", - "md5": "4b8955afbb3a8aa01933e99e331e4acf", - "sha256": "aac3e1032f4dffd347854cbe37d559223f2d61173caa649ca7cd0cfb11987334", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "consistent_licenses/package.json", - "type": "file", - "name": "package.json", - "base_name": "package", - "extension": ".json", - "size": 829, - "sha1": "003103b742ebfb1e76e80d9fc05ab0b3046f2ab6", - "md5": "bd8911e2d8af0caa689f76b9975761fd", - "sha256": "d27968b827780212a965387f5ec3421ee59a0bf9166847629db0e716e6d2d9c3", - "mime_type": "application/json", - "file_type": "JSON data", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 7, - "end_line": 7, - "matched_rule": { - "identifier": "mit_30.RULE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 2, - "matched_length": 2, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 1.83, - "copyrights": [], - "holders": [], - "authors": [ - { - "author": "Alexander Plavinski ", - "start_line": 6, - "end_line": 6 - } - ], - "is_legal": false, - "is_manifest": true, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "consistent_licenses/src", - "type": "directory", - "name": "src", - "base_name": "src", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 1, - "dirs_count": 0, - "size_count": 32, - "scan_errors": [] - }, - { - "path": "consistent_licenses/src/index.js", - "type": "file", - "name": "index.js", - "base_name": "index", - "extension": ".js", - "size": 32, - "sha1": "4c9f2b0ba719d3e0d974753e4b6c828d6dfd2283", - "md5": "6ec41034e04432ee375d0e14fba596f4", - "sha256": "c1512f9bcc19ce05be1741085084b648444bc083e073abb0d227694d9da7b945", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 1, - "end_line": 1, - "matched_rule": { - "identifier": "spdx-license-identifier: mit", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "1-spdx-id", - "rule_length": 4, - "matched_length": 4, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 100.0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file diff --git a/tests/summarycode/data/score/consistent_licenses/src/index.js b/tests/summarycode/data/score/consistent_licenses/src/index.js deleted file mode 100644 index 8096cb46020..00000000000 --- a/tests/summarycode/data/score/consistent_licenses/src/index.js +++ /dev/null @@ -1 +0,0 @@ -// SPDX-License-Identifier: MIT diff --git a/tests/summarycode/data/score/consistent_licenses_not-expected.json b/tests/summarycode/data/score/consistent_licenses_not-expected.json deleted file mode 100644 index 828488cf578..00000000000 --- a/tests/summarycode/data/score/consistent_licenses_not-expected.json +++ /dev/null @@ -1,297 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "1.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.14", - "files_count": 3 - } - } - ], - "license_clarity_score": { - "score": 30, - "declared": true, - "discovered": 0, - "consistency": false, - "spdx": false, - "license_texts": false - }, - "files": [ - { - "path": "consistent_licenses_not", - "type": "directory", - "name": "consistent_licenses_not", - "base_name": "consistent_licenses_not", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 3, - "dirs_count": 1, - "size_count": 1163, - "scan_errors": [] - }, - { - "path": "consistent_licenses_not/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 295, - "sha1": "7d770c5ffdcf659c944a670225ab43db9f33d4a8", - "md5": "4b8955afbb3a8aa01933e99e331e4acf", - "sha256": "aac3e1032f4dffd347854cbe37d559223f2d61173caa649ca7cd0cfb11987334", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "consistent_licenses_not/package.json", - "type": "file", - "name": "package.json", - "base_name": "package", - "extension": ".json", - "size": 829, - "sha1": "003103b742ebfb1e76e80d9fc05ab0b3046f2ab6", - "md5": "bd8911e2d8af0caa689f76b9975761fd", - "sha256": "d27968b827780212a965387f5ec3421ee59a0bf9166847629db0e716e6d2d9c3", - "mime_type": "application/json", - "file_type": "JSON data", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 7, - "end_line": 7, - "matched_rule": { - "identifier": "mit_30.RULE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 2, - "matched_length": 2, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 1.83, - "copyrights": [], - "holders": [], - "authors": [ - { - "author": "Alexander Plavinski ", - "start_line": 6, - "end_line": 6 - } - ], - "is_legal": false, - "is_manifest": true, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "consistent_licenses_not/src", - "type": "directory", - "name": "src", - "base_name": "src", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 1, - "dirs_count": 0, - "size_count": 39, - "scan_errors": [] - }, - { - "path": "consistent_licenses_not/src/index.js", - "type": "file", - "name": "index.js", - "base_name": "index", - "extension": ".js", - "size": 39, - "sha1": "783b61aa72c2dbc2e0406395dc4a0db19dbe9aa5", - "md5": "4f8ec6e05e980b2ef6a75510c6499cca", - "sha256": "b02ce10b776f9492e663946a0ee7eaee0d58b4784080c655e4209c8260180085", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [ - { - "key": "apache-2.0", - "score": 100.0, - "name": "Apache License 2.0", - "short_name": "Apache 2.0", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "Apache Software Foundation", - "homepage_url": "http://www.apache.org/licenses/", - "text_url": "http://www.apache.org/licenses/LICENSE-2.0", - "reference_url": "https://scancode-licensedb.aboutcode.org/apache-2.0", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.yml", - "spdx_license_key": "Apache-2.0", - "spdx_url": "https://spdx.org/licenses/Apache-2.0", - "start_line": 1, - "end_line": 1, - "matched_rule": { - "identifier": "spdx-license-identifier: apache-2.0", - "license_expression": "apache-2.0", - "licenses": [ - "apache-2.0" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "1-spdx-id", - "rule_length": 6, - "matched_length": 6, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "apache-2.0" - ], - "percentage_of_license_text": 100.0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file diff --git a/tests/summarycode/data/score/consistent_licenses_not/README.md b/tests/summarycode/data/score/consistent_licenses_not/README.md deleted file mode 100644 index 5609113f254..00000000000 --- a/tests/summarycode/data/score/consistent_licenses_not/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# @invisionag/eslint-config-ivx - -# Usage - -Install the peer dependencies as development dependencies: -- `eslint^3.19.0` -- `prettier^1.5.2` - -Install `@invisionag/eslint-config-ivx` as a development dependency. - -In your `.eslintrc.js`: -```js -module.exports = { - extends: '@invisionag/ivx', -}; -``` diff --git a/tests/summarycode/data/score/consistent_licenses_not/src/index.js b/tests/summarycode/data/score/consistent_licenses_not/src/index.js deleted file mode 100644 index cdc649ac064..00000000000 --- a/tests/summarycode/data/score/consistent_licenses_not/src/index.js +++ /dev/null @@ -1 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 diff --git a/tests/summarycode/data/score/consistent_licenses_not_spdx-expected.json b/tests/summarycode/data/score/consistent_licenses_not_spdx-expected.json deleted file mode 100644 index 962efaac16b..00000000000 --- a/tests/summarycode/data/score/consistent_licenses_not_spdx-expected.json +++ /dev/null @@ -1,297 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "1.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.14", - "files_count": 3 - } - } - ], - "license_clarity_score": { - "score": 60, - "declared": true, - "discovered": 0, - "consistency": true, - "spdx": false, - "license_texts": true - }, - "files": [ - { - "path": "consistent_licenses_not_spdx", - "type": "directory", - "name": "consistent_licenses_not_spdx", - "base_name": "consistent_licenses_not_spdx", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 3, - "dirs_count": 1, - "size_count": 2150, - "scan_errors": [] - }, - { - "path": "consistent_licenses_not_spdx/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 818, - "sha1": "e09dc519fe47e80fe5a979ff3fca08fc54bbf2a0", - "md5": "c757317fb2353180b339900b4b3d65f0", - "sha256": "a61b799b62ce733dd0c7414898b0df22b06ec918453d66b793db19c61d3b8ebe", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit-xfig", - "score": 90.0, - "name": "MIT Xfig Variant", - "short_name": "MIT Xfig Variant", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "Xfig Project", - "homepage_url": "http://www.xfig.org", - "text_url": "", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit-xfig", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit-xfig.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit-xfig.yml", - "spdx_license_key": "LicenseRef-scancode-mit-xfig", - "spdx_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit-xfig.LICENSE", - "start_line": 17, - "end_line": 24, - "matched_rule": { - "identifier": "mit-xfig_1.RULE", - "license_expression": "mit-xfig", - "licenses": [ - "mit-xfig" - ], - "referenced_filenames": [], - "is_license_text": true, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": false, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 81, - "matched_length": 81, - "match_coverage": 100.0, - "rule_relevance": 90 - } - } - ], - "license_expressions": [ - "mit-xfig" - ], - "percentage_of_license_text": 68.07, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "consistent_licenses_not_spdx/package.json", - "type": "file", - "name": "package.json", - "base_name": "package", - "extension": ".json", - "size": 809, - "sha1": "c07fce758705b949299768f7a404a51ce31ead7a", - "md5": "6670be3f86bde3893f575303b9b33b24", - "sha256": "77891e545535e7cd9b8de9eb9633d60083e17a4120c2edb5181cef3abd906c9f", - "mime_type": "application/json", - "file_type": "JSON data", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [ - { - "author": "Alexander Plavinski ", - "start_line": 6, - "end_line": 6 - } - ], - "is_legal": false, - "is_manifest": true, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "consistent_licenses_not_spdx/src", - "type": "directory", - "name": "src", - "base_name": "src", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 1, - "dirs_count": 0, - "size_count": 523, - "scan_errors": [] - }, - { - "path": "consistent_licenses_not_spdx/src/index.js", - "type": "file", - "name": "index.js", - "base_name": "index", - "extension": ".js", - "size": 523, - "sha1": "c4f9a6573aec2765d3047b1c35018906b1878829", - "md5": "647e0d4966b3e27d15f56d6e7dcfab78", - "sha256": "713b3e0034f7309091510a5025a68720fd48a51b97c581fb1061514c205e2a7b", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [ - { - "key": "mit-xfig", - "score": 90.0, - "name": "MIT Xfig Variant", - "short_name": "MIT Xfig Variant", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "Xfig Project", - "homepage_url": "http://www.xfig.org", - "text_url": "", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit-xfig", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit-xfig.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit-xfig.yml", - "spdx_license_key": "LicenseRef-scancode-mit-xfig", - "spdx_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit-xfig.LICENSE", - "start_line": 1, - "end_line": 8, - "matched_rule": { - "identifier": "mit-xfig_1.RULE", - "license_expression": "mit-xfig", - "licenses": [ - "mit-xfig" - ], - "referenced_filenames": [], - "is_license_text": true, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": false, - "is_license_intro": false, - "has_unknown": false, - "matcher": "1-hash", - "rule_length": 81, - "matched_length": 81, - "match_coverage": 100.0, - "rule_relevance": 90 - } - } - ], - "license_expressions": [ - "mit-xfig" - ], - "percentage_of_license_text": 100.0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file diff --git a/tests/summarycode/data/score/consistent_licenses_not_spdx/README.md b/tests/summarycode/data/score/consistent_licenses_not_spdx/README.md deleted file mode 100644 index 3c77f85f71c..00000000000 --- a/tests/summarycode/data/score/consistent_licenses_not_spdx/README.md +++ /dev/null @@ -1,24 +0,0 @@ -# @invisionag/eslint-config-ivx - -# Usage - -Install the peer dependencies as development dependencies: -- `eslint^3.19.0` -- `prettier^1.5.2` - -Install `@invisionag/eslint-config-ivx` as a development dependency. - -In your `.eslintrc.js`: -```js -module.exports = { - extends: '@invisionag/ivx', -}; -``` -Any party obtaining a copy of these files is granted, free of charge, a -full and unrestricted irrevocable, world-wide, paid up, royalty-free, -nonexclusive right and license to deal in this software and -documentation files (the "Software"), including without limitation the -rights to use, copy, modify, merge, publish, distribute, sublicense, and/or -sell copies of the Software, and to permit persons who receive copies -from any such party to do so, with the only requirement being that this -copyright notice remain intact. diff --git a/tests/summarycode/data/score/consistent_licenses_not_spdx/package.json b/tests/summarycode/data/score/consistent_licenses_not_spdx/package.json deleted file mode 100644 index 000d0fd9f00..00000000000 --- a/tests/summarycode/data/score/consistent_licenses_not_spdx/package.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "name": "@invisionag/eslint-config-ivx", - "version": "0.0.10", - "main": "index.js", - "repository": "https://github.com/ivx/eslint-config-ivx.git", - "author": "Alexander Plavinski ", - "scripts": { - "test": "eslint ." - }, - "peerDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - }, - "dependencies": { - "babel-eslint": "^7.2.3", - "eslint-config-airbnb": "^15.1.0", - "eslint-config-prettier": "^2.3.0", - "eslint-plugin-flowtype": "^2.34.1", - "eslint-plugin-import": "^2.6.1", - "eslint-plugin-jsx-a11y": "^5.1.1", - "eslint-plugin-prettier": "^2.2.0", - "eslint-plugin-react": "^7.3.0", - "eslint-plugin-react-functional-set-state": "^1.0.1" - }, - "devDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - } -} diff --git a/tests/summarycode/data/score/consistent_licenses_not_spdx/src/index.js b/tests/summarycode/data/score/consistent_licenses_not_spdx/src/index.js deleted file mode 100644 index 9309ed09d42..00000000000 --- a/tests/summarycode/data/score/consistent_licenses_not_spdx/src/index.js +++ /dev/null @@ -1,8 +0,0 @@ -Any party obtaining a copy of these files is granted, free of charge, a -full and unrestricted irrevocable, world-wide, paid up, royalty-free, -nonexclusive right and license to deal in this software and -documentation files (the "Software"), including without limitation the -rights to use, copy, modify, merge, publish, distribute, sublicense, and/or -sell copies of the Software, and to permit persons who receive copies -from any such party to do so, with the only requirement being that this -copyright notice remain intact. diff --git a/tests/summarycode/data/score/file_coverage-expected.json b/tests/summarycode/data/score/file_coverage-expected.json deleted file mode 100644 index ef5317c7f5e..00000000000 --- a/tests/summarycode/data/score/file_coverage-expected.json +++ /dev/null @@ -1,403 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "1.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.14", - "files_count": 5 - } - } - ], - "license_clarity_score": { - "score": 53, - "declared": true, - "discovered": 0.33, - "consistency": true, - "spdx": false, - "license_texts": false - }, - "files": [ - { - "path": "file_coverage", - "type": "directory", - "name": "file_coverage", - "base_name": "file_coverage", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 5, - "dirs_count": 1, - "size_count": 1309, - "scan_errors": [] - }, - { - "path": "file_coverage/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 295, - "sha1": "7d770c5ffdcf659c944a670225ab43db9f33d4a8", - "md5": "4b8955afbb3a8aa01933e99e331e4acf", - "sha256": "aac3e1032f4dffd347854cbe37d559223f2d61173caa649ca7cd0cfb11987334", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "file_coverage/package.json", - "type": "file", - "name": "package.json", - "base_name": "package", - "extension": ".json", - "size": 829, - "sha1": "003103b742ebfb1e76e80d9fc05ab0b3046f2ab6", - "md5": "bd8911e2d8af0caa689f76b9975761fd", - "sha256": "d27968b827780212a965387f5ec3421ee59a0bf9166847629db0e716e6d2d9c3", - "mime_type": "application/json", - "file_type": "JSON data", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 7, - "end_line": 7, - "matched_rule": { - "identifier": "mit_30.RULE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 2, - "matched_length": 2, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 1.83, - "copyrights": [], - "holders": [], - "authors": [ - { - "author": "Alexander Plavinski ", - "start_line": 6, - "end_line": 6 - } - ], - "is_legal": false, - "is_manifest": true, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "file_coverage/src", - "type": "directory", - "name": "src", - "base_name": "src", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 3, - "dirs_count": 0, - "size_count": 185, - "scan_errors": [] - }, - { - "path": "file_coverage/src/index.js", - "type": "file", - "name": "index.js", - "base_name": "index", - "extension": ".js", - "size": 80, - "sha1": "1a7d7f3d183f25d76b1feb463536af0d3fc910dd", - "md5": "f0720dc66980838af42ffd077dc4ff8b", - "sha256": "b85100a2a46e69903dee27801e10ea096cca796e5e501089b97bdbb24102d6aa", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 1, - "end_line": 1, - "matched_rule": { - "identifier": "spdx-license-identifier: mit", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "1-spdx-id", - "rule_length": 4, - "matched_length": 4, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 33.33, - "copyrights": [ - { - "copyright": "Copyright (c) 2007 nexB Inc.", - "start_line": 2, - "end_line": 2 - } - ], - "holders": [ - { - "holder": "nexB Inc.", - "start_line": 2, - "end_line": 2 - } - ], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "file_coverage/src/index2.js", - "type": "file", - "name": "index2.js", - "base_name": "index2", - "extension": ".js", - "size": 48, - "sha1": "1d3832cc4eb434502ef83b10f0db4ff2bfea461f", - "md5": "375540922bb49a362b660bd696e48fdd", - "sha256": "57838bf7c11ec6ee9d7403259cc0397998f5392d4e3cd0f92fda2b7729b143e0", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [ - { - "copyright": "Copyright (c) 2007 nexB Inc.", - "start_line": 1, - "end_line": 1 - } - ], - "holders": [ - { - "holder": "nexB Inc.", - "start_line": 1, - "end_line": 1 - } - ], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "file_coverage/src/test.java", - "type": "file", - "name": "test.java", - "base_name": "test", - "extension": ".java", - "size": 57, - "sha1": "da6b19af59bff9c997305550c52b98c3eb746e93", - "md5": "746ece6b838c1fcab25fb842f810cd9f", - "sha256": "5023884c86581327c20a5156c2cb4b33c30f0d27ecadea58e996c7dd46fda568", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "Java", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [ - { - "copyright": "Copyright (c) 2007 nexB Inc.", - "start_line": 1, - "end_line": 1 - } - ], - "holders": [ - { - "holder": "nexB Inc.", - "start_line": 1, - "end_line": 1 - } - ], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file diff --git a/tests/summarycode/data/score/file_coverage/README.md b/tests/summarycode/data/score/file_coverage/README.md deleted file mode 100644 index 5609113f254..00000000000 --- a/tests/summarycode/data/score/file_coverage/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# @invisionag/eslint-config-ivx - -# Usage - -Install the peer dependencies as development dependencies: -- `eslint^3.19.0` -- `prettier^1.5.2` - -Install `@invisionag/eslint-config-ivx` as a development dependency. - -In your `.eslintrc.js`: -```js -module.exports = { - extends: '@invisionag/ivx', -}; -``` diff --git a/tests/summarycode/data/score/file_coverage/package.json b/tests/summarycode/data/score/file_coverage/package.json deleted file mode 100644 index f54d82ed9fa..00000000000 --- a/tests/summarycode/data/score/file_coverage/package.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "@invisionag/eslint-config-ivx", - "version": "0.0.10", - "main": "index.js", - "repository": "https://github.com/ivx/eslint-config-ivx.git", - "author": "Alexander Plavinski ", - "license": "MIT", - "scripts": { - "test": "eslint ." - }, - "peerDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - }, - "dependencies": { - "babel-eslint": "^7.2.3", - "eslint-config-airbnb": "^15.1.0", - "eslint-config-prettier": "^2.3.0", - "eslint-plugin-flowtype": "^2.34.1", - "eslint-plugin-import": "^2.6.1", - "eslint-plugin-jsx-a11y": "^5.1.1", - "eslint-plugin-prettier": "^2.2.0", - "eslint-plugin-react": "^7.3.0", - "eslint-plugin-react-functional-set-state": "^1.0.1" - }, - "devDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - } -} diff --git a/tests/summarycode/data/score/file_coverage/src/index.js b/tests/summarycode/data/score/file_coverage/src/index.js deleted file mode 100644 index e36391653db..00000000000 --- a/tests/summarycode/data/score/file_coverage/src/index.js +++ /dev/null @@ -1,2 +0,0 @@ -// SPDX-License-Identifier: MIT -Copyright (c) 2007 nexB Inc. All right reserved diff --git a/tests/summarycode/data/score/file_coverage/src/index2.js b/tests/summarycode/data/score/file_coverage/src/index2.js deleted file mode 100644 index 9b060ddea40..00000000000 --- a/tests/summarycode/data/score/file_coverage/src/index2.js +++ /dev/null @@ -1 +0,0 @@ -Copyright (c) 2007 nexB Inc. All right reserved diff --git a/tests/summarycode/data/score/file_coverage/src/test.java b/tests/summarycode/data/score/file_coverage/src/test.java deleted file mode 100644 index e917773f323..00000000000 --- a/tests/summarycode/data/score/file_coverage/src/test.java +++ /dev/null @@ -1,2 +0,0 @@ -Copyright (c) 2007 nexB Inc. All right reserved -// empty diff --git a/tests/summarycode/data/score/full_text-expected.json b/tests/summarycode/data/score/full_text-expected.json deleted file mode 100644 index 4bcf201cea5..00000000000 --- a/tests/summarycode/data/score/full_text-expected.json +++ /dev/null @@ -1,373 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "1.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.14", - "files_count": 4 - } - } - ], - "license_clarity_score": { - "score": 60, - "declared": true, - "discovered": 0, - "consistency": true, - "spdx": false, - "license_texts": true - }, - "files": [ - { - "path": "full_text", - "type": "directory", - "name": "full_text", - "base_name": "full_text", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 4, - "dirs_count": 1, - "size_count": 2179, - "scan_errors": [] - }, - { - "path": "full_text/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 295, - "sha1": "7d770c5ffdcf659c944a670225ab43db9f33d4a8", - "md5": "4b8955afbb3a8aa01933e99e331e4acf", - "sha256": "aac3e1032f4dffd347854cbe37d559223f2d61173caa649ca7cd0cfb11987334", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "full_text/package.json", - "type": "file", - "name": "package.json", - "base_name": "package", - "extension": ".json", - "size": 829, - "sha1": "003103b742ebfb1e76e80d9fc05ab0b3046f2ab6", - "md5": "bd8911e2d8af0caa689f76b9975761fd", - "sha256": "d27968b827780212a965387f5ec3421ee59a0bf9166847629db0e716e6d2d9c3", - "mime_type": "application/json", - "file_type": "JSON data", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 7, - "end_line": 7, - "matched_rule": { - "identifier": "mit_30.RULE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 2, - "matched_length": 2, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 1.83, - "copyrights": [], - "holders": [], - "authors": [ - { - "author": "Alexander Plavinski ", - "start_line": 6, - "end_line": 6 - } - ], - "is_legal": false, - "is_manifest": true, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "full_text/src", - "type": "directory", - "name": "src", - "base_name": "src", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 2, - "dirs_count": 0, - "size_count": 1055, - "scan_errors": [] - }, - { - "path": "full_text/src/COPYING.md", - "type": "file", - "name": "COPYING.md", - "base_name": "COPYING", - "extension": ".md", - "size": 1023, - "sha1": "df156c6a0a89ed2a3bd4a473c68cf85907509ca0", - "md5": "657a566233888513e1f07ba13e2f47f1", - "sha256": "10d5120a16805804ffda8b688c220bfb4e8f39741b57320604d455a309e01972", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 1, - "end_line": 18, - "matched_rule": { - "identifier": "mit.LICENSE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": true, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": false, - "is_license_intro": false, - "has_unknown": false, - "matcher": "1-hash", - "rule_length": 161, - "matched_length": 161, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 100.0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": true, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "full_text/src/index.js", - "type": "file", - "name": "index.js", - "base_name": "index", - "extension": ".js", - "size": 32, - "sha1": "4c9f2b0ba719d3e0d974753e4b6c828d6dfd2283", - "md5": "6ec41034e04432ee375d0e14fba596f4", - "sha256": "c1512f9bcc19ce05be1741085084b648444bc083e073abb0d227694d9da7b945", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 1, - "end_line": 1, - "matched_rule": { - "identifier": "spdx-license-identifier: mit", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "1-spdx-id", - "rule_length": 4, - "matched_length": 4, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 100.0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file diff --git a/tests/summarycode/data/score/full_text/README.md b/tests/summarycode/data/score/full_text/README.md deleted file mode 100644 index 5609113f254..00000000000 --- a/tests/summarycode/data/score/full_text/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# @invisionag/eslint-config-ivx - -# Usage - -Install the peer dependencies as development dependencies: -- `eslint^3.19.0` -- `prettier^1.5.2` - -Install `@invisionag/eslint-config-ivx` as a development dependency. - -In your `.eslintrc.js`: -```js -module.exports = { - extends: '@invisionag/ivx', -}; -``` diff --git a/tests/summarycode/data/score/full_text/package.json b/tests/summarycode/data/score/full_text/package.json deleted file mode 100644 index f54d82ed9fa..00000000000 --- a/tests/summarycode/data/score/full_text/package.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "@invisionag/eslint-config-ivx", - "version": "0.0.10", - "main": "index.js", - "repository": "https://github.com/ivx/eslint-config-ivx.git", - "author": "Alexander Plavinski ", - "license": "MIT", - "scripts": { - "test": "eslint ." - }, - "peerDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - }, - "dependencies": { - "babel-eslint": "^7.2.3", - "eslint-config-airbnb": "^15.1.0", - "eslint-config-prettier": "^2.3.0", - "eslint-plugin-flowtype": "^2.34.1", - "eslint-plugin-import": "^2.6.1", - "eslint-plugin-jsx-a11y": "^5.1.1", - "eslint-plugin-prettier": "^2.2.0", - "eslint-plugin-react": "^7.3.0", - "eslint-plugin-react-functional-set-state": "^1.0.1" - }, - "devDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - } -} diff --git a/tests/summarycode/data/score/full_text/src/COPYING.md b/tests/summarycode/data/score/full_text/src/COPYING.md deleted file mode 100644 index 1bf98523e33..00000000000 --- a/tests/summarycode/data/score/full_text/src/COPYING.md +++ /dev/null @@ -1,18 +0,0 @@ -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/tests/summarycode/data/score/full_text/src/index.js b/tests/summarycode/data/score/full_text/src/index.js deleted file mode 100644 index 8096cb46020..00000000000 --- a/tests/summarycode/data/score/full_text/src/index.js +++ /dev/null @@ -1 +0,0 @@ -// SPDX-License-Identifier: MIT diff --git a/tests/summarycode/data/score/full_text_in_key_files-expected.json b/tests/summarycode/data/score/full_text_in_key_files-expected.json deleted file mode 100644 index 6694fd37e28..00000000000 --- a/tests/summarycode/data/score/full_text_in_key_files-expected.json +++ /dev/null @@ -1,373 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "1.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.14", - "files_count": 4 - } - } - ], - "license_clarity_score": { - "score": 60, - "declared": true, - "discovered": 0, - "consistency": true, - "spdx": false, - "license_texts": true - }, - "files": [ - { - "path": "full_text_in_key_files", - "type": "directory", - "name": "full_text_in_key_files", - "base_name": "full_text_in_key_files", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 4, - "dirs_count": 1, - "size_count": 2179, - "scan_errors": [] - }, - { - "path": "full_text_in_key_files/COPYING.md", - "type": "file", - "name": "COPYING.md", - "base_name": "COPYING", - "extension": ".md", - "size": 1023, - "sha1": "df156c6a0a89ed2a3bd4a473c68cf85907509ca0", - "md5": "657a566233888513e1f07ba13e2f47f1", - "sha256": "10d5120a16805804ffda8b688c220bfb4e8f39741b57320604d455a309e01972", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 1, - "end_line": 18, - "matched_rule": { - "identifier": "mit.LICENSE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": true, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": false, - "is_license_intro": false, - "has_unknown": false, - "matcher": "1-hash", - "rule_length": 161, - "matched_length": 161, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 100.0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": true, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "full_text_in_key_files/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 295, - "sha1": "7d770c5ffdcf659c944a670225ab43db9f33d4a8", - "md5": "4b8955afbb3a8aa01933e99e331e4acf", - "sha256": "aac3e1032f4dffd347854cbe37d559223f2d61173caa649ca7cd0cfb11987334", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "full_text_in_key_files/package.json", - "type": "file", - "name": "package.json", - "base_name": "package", - "extension": ".json", - "size": 829, - "sha1": "003103b742ebfb1e76e80d9fc05ab0b3046f2ab6", - "md5": "bd8911e2d8af0caa689f76b9975761fd", - "sha256": "d27968b827780212a965387f5ec3421ee59a0bf9166847629db0e716e6d2d9c3", - "mime_type": "application/json", - "file_type": "JSON data", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 7, - "end_line": 7, - "matched_rule": { - "identifier": "mit_30.RULE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 2, - "matched_length": 2, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 1.83, - "copyrights": [], - "holders": [], - "authors": [ - { - "author": "Alexander Plavinski ", - "start_line": 6, - "end_line": 6 - } - ], - "is_legal": false, - "is_manifest": true, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "full_text_in_key_files/src", - "type": "directory", - "name": "src", - "base_name": "src", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 1, - "dirs_count": 0, - "size_count": 32, - "scan_errors": [] - }, - { - "path": "full_text_in_key_files/src/index.js", - "type": "file", - "name": "index.js", - "base_name": "index", - "extension": ".js", - "size": 32, - "sha1": "4c9f2b0ba719d3e0d974753e4b6c828d6dfd2283", - "md5": "6ec41034e04432ee375d0e14fba596f4", - "sha256": "c1512f9bcc19ce05be1741085084b648444bc083e073abb0d227694d9da7b945", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 1, - "end_line": 1, - "matched_rule": { - "identifier": "spdx-license-identifier: mit", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "1-spdx-id", - "rule_length": 4, - "matched_length": 4, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 100.0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file diff --git a/tests/summarycode/data/score/full_text_in_key_files/COPYING.md b/tests/summarycode/data/score/full_text_in_key_files/COPYING.md deleted file mode 100644 index 1bf98523e33..00000000000 --- a/tests/summarycode/data/score/full_text_in_key_files/COPYING.md +++ /dev/null @@ -1,18 +0,0 @@ -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/tests/summarycode/data/score/full_text_in_key_files/README.md b/tests/summarycode/data/score/full_text_in_key_files/README.md deleted file mode 100644 index 5609113f254..00000000000 --- a/tests/summarycode/data/score/full_text_in_key_files/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# @invisionag/eslint-config-ivx - -# Usage - -Install the peer dependencies as development dependencies: -- `eslint^3.19.0` -- `prettier^1.5.2` - -Install `@invisionag/eslint-config-ivx` as a development dependency. - -In your `.eslintrc.js`: -```js -module.exports = { - extends: '@invisionag/ivx', -}; -``` diff --git a/tests/summarycode/data/score/full_text_in_key_files/package.json b/tests/summarycode/data/score/full_text_in_key_files/package.json deleted file mode 100644 index f54d82ed9fa..00000000000 --- a/tests/summarycode/data/score/full_text_in_key_files/package.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "@invisionag/eslint-config-ivx", - "version": "0.0.10", - "main": "index.js", - "repository": "https://github.com/ivx/eslint-config-ivx.git", - "author": "Alexander Plavinski ", - "license": "MIT", - "scripts": { - "test": "eslint ." - }, - "peerDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - }, - "dependencies": { - "babel-eslint": "^7.2.3", - "eslint-config-airbnb": "^15.1.0", - "eslint-config-prettier": "^2.3.0", - "eslint-plugin-flowtype": "^2.34.1", - "eslint-plugin-import": "^2.6.1", - "eslint-plugin-jsx-a11y": "^5.1.1", - "eslint-plugin-prettier": "^2.2.0", - "eslint-plugin-react": "^7.3.0", - "eslint-plugin-react-functional-set-state": "^1.0.1" - }, - "devDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - } -} diff --git a/tests/summarycode/data/score/full_text_in_key_files/src/index.js b/tests/summarycode/data/score/full_text_in_key_files/src/index.js deleted file mode 100644 index 8096cb46020..00000000000 --- a/tests/summarycode/data/score/full_text_in_key_files/src/index.js +++ /dev/null @@ -1 +0,0 @@ -// SPDX-License-Identifier: MIT diff --git a/tests/summarycode/data/score2/inconsistent_licenses_copyleft-expected.json b/tests/summarycode/data/score/inconsistent_licenses_copyleft-expected.json similarity index 99% rename from tests/summarycode/data/score2/inconsistent_licenses_copyleft-expected.json rename to tests/summarycode/data/score/inconsistent_licenses_copyleft-expected.json index f5c00121604..2f8ba9d7c4f 100644 --- a/tests/summarycode/data/score2/inconsistent_licenses_copyleft-expected.json +++ b/tests/summarycode/data/score/inconsistent_licenses_copyleft-expected.json @@ -9,7 +9,7 @@ "--info": true, "--json": "", "--license": true, - "--license-clarity-score-2": true + "--license-clarity-score": true }, "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", "output_format_version": "2.0.0", diff --git a/tests/summarycode/data/score2/basic/README.md b/tests/summarycode/data/score/inconsistent_licenses_copyleft/README.md similarity index 100% rename from tests/summarycode/data/score2/basic/README.md rename to tests/summarycode/data/score/inconsistent_licenses_copyleft/README.md diff --git a/tests/summarycode/data/score2/basic/index.js b/tests/summarycode/data/score/inconsistent_licenses_copyleft/index.js similarity index 100% rename from tests/summarycode/data/score2/basic/index.js rename to tests/summarycode/data/score/inconsistent_licenses_copyleft/index.js diff --git a/tests/summarycode/data/score/consistent_licenses/package.json b/tests/summarycode/data/score/inconsistent_licenses_copyleft/package.json similarity index 100% rename from tests/summarycode/data/score/consistent_licenses/package.json rename to tests/summarycode/data/score/inconsistent_licenses_copyleft/package.json diff --git a/tests/summarycode/data/score2/inconsistent_licenses_copyleft/util.js b/tests/summarycode/data/score/inconsistent_licenses_copyleft/util.js similarity index 100% rename from tests/summarycode/data/score2/inconsistent_licenses_copyleft/util.js rename to tests/summarycode/data/score/inconsistent_licenses_copyleft/util.js diff --git a/tests/summarycode/data/score/no_license_ambiguity-expected.json b/tests/summarycode/data/score/no_license_ambiguity-expected.json new file mode 100644 index 00000000000..68c2dcaa472 --- /dev/null +++ b/tests/summarycode/data/score/no_license_ambiguity-expected.json @@ -0,0 +1,794 @@ +{ + "headers": [ + { + "tool_name": "scancode-toolkit", + "options": { + "input": "", + "--classify": true, + "--copyright": true, + "--info": true, + "--json": "", + "--license": true, + "--license-clarity-score": true + }, + "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", + "output_format_version": "2.0.0", + "message": null, + "errors": [], + "extra_data": { + "spdx_license_list_version": "3.16", + "files_count": 8 + } + } + ], + "license_clarity_score": { + "score": 100, + "declared_license": true, + "precise_license_detection": true, + "has_license_text": true, + "declared_copyrights": true, + "conflicting_license_categories": false, + "ambigous_compound_licensing": false + }, + "files": [ + { + "path": "no_license_ambiguity", + "type": "directory", + "name": "no_license_ambiguity", + "base_name": "no_license_ambiguity", + "extension": "", + "size": 0, + "sha1": null, + "md5": null, + "sha256": null, + "mime_type": null, + "file_type": null, + "programming_language": null, + "is_binary": false, + "is_text": false, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 8, + "dirs_count": 0, + "size_count": 49781, + "scan_errors": [] + }, + { + "path": "no_license_ambiguity/CHANGELOG.md", + "type": "file", + "name": "CHANGELOG.md", + "base_name": "CHANGELOG", + "extension": ".md", + "size": 24563, + "sha1": "75dd1de7e3572b2480378f4a47d99d4140f405a0", + "md5": "e9d08921db4b1c78b3ea9d6d7f8bcd82", + "sha256": "76b505678de234d2eef751593feec6d9debb76c20d45564a9f23c9e9783dbc63", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "no_license_ambiguity/COPYRIGHT", + "type": "file", + "name": "COPYRIGHT", + "base_name": "COPYRIGHT", + "extension": "", + "size": 569, + "sha1": "f14afa20edce530124d39cd56312c7781c19b267", + "md5": "86438b2332d07437f7ddc2fe9fe4edd2", + "sha256": "90eb64f0279b0d9432accfa6023ff803bc4965212383697eee27a0f426d5f8d5", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": "verilog", + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": true, + "is_script": false, + "licenses": [ + { + "key": "apache-2.0", + "score": 94.12, + "name": "Apache License 2.0", + "short_name": "Apache 2.0", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "Apache Software Foundation", + "homepage_url": "http://www.apache.org/licenses/", + "text_url": "http://www.apache.org/licenses/LICENSE-2.0", + "reference_url": "https://scancode-licensedb.aboutcode.org/apache-2.0", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.yml", + "spdx_license_key": "Apache-2.0", + "spdx_url": "https://spdx.org/licenses/Apache-2.0", + "start_line": 1, + "end_line": 7, + "matched_rule": { + "identifier": "apache-2.0_1060.RULE", + "license_expression": "apache-2.0", + "licenses": [ + "apache-2.0" + ], + "referenced_filenames": [], + "is_license_text": false, + "is_license_notice": true, + "is_license_reference": false, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "3-seq", + "rule_length": 48, + "matched_length": 48, + "match_coverage": 100.0, + "rule_relevance": 100 + } + }, + { + "key": "apache-2.0", + "score": 97.83, + "name": "Apache License 2.0", + "short_name": "Apache 2.0", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "Apache Software Foundation", + "homepage_url": "http://www.apache.org/licenses/", + "text_url": "http://www.apache.org/licenses/LICENSE-2.0", + "reference_url": "https://scancode-licensedb.aboutcode.org/apache-2.0", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.yml", + "spdx_license_key": "Apache-2.0", + "spdx_url": "https://spdx.org/licenses/Apache-2.0", + "start_line": 6, + "end_line": 9, + "matched_rule": { + "identifier": "apache-2.0_or_mit_47.RULE", + "license_expression": "apache-2.0 OR mit", + "licenses": [ + "apache-2.0", + "mit" + ], + "referenced_filenames": [], + "is_license_text": false, + "is_license_notice": true, + "is_license_reference": false, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "3-seq", + "rule_length": 45, + "matched_length": 45, + "match_coverage": 100.0, + "rule_relevance": 100 + } + }, + { + "key": "mit", + "score": 97.83, + "name": "MIT License", + "short_name": "MIT License", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "MIT", + "homepage_url": "http://opensource.org/licenses/mit-license.php", + "text_url": "http://opensource.org/licenses/mit-license.php", + "reference_url": "https://scancode-licensedb.aboutcode.org/mit", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", + "spdx_license_key": "MIT", + "spdx_url": "https://spdx.org/licenses/MIT", + "start_line": 6, + "end_line": 9, + "matched_rule": { + "identifier": "apache-2.0_or_mit_47.RULE", + "license_expression": "apache-2.0 OR mit", + "licenses": [ + "apache-2.0", + "mit" + ], + "referenced_filenames": [], + "is_license_text": false, + "is_license_notice": true, + "is_license_reference": false, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "3-seq", + "rule_length": 45, + "matched_length": 45, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "apache-2.0", + "apache-2.0 OR mit" + ], + "percentage_of_license_text": 81.11, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": true, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "no_license_ambiguity/Cargo.toml", + "type": "file", + "name": "Cargo.toml", + "base_name": "Cargo", + "extension": ".toml", + "size": 2551, + "sha1": "ddec880a9a8eb327d188032cb12236b7197a9db4", + "md5": "12bc948aef936e0dc81ef8dc269c442f", + "sha256": "a6138a417208be3f9a5adb3f84fb4cc4e25a8b29e3106c456e324f82a854654a", + "mime_type": "text/plain", + "file_type": "UTF-8 Unicode text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [ + { + "key": "mit", + "score": 100.0, + "name": "MIT License", + "short_name": "MIT License", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "MIT", + "homepage_url": "http://opensource.org/licenses/mit-license.php", + "text_url": "http://opensource.org/licenses/mit-license.php", + "reference_url": "https://scancode-licensedb.aboutcode.org/mit", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", + "spdx_license_key": "MIT", + "spdx_url": "https://spdx.org/licenses/MIT", + "start_line": 5, + "end_line": 5, + "matched_rule": { + "identifier": "mit_or_apache-2.0_14.RULE", + "license_expression": "mit OR apache-2.0", + "licenses": [ + "mit", + "apache-2.0" + ], + "referenced_filenames": [], + "is_license_text": false, + "is_license_notice": false, + "is_license_reference": false, + "is_license_tag": true, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 6, + "matched_length": 6, + "match_coverage": 100.0, + "rule_relevance": 100 + } + }, + { + "key": "apache-2.0", + "score": 100.0, + "name": "Apache License 2.0", + "short_name": "Apache 2.0", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "Apache Software Foundation", + "homepage_url": "http://www.apache.org/licenses/", + "text_url": "http://www.apache.org/licenses/LICENSE-2.0", + "reference_url": "https://scancode-licensedb.aboutcode.org/apache-2.0", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.yml", + "spdx_license_key": "Apache-2.0", + "spdx_url": "https://spdx.org/licenses/Apache-2.0", + "start_line": 5, + "end_line": 5, + "matched_rule": { + "identifier": "mit_or_apache-2.0_14.RULE", + "license_expression": "mit OR apache-2.0", + "licenses": [ + "mit", + "apache-2.0" + ], + "referenced_filenames": [], + "is_license_text": false, + "is_license_notice": false, + "is_license_reference": false, + "is_license_tag": true, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 6, + "matched_length": 6, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "mit OR apache-2.0" + ], + "percentage_of_license_text": 1.76, + "copyrights": [ + { + "copyright": "COPYRIGHT package.metadata.docs.rs", + "start_line": 17, + "end_line": 19 + } + ], + "holders": [ + { + "holder": "package.metadata.docs.rs", + "start_line": 19, + "end_line": 19 + } + ], + "authors": [ + { + "author": "The Rand Project Developers', The Rust Project", + "start_line": 4, + "end_line": 4 + } + ], + "is_legal": false, + "is_manifest": true, + "is_readme": false, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "no_license_ambiguity/LICENSE-APACHE", + "type": "file", + "name": "LICENSE-APACHE", + "base_name": "LICENSE-APACHE", + "extension": "", + "size": 9724, + "sha1": "4632a631b427f005d97734ea8c6a44090fec5cd9", + "md5": "e7b6e9594d2e90bfdc5eac35ff6486fa", + "sha256": "35242e7a83f69875e6edeff02291e688c97caafe2f8902e4e19b49d3e78b4cab", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [ + { + "key": "apache-2.0", + "score": 100.0, + "name": "Apache License 2.0", + "short_name": "Apache 2.0", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "Apache Software Foundation", + "homepage_url": "http://www.apache.org/licenses/", + "text_url": "http://www.apache.org/licenses/LICENSE-2.0", + "reference_url": "https://scancode-licensedb.aboutcode.org/apache-2.0", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.yml", + "spdx_license_key": "Apache-2.0", + "spdx_url": "https://spdx.org/licenses/Apache-2.0", + "start_line": 1, + "end_line": 176, + "matched_rule": { + "identifier": "apache-2.0_875.RULE", + "license_expression": "apache-2.0", + "licenses": [ + "apache-2.0" + ], + "referenced_filenames": [], + "is_license_text": true, + "is_license_notice": false, + "is_license_reference": false, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "1-hash", + "rule_length": 1410, + "matched_length": 1410, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "apache-2.0" + ], + "percentage_of_license_text": 100.0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": true, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "no_license_ambiguity/LICENSE-MIT", + "type": "file", + "name": "LICENSE-MIT", + "base_name": "LICENSE-MIT", + "extension": "", + "size": 1117, + "sha1": "d74ad13f1402c35008f22bc588a6b8199ed164d3", + "md5": "08cf50287469d314ddbee33f572260a7", + "sha256": "209fbbe0ad52d9235e37badf9cadfe4dbdc87203179c0899e738b39ade42177b", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [ + { + "key": "mit", + "score": 100.0, + "name": "MIT License", + "short_name": "MIT License", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "MIT", + "homepage_url": "http://opensource.org/licenses/mit-license.php", + "text_url": "http://opensource.org/licenses/mit-license.php", + "reference_url": "https://scancode-licensedb.aboutcode.org/mit", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", + "spdx_license_key": "MIT", + "spdx_url": "https://spdx.org/licenses/MIT", + "start_line": 4, + "end_line": 26, + "matched_rule": { + "identifier": "mit.LICENSE", + "license_expression": "mit", + "licenses": [ + "mit" + ], + "referenced_filenames": [], + "is_license_text": true, + "is_license_notice": false, + "is_license_reference": false, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 161, + "matched_length": 161, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "mit" + ], + "percentage_of_license_text": 92.0, + "copyrights": [ + { + "copyright": "Copyright 2018", + "start_line": 1, + "end_line": 1 + }, + { + "copyright": "Copyright (c) 2014 The Rust Project", + "start_line": 2, + "end_line": 2 + } + ], + "holders": [ + { + "holder": "The Rust Project", + "start_line": 2, + "end_line": 2 + } + ], + "authors": [], + "is_legal": true, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "no_license_ambiguity/README.md", + "type": "file", + "name": "README.md", + "base_name": "README", + "extension": ".md", + "size": 7582, + "sha1": "d81ebab9f6c8e3233abf01734beca5419fe353ac", + "md5": "e73df191f1b77901adab1471b758a8bc", + "sha256": "ddb5a1fa9442c6cab92a3510365937e729f839c94b97e75d3f0430bf3a4dd2bd", + "mime_type": "text/plain", + "file_type": "UTF-8 Unicode text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [ + { + "key": "mit", + "score": 57.69, + "name": "MIT License", + "short_name": "MIT License", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "MIT", + "homepage_url": "http://opensource.org/licenses/mit-license.php", + "text_url": "http://opensource.org/licenses/mit-license.php", + "reference_url": "https://scancode-licensedb.aboutcode.org/mit", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", + "spdx_license_key": "MIT", + "spdx_url": "https://spdx.org/licenses/MIT", + "start_line": 152, + "end_line": 157, + "matched_rule": { + "identifier": "mit_or_apache-2.0_9.RULE", + "license_expression": "mit OR apache-2.0", + "licenses": [ + "mit", + "apache-2.0" + ], + "referenced_filenames": [ + "LICENSE-MIT", + "LICENSE" + ], + "is_license_text": false, + "is_license_notice": true, + "is_license_reference": false, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "3-seq", + "rule_length": 26, + "matched_length": 15, + "match_coverage": 57.69, + "rule_relevance": 100 + } + }, + { + "key": "apache-2.0", + "score": 57.69, + "name": "Apache License 2.0", + "short_name": "Apache 2.0", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "Apache Software Foundation", + "homepage_url": "http://www.apache.org/licenses/", + "text_url": "http://www.apache.org/licenses/LICENSE-2.0", + "reference_url": "https://scancode-licensedb.aboutcode.org/apache-2.0", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.yml", + "spdx_license_key": "Apache-2.0", + "spdx_url": "https://spdx.org/licenses/Apache-2.0", + "start_line": 152, + "end_line": 157, + "matched_rule": { + "identifier": "mit_or_apache-2.0_9.RULE", + "license_expression": "mit OR apache-2.0", + "licenses": [ + "mit", + "apache-2.0" + ], + "referenced_filenames": [ + "LICENSE-MIT", + "LICENSE" + ], + "is_license_text": false, + "is_license_notice": true, + "is_license_reference": false, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "3-seq", + "rule_length": 26, + "matched_length": 15, + "match_coverage": 57.69, + "rule_relevance": 100 + } + }, + { + "key": "mit", + "score": 100.0, + "name": "MIT License", + "short_name": "MIT License", + "category": "Permissive", + "is_exception": false, + "is_unknown": false, + "owner": "MIT", + "homepage_url": "http://opensource.org/licenses/mit-license.php", + "text_url": "http://opensource.org/licenses/mit-license.php", + "reference_url": "https://scancode-licensedb.aboutcode.org/mit", + "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", + "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", + "spdx_license_key": "MIT", + "spdx_url": "https://spdx.org/licenses/MIT", + "start_line": 157, + "end_line": 157, + "matched_rule": { + "identifier": "mit_154.RULE", + "license_expression": "mit", + "licenses": [ + "mit" + ], + "referenced_filenames": [], + "is_license_text": false, + "is_license_notice": true, + "is_license_reference": false, + "is_license_tag": false, + "is_license_intro": false, + "has_unknown": false, + "matcher": "2-aho", + "rule_length": 4, + "matched_length": 4, + "match_coverage": 100.0, + "rule_relevance": 100 + } + } + ], + "license_expressions": [ + "mit OR apache-2.0", + "mit" + ], + "percentage_of_license_text": 1.69, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": true, + "is_top_level": true, + "is_key_file": true, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "no_license_ambiguity/SECURITY.md", + "type": "file", + "name": "SECURITY.md", + "base_name": "SECURITY", + "extension": ".md", + "size": 2812, + "sha1": "99b2240e1aadbc88a2fa2ca65e673b9c46bea285", + "md5": "bd20c9d8351a8630c3d4e45afc638491", + "sha256": "52e7a012004e078273ede84e6cb6778d6f98c3c69078edf625f4bae08306e74d", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + }, + { + "path": "no_license_ambiguity/rustfmt.toml", + "type": "file", + "name": "rustfmt.toml", + "base_name": "rustfmt", + "extension": ".toml", + "size": 863, + "sha1": "60527abf5f69306d1e5d5b339afdea200368e081", + "md5": "a0a23df0aa695c6b43ea91942ac7df1d", + "sha256": "a582a93dc6492d36daae52df7800e369887ba0984d68d98f70b99ca870fed268", + "mime_type": "text/plain", + "file_type": "ASCII text", + "programming_language": null, + "is_binary": false, + "is_text": true, + "is_archive": false, + "is_media": false, + "is_source": false, + "is_script": false, + "licenses": [], + "license_expressions": [], + "percentage_of_license_text": 0, + "copyrights": [], + "holders": [], + "authors": [], + "is_legal": false, + "is_manifest": false, + "is_readme": false, + "is_top_level": true, + "is_key_file": false, + "files_count": 0, + "dirs_count": 0, + "size_count": 0, + "scan_errors": [] + } + ] +} \ No newline at end of file diff --git a/tests/summarycode/data/score/no_license_ambiguity/CHANGELOG.md b/tests/summarycode/data/score/no_license_ambiguity/CHANGELOG.md new file mode 100644 index 00000000000..b0872af6d39 --- /dev/null +++ b/tests/summarycode/data/score/no_license_ambiguity/CHANGELOG.md @@ -0,0 +1,699 @@ +# Changelog +All notable changes to this project will be documented in this file. + +The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) +and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). + +A [separate changelog is kept for rand_core](rand_core/CHANGELOG.md). + +You may also find the [Upgrade Guide](https://rust-random.github.io/book/update.html) useful. + +## [0.8.5] - 2021-08-20 +### Fixes +- Fix build on non-32/64-bit architectures (#1144) +- Fix "min_const_gen" feature for `no_std` (#1173) +- Check `libc::pthread_atfork` return value with panic on error (#1178) +- More robust reseeding in case `ReseedingRng` is used from a fork handler (#1178) +- Fix nightly: remove unused `slice_partition_at_index` feature (#1215) +- Fix nightly + `simd_support`: update `packed_simd` (#1216) + +### Rngs +- `StdRng`: Switch from HC128 to ChaCha12 on emscripten (#1142). + We now use ChaCha12 on all platforms. + +### Documentation +- Added docs about rand's use of const generics (#1150) +- Better random chars example (#1157) + + +## [0.8.4] - 2021-06-15 +### Additions +- Use const-generics to support arrays of all sizes (#1104) +- Implement `Clone` and `Copy` for `Alphanumeric` (#1126) +- Add `Distribution::map` to derive a distribution using a closure (#1129) +- Add `Slice` distribution (#1107) +- Add `DistString` trait with impls for `Standard` and `Alphanumeric` (#1133) + +### Other +- Reorder asserts in `Uniform` float distributions for easier debugging of non-finite arguments + (#1094, #1108) +- Add range overflow check in `Uniform` float distributions (#1108) +- Deprecate `rngs::adapter::ReadRng` (#1130) + +## [0.8.3] - 2021-01-25 +### Fixes +- Fix `no-std` + `alloc` build by gating `choose_multiple_weighted` on `std` (#1088) + +## [0.8.2] - 2021-01-12 +### Fixes +- Fix panic in `UniformInt::sample_single_inclusive` and `Rng::gen_range` when + providing a full integer range (eg `0..=MAX`) (#1087) + +## [0.8.1] - 2020-12-31 +### Other +- Enable all stable features in the playground (#1081) + +## [0.8.0] - 2020-12-18 +### Platform support +- The minimum supported Rust version is now 1.36 (#1011) +- `getrandom` updated to v0.2 (#1041) +- Remove `wasm-bindgen` and `stdweb` feature flags. For details of WASM support, + see the [getrandom documentation](https://docs.rs/getrandom/latest). (#948) +- `ReadRng::next_u32` and `next_u64` now use little-Endian conversion instead + of native-Endian, affecting results on Big-Endian platforms (#1061) +- The `nightly` feature no longer implies the `simd_support` feature (#1048) +- Fix `simd_support` feature to work on current nightlies (#1056) + +### Rngs +- `ThreadRng` is no longer `Copy` to enable safe usage within thread-local destructors (#1035) +- `gen_range(a, b)` was replaced with `gen_range(a..b)`. `gen_range(a..=b)` is + also supported. Note that `a` and `b` can no longer be references or SIMD types. (#744, #1003) +- Replace `AsByteSliceMut` with `Fill` and add support for `[bool], [char], [f32], [f64]` (#940) +- Restrict `rand::rngs::adapter` to `std` (#1027; see also #928) +- `StdRng`: add new `std_rng` feature flag (enabled by default, but might need + to be used if disabling default crate features) (#948) +- `StdRng`: Switch from ChaCha20 to ChaCha12 for better performance (#1028) +- `SmallRng`: Replace PCG algorithm with xoshiro{128,256}++ (#1038) + +### Sequences +- Add `IteratorRandom::choose_stable` as an alternative to `choose` which does + not depend on size hints (#1057) +- Improve accuracy and performance of `IteratorRandom::choose` (#1059) +- Implement `IntoIterator` for `IndexVec`, replacing the `into_iter` method (#1007) +- Add value stability tests for `seq` module (#933) + +### Misc +- Support `PartialEq` and `Eq` for `StdRng`, `SmallRng` and `StepRng` (#979) +- Added a `serde1` feature and added Serialize/Deserialize to `UniformInt` and `WeightedIndex` (#974) +- Drop some unsafe code (#962, #963, #1011) +- Reduce packaged crate size (#983) +- Migrate to GitHub Actions from Travis+AppVeyor (#1073) + +### Distributions +- `Alphanumeric` samples bytes instead of chars (#935) +- `Uniform` now supports `char`, enabling `rng.gen_range('A'..='Z')` (#1068) +- Add `UniformSampler::sample_single_inclusive` (#1003) + +#### Weighted sampling +- Implement weighted sampling without replacement (#976, #1013) +- `rand::distributions::alias_method::WeightedIndex` was moved to `rand_distr::WeightedAliasIndex`. + The simpler alternative `rand::distribution::WeightedIndex` remains. (#945) +- Improve treatment of rounding errors in `WeightedIndex::update_weights` (#956) +- `WeightedIndex`: return error on NaN instead of panic (#1005) + +### Documentation +- Document types supported by `random` (#994) +- Document notes on password generation (#995) +- Note that `SmallRng` may not be the best choice for performance and in some + other cases (#1038) +- Use `doc(cfg)` to annotate feature-gated items (#1019) +- Adjust README (#1065) + +## [0.7.3] - 2020-01-10 +### Fixes +- The `Bernoulli` distribution constructors now reports an error on NaN and on + `denominator == 0`. (#925) +- Use `std::sync::Once` to register fork handler, avoiding possible atomicity violation (#928) +- Fix documentation on the precision of generated floating-point values + +### Changes +- Unix: make libc dependency optional; only use fork protection with std feature (#928) + +### Additions +- Implement `std::error::Error` for `BernoulliError` (#919) + +## [0.7.2] - 2019-09-16 +### Fixes +- Fix dependency on `rand_core` 0.5.1 (#890) + +### Additions +- Unit tests for value stability of distributions added (#888) + +## [0.7.1] - 2019-09-13 +### Yanked +This release was yanked since it depends on `rand_core::OsRng` added in 0.5.1 +but specifies a dependency on version 0.5.0 (#890), causing a broken builds +when updating from `rand 0.7.0` without also updating `rand_core`. + +### Fixes +- Fix `no_std` behaviour, appropriately enable c2-chacha's `std` feature (#844) +- `alloc` feature in `no_std` is available since Rust 1.36 (#856) +- Fix or squelch issues from Clippy lints (#840) + +### Additions +- Add a `no_std` target to CI to continuously evaluate `no_std` status (#844) +- `WeightedIndex`: allow adjusting a sub-set of weights (#866) + +## [0.7.0] - 2019-06-28 + +### Fixes +- Fix incorrect pointer usages revealed by Miri testing (#780, #781) +- Fix (tiny!) bias in `Uniform` for 8- and 16-bit ints (#809) + +### Crate +- Bumped MSRV (min supported Rust version) to 1.32.0 +- Updated to Rust Edition 2018 (#823, #824) +- Removed dependence on `rand_xorshift`, `rand_isaac`, `rand_jitter` crates (#759, #765) +- Remove dependency on `winapi` (#724) +- Removed all `build.rs` files (#824) +- Removed code already deprecated in version 0.6 (#757) +- Removed the serde1 feature (It's still available for backwards compatibility, but it does not do anything. #830) +- Many documentation changes + +### rand_core +- Updated to `rand_core` 0.5.0 +- `Error` type redesigned with new API (#800) +- Move `from_entropy` method to `SeedableRng` and remove `FromEntropy` (#800) +- `SeedableRng::from_rng` is now expected to be value-stable (#815) + +### Standard RNGs +- OS interface moved from `rand_os` to new `getrandom` crate (#765, [getrandom](https://github.com/rust-random/getrandom)) +- Use ChaCha for `StdRng` and `ThreadRng` (#792) +- Feature-gate `SmallRng` (#792) +- `ThreadRng` now supports `Copy` (#758) +- Deprecated `EntropyRng` (#765) +- Enable fork protection of ReseedingRng without `std` (#724) + +### Distributions +- Many distributions have been moved to `rand_distr` (#761) +- `Bernoulli::new` constructor now returns a `Result` (#803) +- `Distribution::sample_iter` adjusted for more flexibility (#758) +- Added `distributions::weighted::alias_method::WeightedIndex` for `O(1)` sampling (#692) +- Support sampling `NonZeroU*` types with the `Standard` distribution (#728) +- Optimised `Binomial` distribution sampling (#735, #740, #752) +- Optimised SIMD float sampling (#739) + +### Sequences +- Make results portable across 32- and 64-bit by using `u32` samples for `usize` where possible (#809) + +## [0.6.5] - 2019-01-28 +### Crates +- Update `rand_core` to 0.4 (#703) +- Move `JitterRng` to its own crate (#685) +- Add a wasm-bindgen test crate (#696) + +### Platforms +- Fuchsia: Replaced fuchsia-zircon with fuchsia-cprng + +### Doc +- Use RFC 1946 for doc links (#691) +- Fix some doc links and notes (#711) + +## [0.6.4] - 2019-01-08 +### Fixes +- Move wasm-bindgen shims to correct crate (#686) +- Make `wasm32-unknown-unknown` compile but fail at run-time if missing bindingsg (#686) + +## [0.6.3] - 2019-01-04 +### Fixes +- Make the `std` feature require the optional `rand_os` dependency (#675) +- Re-export the optional WASM dependencies of `rand_os` from `rand` to avoid breakage (#674) + +## [0.6.2] - 2019-01-04 +### Additions +- Add `Default` for `ThreadRng` (#657) +- Move `rngs::OsRng` to `rand_os` sub-crate; clean up code; use as dependency (#643) ##BLOCKER## +- Add `rand_xoshiro` sub-crate, plus benchmarks (#642, #668) + +### Fixes +- Fix bias in `UniformInt::sample_single` (#662) +- Use `autocfg` instead of `rustc_version` for rustc version detection (#664) +- Disable `i128` and `u128` if the `target_os` is `emscripten` (#671: work-around Emscripten limitation) +- CI fixes (#660, #671) + +### Optimisations +- Optimise memory usage of `UnitCircle` and `UnitSphereSurface` distributions (no PR) + +## [0.6.1] - 2018-11-22 +- Support sampling `Duration` also for `no_std` (only since Rust 1.25) (#649) +- Disable default features of `libc` (#647) + +## [0.6.0] - 2018-11-14 + +### Project organisation +- Rand has moved from [rust-lang-nursery](https://github.com/rust-lang-nursery/rand) + to [rust-random](https://github.com/rust-random/rand)! (#578) +- Created [The Rust Random Book](https://rust-random.github.io/book/) + ([source](https://github.com/rust-random/book)) +- Update copyright and licence notices (#591, #611) +- Migrate policy documentation from the wiki (#544) + +### Platforms +- Add fork protection on Unix (#466) +- Added support for wasm-bindgen. (#541, #559, #562, #600) +- Enable `OsRng` for powerpc64, sparc and sparc64 (#609) +- Use `syscall` from `libc` on Linux instead of redefining it (#629) + +### RNGs +- Switch `SmallRng` to use PCG (#623) +- Implement `Pcg32` and `Pcg64Mcg` generators (#632) +- Move ISAAC RNGs to a dedicated crate (#551) +- Move Xorshift RNG to its own crate (#557) +- Move ChaCha and HC128 RNGs to dedicated crates (#607, #636) +- Remove usage of `Rc` from `ThreadRng` (#615) + +### Sampling and distributions +- Implement `Rng.gen_ratio()` and `Bernoulli::new_ratio()` (#491) +- Make `Uniform` strictly respect `f32` / `f64` high/low bounds (#477) +- Allow `gen_range` and `Uniform` to work on non-`Copy` types (#506) +- `Uniform` supports inclusive ranges: `Uniform::from(a..=b)`. This is + automatically enabled for Rust >= 1.27. (#566) +- Implement `TrustedLen` and `FusedIterator` for `DistIter` (#620) + +#### New distributions +- Add the `Dirichlet` distribution (#485) +- Added sampling from the unit sphere and circle. (#567) +- Implement the triangular distribution (#575) +- Implement the Weibull distribution (#576) +- Implement the Beta distribution (#574) + +#### Optimisations + +- Optimise `Bernoulli::new` (#500) +- Optimise `char` sampling (#519) +- Optimise sampling of `std::time::Duration` (#583) + +### Sequences +- Redesign the `seq` module (#483, #515) +- Add `WeightedIndex` and `choose_weighted` (#518, #547) +- Optimised and changed return type of the `sample_indices` function. (#479) +- Use `Iterator::size_hint()` to speed up `IteratorRandom::choose` (#593) + +### SIMD +- Support for generating SIMD types (#523, #542, #561, #630) + +### Other +- Revise CI scripts (#632, #635) +- Remove functionality already deprecated in 0.5 (#499) +- Support for `i128` and `u128` is automatically enabled for Rust >= 1.26. This + renders the `i128_support` feature obsolete. It still exists for backwards + compatibility but does not have any effect. This breaks programs using Rand + with `i128_support` on nightlies older than Rust 1.26. (#571) + + +## [0.5.5] - 2018-08-07 +### Documentation +- Fix links in documentation (#582) + + +## [0.5.4] - 2018-07-11 +### Platform support +- Make `OsRng` work via WASM/stdweb for WebWorkers + + +## [0.5.3] - 2018-06-26 +### Platform support +- OpenBSD, Bitrig: fix compilation (broken in 0.5.1) (#530) + + +## [0.5.2] - 2018-06-18 +### Platform support +- Hide `OsRng` and `JitterRng` on unsupported platforms (#512; fixes #503). + + +## [0.5.1] - 2018-06-08 + +### New distributions +- Added Cauchy distribution. (#474, #486) +- Added Pareto distribution. (#495) + +### Platform support and `OsRng` +- Remove blanket Unix implementation. (#484) +- Remove Wasm unimplemented stub. (#484) +- Dragonfly BSD: read from `/dev/random`. (#484) +- Bitrig: use `getentropy` like OpenBSD. (#484) +- Solaris: (untested) use `getrandom` if available, otherwise `/dev/random`. (#484) +- Emscripten, `stdweb`: split the read up in chunks. (#484) +- Emscripten, Haiku: don't do an extra blocking read from `/dev/random`. (#484) +- Linux, NetBSD, Solaris: read in blocking mode on first use in `fill_bytes`. (#484) +- Fuchsia, CloudABI: fix compilation (broken in Rand 0.5). (#484) + + +## [0.5.0] - 2018-05-21 + +### Crate features and organisation +- Minimum Rust version update: 1.22.0. (#239) +- Create a separate `rand_core` crate. (#288) +- Deprecate `rand_derive`. (#256) +- Add `prelude` (and module reorganisation). (#435) +- Add `log` feature. Logging is now available in `JitterRng`, `OsRng`, `EntropyRng` and `ReseedingRng`. (#246) +- Add `serde1` feature for some PRNGs. (#189) +- `stdweb` feature for `OsRng` support on WASM via stdweb. (#272, #336) + +### `Rng` trait +- Split `Rng` in `RngCore` and `Rng` extension trait. + `next_u32`, `next_u64` and `fill_bytes` are now part of `RngCore`. (#265) +- Add `Rng::sample`. (#256) +- Deprecate `Rng::gen_weighted_bool`. (#308) +- Add `Rng::gen_bool`. (#308) +- Remove `Rng::next_f32` and `Rng::next_f64`. (#273) +- Add optimized `Rng::fill` and `Rng::try_fill` methods. (#247) +- Deprecate `Rng::gen_iter`. (#286) +- Deprecate `Rng::gen_ascii_chars`. (#279) + +### `rand_core` crate +- `rand` now depends on new `rand_core` crate (#288) +- `RngCore` and `SeedableRng` are now part of `rand_core`. (#288) +- Add modules to help implementing RNGs `impl` and `le`. (#209, #228) +- Add `Error` and `ErrorKind`. (#225) +- Add `CryptoRng` marker trait. (#273) +- Add `BlockRngCore` trait. (#281) +- Add `BlockRng` and `BlockRng64` wrappers to help implementations. (#281, #325) +- Revise the `SeedableRng` trait. (#233) +- Remove default implementations for `RngCore::next_u64` and `RngCore::fill_bytes`. (#288) +- Add `RngCore::try_fill_bytes`. (#225) + +### Other traits and types +- Add `FromEntropy` trait. (#233, #375) +- Add `SmallRng` wrapper. (#296) +- Rewrite `ReseedingRng` to only work with `BlockRngCore` (substantial performance improvement). (#281) +- Deprecate `weak_rng`. Use `SmallRng` instead. (#296) +- Deprecate `AsciiGenerator`. (#279) + +### Random number generators +- Switch `StdRng` and `thread_rng` to HC-128. (#277) +- `StdRng` must now be created with `from_entropy` instead of `new` +- Change `thread_rng` reseeding threshold to 32 MiB. (#277) +- PRNGs no longer implement `Copy`. (#209) +- `Debug` implementations no longer show internals. (#209) +- Implement `Clone` for `ReseedingRng`, `JitterRng`, OsRng`. (#383, #384) +- Implement serialization for `XorShiftRng`, `IsaacRng` and `Isaac64Rng` under the `serde1` feature. (#189) +- Implement `BlockRngCore` for `ChaChaCore` and `Hc128Core`. (#281) +- All PRNGs are now portable across big- and little-endian architectures. (#209) +- `Isaac64Rng::next_u32` no longer throws away half the results. (#209) +- Add `IsaacRng::new_from_u64` and `Isaac64Rng::new_from_u64`. (#209) +- Add the HC-128 CSPRNG `Hc128Rng`. (#210) +- Change ChaCha20 to have 64-bit counter and 64-bit stream. (#349) +- Changes to `JitterRng` to get its size down from 2112 to 24 bytes. (#251) +- Various performance improvements to all PRNGs. + +### Platform support and `OsRng` +- Add support for CloudABI. (#224) +- Remove support for NaCl. (#225) +- WASM support for `OsRng` via stdweb, behind the `stdweb` feature. (#272, #336) +- Use `getrandom` on more platforms for Linux, and on Android. (#338) +- Use the `SecRandomCopyBytes` interface on macOS. (#322) +- On systems that do not have a syscall interface, only keep a single file descriptor open for `OsRng`. (#239) +- On Unix, first try a single read from `/dev/random`, then `/dev/urandom`. (#338) +- Better error handling and reporting in `OsRng` (using new error type). (#225) +- `OsRng` now uses non-blocking when available. (#225) +- Add `EntropyRng`, which provides `OsRng`, but has `JitterRng` as a fallback. (#235) + +### Distributions +- New `Distribution` trait. (#256) +- Add `Distribution::sample_iter` and `Rng::::sample_iter`. (#361) +- Deprecate `Rand`, `Sample` and `IndependentSample` traits. (#256) +- Add a `Standard` distribution (replaces most `Rand` implementations). (#256) +- Add `Binomial` and `Poisson` distributions. (#96) +- Add `Bernoulli` dsitribution. (#411) +- Add `Alphanumeric` distribution. (#279) +- Remove `Closed01` distribution, add `OpenClosed01`. (#274, #420) +- Rework `Range` type, making it possible to implement it for user types. (#274) +- Rename `Range` to `Uniform`. (#395) +- Add `Uniform::new_inclusive` for inclusive ranges. (#274) +- Use widening multiply method for much faster integer range reduction. (#274) +- `Standard` distribution for `char` uses `Uniform` internally. (#274) +- `Standard` distribution for `bool` uses sign test. (#274) +- Implement `Standard` distribution for `Wrapping`. (#436) +- Implement `Uniform` distribution for `Duration`. (#427) + + +## [0.4.3] - 2018-08-16 +### Fixed +- Use correct syscall number for PowerPC (#589) + + +## [0.4.2] - 2018-01-06 +### Changed +- Use `winapi` on Windows +- Update for Fuchsia OS +- Remove dev-dependency on `log` + + +## [0.4.1] - 2017-12-17 +### Added +- `no_std` support + + +## [0.4.0-pre.0] - 2017-12-11 +### Added +- `JitterRng` added as a high-quality alternative entropy source using the + system timer +- new `seq` module with `sample_iter`, `sample_slice`, etc. +- WASM support via dummy implementations (fail at run-time) +- Additional benchmarks, covering generators and new seq code + +### Changed +- `thread_rng` uses `JitterRng` if seeding from system time fails + (slower but more secure than previous method) + +### Deprecated + - `sample` function deprecated (replaced by `sample_iter`) + + +## [0.3.20] - 2018-01-06 +### Changed +- Remove dev-dependency on `log` +- Update `fuchsia-zircon` dependency to 0.3.2 + + +## [0.3.19] - 2017-12-27 +### Changed +- Require `log <= 0.3.8` for dev builds +- Update `fuchsia-zircon` dependency to 0.3 +- Fix broken links in docs (to unblock compiler docs testing CI) + + +## [0.3.18] - 2017-11-06 +### Changed +- `thread_rng` is seeded from the system time if `OsRng` fails +- `weak_rng` now uses `thread_rng` internally + + +## [0.3.17] - 2017-10-07 +### Changed + - Fuchsia: Magenta was renamed Zircon + +## [0.3.16] - 2017-07-27 +### Added +- Implement Debug for mote non-public types +- implement `Rand` for (i|u)i128 +- Support for Fuchsia + +### Changed +- Add inline attribute to SampleRange::construct_range. + This improves the benchmark for sample in 11% and for shuffle in 16%. +- Use `RtlGenRandom` instead of `CryptGenRandom` + + +## [0.3.15] - 2016-11-26 +### Added +- Add `Rng` trait method `choose_mut` +- Redox support + +### Changed +- Use `arc4rand` for `OsRng` on FreeBSD. +- Use `arc4random(3)` for `OsRng` on OpenBSD. + +### Fixed +- Fix filling buffers 4 GiB or larger with `OsRng::fill_bytes` on Windows + + +## [0.3.14] - 2016-02-13 +### Fixed +- Inline definitions from winapi/advapi32, which decreases build times + + +## [0.3.13] - 2016-01-09 +### Fixed +- Compatible with Rust 1.7.0-nightly (needed some extra type annotations) + + +## [0.3.12] - 2015-11-09 +### Changed +- Replaced the methods in `next_f32` and `next_f64` with the technique described + Saito & Matsumoto at MCQMC'08. The new method should exhibit a slightly more + uniform distribution. +- Depend on libc 0.2 + +### Fixed +- Fix iterator protocol issue in `rand::sample` + + +## [0.3.11] - 2015-08-31 +### Added +- Implement `Rand` for arrays with n <= 32 + + +## [0.3.10] - 2015-08-17 +### Added +- Support for NaCl platforms + +### Changed +- Allow `Rng` to be `?Sized`, impl for `&mut R` and `Box` where `R: ?Sized + Rng` + + +## [0.3.9] - 2015-06-18 +### Changed +- Use `winapi` for Windows API things + +### Fixed +- Fixed test on stable/nightly +- Fix `getrandom` syscall number for aarch64-unknown-linux-gnu + + +## [0.3.8] - 2015-04-23 +### Changed +- `log` is a dev dependency + +### Fixed +- Fix race condition of atomics in `is_getrandom_available` + + +## [0.3.7] - 2015-04-03 +### Fixed +- Derive Copy/Clone changes + + +## [0.3.6] - 2015-04-02 +### Changed +- Move to stable Rust! + + +## [0.3.5] - 2015-04-01 +### Fixed +- Compatible with Rust master + + +## [0.3.4] - 2015-03-31 +### Added +- Implement Clone for `Weighted` + +### Fixed +- Compatible with Rust master + + +## [0.3.3] - 2015-03-26 +### Fixed +- Fix compile on Windows + + +## [0.3.2] - 2015-03-26 + + +## [0.3.1] - 2015-03-26 +### Fixed +- Fix compile on Windows + + +## [0.3.0] - 2015-03-25 +### Changed +- Update to use log version 0.3.x + + +## [0.2.1] - 2015-03-22 +### Fixed +- Compatible with Rust master +- Fixed iOS compilation + + +## [0.2.0] - 2015-03-06 +### Fixed +- Compatible with Rust master (move from `old_io` to `std::io`) + + +## [0.1.4] - 2015-03-04 +### Fixed +- Compatible with Rust master (use wrapping ops) + + +## [0.1.3] - 2015-02-20 +### Fixed +- Compatible with Rust master + +### Removed +- Removed Copy implementations from RNGs + + +## [0.1.2] - 2015-02-03 +### Added +- Imported functionality from `std::rand`, including: + - `StdRng`, `SeedableRng`, `TreadRng`, `weak_rng()` + - `ReaderRng`: A wrapper around any Reader to treat it as an RNG. +- Imported documentation from `std::rand` +- Imported tests from `std::rand` + + +## [0.1.1] - 2015-02-03 +### Added +- Migrate to a cargo-compatible directory structure. + +### Fixed +- Do not use entropy during `gen_weighted_bool(1)` + + +## [Rust 0.12.0] - 2014-10-09 +### Added +- Impl Rand for tuples of arity 11 and 12 +- Include ChaCha pseudorandom generator +- Add `next_f64` and `next_f32` to Rng +- Implement Clone for PRNGs + +### Changed +- Rename `TaskRng` to `ThreadRng` and `task_rng` to `thread_rng` (since a + runtime is removed from Rust). + +### Fixed +- Improved performance of ISAAC and ISAAC64 by 30% and 12 % respectively, by + informing the optimiser that indexing is never out-of-bounds. + +### Removed +- Removed the Deprecated `choose_option` + + +## [Rust 0.11.0] - 2014-07-02 +### Added +- document when to use `OSRng` in cryptographic context, and explain why we use `/dev/urandom` instead of `/dev/random` +- `Rng::gen_iter()` which will return an infinite stream of random values +- `Rng::gen_ascii_chars()` which will return an infinite stream of random ascii characters + +### Changed +- Now only depends on libcore! +- Remove `Rng.choose()`, rename `Rng.choose_option()` to `.choose()` +- Rename OSRng to OsRng +- The WeightedChoice structure is no longer built with a `Vec>`, + but rather a `&mut [Weighted]`. This means that the WeightedChoice + structure now has a lifetime associated with it. +- The `sample` method on `Rng` has been moved to a top-level function in the + `rand` module due to its dependence on `Vec`. + +### Removed +- `Rng::gen_vec()` was removed. Previous behavior can be regained with + `rng.gen_iter().take(n).collect()` +- `Rng::gen_ascii_str()` was removed. Previous behavior can be regained with + `rng.gen_ascii_chars().take(n).collect()` +- {IsaacRng, Isaac64Rng, XorShiftRng}::new() have all been removed. These all + relied on being able to use an OSRng for seeding, but this is no longer + available in librand (where these types are defined). To retain the same + functionality, these types now implement the `Rand` trait so they can be + generated with a random seed from another random number generator. This allows + the stdlib to use an OSRng to create seeded instances of these RNGs. +- Rand implementations for `Box` and `@T` were removed. These seemed to be + pretty rare in the codebase, and it allows for librand to not depend on + liballoc. Additionally, other pointer types like Rc and Arc were not + supported. +- Remove a slew of old deprecated functions + + +## [Rust 0.10] - 2014-04-03 +### Changed +- replace `Rng.shuffle's` functionality with `.shuffle_mut` +- bubble up IO errors when creating an OSRng + +### Fixed +- Use `fill()` instead of `read()` +- Rewrite OsRng in Rust for windows + +## [0.10-pre] - 2014-03-02 +### Added +- Separate `rand` out of the standard library diff --git a/tests/summarycode/data/score/no_license_ambiguity/COPYRIGHT b/tests/summarycode/data/score/no_license_ambiguity/COPYRIGHT new file mode 100644 index 00000000000..468d907caf9 --- /dev/null +++ b/tests/summarycode/data/score/no_license_ambiguity/COPYRIGHT @@ -0,0 +1,12 @@ +Copyrights in the Rand project are retained by their contributors. No +copyright assignment is required to contribute to the Rand project. + +For full authorship information, see the version control history. + +Except as otherwise noted (below and/or in individual files), Rand is +licensed under the Apache License, Version 2.0 or + or the MIT license + or , at your option. + +The Rand project includes code from the Rust project +published under these same licenses. diff --git a/tests/summarycode/data/score/no_license_ambiguity/Cargo.toml b/tests/summarycode/data/score/no_license_ambiguity/Cargo.toml new file mode 100644 index 00000000000..98ba373c68f --- /dev/null +++ b/tests/summarycode/data/score/no_license_ambiguity/Cargo.toml @@ -0,0 +1,85 @@ +[package] +name = "rand" +version = "0.8.5" +authors = ["The Rand Project Developers", "The Rust Project Developers"] +license = "MIT OR Apache-2.0" +readme = "README.md" +repository = "https://github.com/rust-random/rand" +documentation = "https://docs.rs/rand" +homepage = "https://rust-random.github.io/book" +description = """ +Random number generators and other randomness functionality. +""" +keywords = ["random", "rng"] +categories = ["algorithms", "no-std"] +autobenches = true +edition = "2018" +include = ["src/", "LICENSE-*", "README.md", "CHANGELOG.md", "COPYRIGHT"] + +[package.metadata.docs.rs] +# To build locally: +# RUSTDOCFLAGS="--cfg doc_cfg" cargo +nightly doc --all-features --no-deps --open +all-features = true +rustdoc-args = ["--cfg", "doc_cfg"] + +[package.metadata.playground] +features = ["small_rng", "serde1"] + +[features] +# Meta-features: +default = ["std", "std_rng"] +nightly = [] # enables performance optimizations requiring nightly rust +serde1 = ["serde", "rand_core/serde1"] + +# Option (enabled by default): without "std" rand uses libcore; this option +# enables functionality expected to be available on a standard platform. +std = ["rand_core/std", "rand_chacha/std", "alloc", "getrandom", "libc"] + +# Option: "alloc" enables support for Vec and Box when not using "std" +alloc = ["rand_core/alloc"] + +# Option: use getrandom package for seeding +getrandom = ["rand_core/getrandom"] + +# Option (requires nightly): experimental SIMD support +simd_support = ["packed_simd"] + +# Option (enabled by default): enable StdRng +std_rng = ["rand_chacha"] + +# Option: enable SmallRng +small_rng = [] + +# Option: for rustc ≥ 1.51, enable generating random arrays of any size +# using min-const-generics +min_const_gen = [] + +[workspace] +members = [ + "rand_core", + "rand_distr", + "rand_chacha", + "rand_pcg", +] + +[dependencies] +rand_core = { path = "rand_core", version = "0.6.0" } +log = { version = "0.4.4", optional = true } +serde = { version = "1.0.103", features = ["derive"], optional = true } +rand_chacha = { path = "rand_chacha", version = "0.3.0", default-features = false, optional = true } + +[dependencies.packed_simd] +# NOTE: so far no version works reliably due to dependence on unstable features +package = "packed_simd_2" +version = "0.3.7" +optional = true +features = ["into_bits"] + +[target.'cfg(unix)'.dependencies] +# Used for fork protection (reseeding.rs) +libc = { version = "0.2.22", optional = true, default-features = false } + +[dev-dependencies] +rand_pcg = { path = "rand_pcg", version = "0.3.0" } +# Only to test serde1 +bincode = "1.2.1" diff --git a/tests/summarycode/data/score/no_license_ambiguity/LICENSE-APACHE b/tests/summarycode/data/score/no_license_ambiguity/LICENSE-APACHE new file mode 100644 index 00000000000..494ad3bfdfe --- /dev/null +++ b/tests/summarycode/data/score/no_license_ambiguity/LICENSE-APACHE @@ -0,0 +1,176 @@ + Apache License + Version 2.0, January 2004 + https://www.apache.org/licenses/ + +TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + +1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + +2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + +3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + +4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + +5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + +6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + +7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + +8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + +9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + +END OF TERMS AND CONDITIONS diff --git a/tests/summarycode/data/score/no_license_ambiguity/LICENSE-MIT b/tests/summarycode/data/score/no_license_ambiguity/LICENSE-MIT new file mode 100644 index 00000000000..d93b5baf341 --- /dev/null +++ b/tests/summarycode/data/score/no_license_ambiguity/LICENSE-MIT @@ -0,0 +1,26 @@ +Copyright 2018 Developers of the Rand project +Copyright (c) 2014 The Rust Project Developers + +Permission is hereby granted, free of charge, to any +person obtaining a copy of this software and associated +documentation files (the "Software"), to deal in the +Software without restriction, including without +limitation the rights to use, copy, modify, merge, +publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software +is furnished to do so, subject to the following +conditions: + +The above copyright notice and this permission notice +shall be included in all copies or substantial portions +of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF +ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED +TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A +PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT +SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR +IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER +DEALINGS IN THE SOFTWARE. diff --git a/tests/summarycode/data/score/no_license_ambiguity/README.md b/tests/summarycode/data/score/no_license_ambiguity/README.md new file mode 100644 index 00000000000..44c2e4d518e --- /dev/null +++ b/tests/summarycode/data/score/no_license_ambiguity/README.md @@ -0,0 +1,158 @@ +# Rand + +[![Test Status](https://github.com/rust-random/rand/workflows/Tests/badge.svg?event=push)](https://github.com/rust-random/rand/actions) +[![Crate](https://img.shields.io/crates/v/rand.svg)](https://crates.io/crates/rand) +[![Book](https://img.shields.io/badge/book-master-yellow.svg)](https://rust-random.github.io/book/) +[![API](https://img.shields.io/badge/api-master-yellow.svg)](https://rust-random.github.io/rand/rand) +[![API](https://docs.rs/rand/badge.svg)](https://docs.rs/rand) +[![Minimum rustc version](https://img.shields.io/badge/rustc-1.36+-lightgray.svg)](https://github.com/rust-random/rand#rust-version-requirements) + +A Rust library for random number generation, featuring: + +- Easy random value generation and usage via the [`Rng`](https://docs.rs/rand/*/rand/trait.Rng.html), + [`SliceRandom`](https://docs.rs/rand/*/rand/seq/trait.SliceRandom.html) and + [`IteratorRandom`](https://docs.rs/rand/*/rand/seq/trait.IteratorRandom.html) traits +- Secure seeding via the [`getrandom` crate](https://crates.io/crates/getrandom) + and fast, convenient generation via [`thread_rng`](https://docs.rs/rand/*/rand/fn.thread_rng.html) +- A modular design built over [`rand_core`](https://crates.io/crates/rand_core) + ([see the book](https://rust-random.github.io/book/crates.html)) +- Fast implementations of the best-in-class [cryptographic](https://rust-random.github.io/book/guide-rngs.html#cryptographically-secure-pseudo-random-number-generators-csprngs) and + [non-cryptographic](https://rust-random.github.io/book/guide-rngs.html#basic-pseudo-random-number-generators-prngs) generators +- A flexible [`distributions`](https://docs.rs/rand/*/rand/distributions/index.html) module +- Samplers for a large number of random number distributions via our own + [`rand_distr`](https://docs.rs/rand_distr) and via + the [`statrs`](https://docs.rs/statrs/0.13.0/statrs/) +- [Portably reproducible output](https://rust-random.github.io/book/portability.html) +- `#[no_std]` compatibility (partial) +- *Many* performance optimisations + +It's also worth pointing out what `rand` *is not*: + +- Small. Most low-level crates are small, but the higher-level `rand` and + `rand_distr` each contain a lot of functionality. +- Simple (implementation). We have a strong focus on correctness, speed and flexibility, but + not simplicity. If you prefer a small-and-simple library, there are + alternatives including [fastrand](https://crates.io/crates/fastrand) + and [oorandom](https://crates.io/crates/oorandom). +- Slow. We take performance seriously, with considerations also for set-up + time of new distributions, commonly-used parameters, and parameters of the + current sampler. + +Documentation: + +- [The Rust Rand Book](https://rust-random.github.io/book) +- [API reference (master branch)](https://rust-random.github.io/rand) +- [API reference (docs.rs)](https://docs.rs/rand) + + +## Usage + +Add this to your `Cargo.toml`: + +```toml +[dependencies] +rand = "0.8.4" +``` + +To get started using Rand, see [The Book](https://rust-random.github.io/book). + + +## Versions + +Rand is *mature* (suitable for general usage, with infrequent breaking releases +which minimise breakage) but not yet at 1.0. We maintain compatibility with +pinned versions of the Rust compiler (see below). + +Current Rand versions are: + +- Version 0.7 was released in June 2019, moving most non-uniform distributions + to an external crate, moving `from_entropy` to `SeedableRng`, and many small + changes and fixes. +- Version 0.8 was released in December 2020 with many small changes. + +A detailed [changelog](CHANGELOG.md) is available for releases. + +When upgrading to the next minor series (especially 0.4 → 0.5), we recommend +reading the [Upgrade Guide](https://rust-random.github.io/book/update.html). + +Rand has not yet reached 1.0 implying some breaking changes may arrive in the +future ([SemVer](https://semver.org/) allows each 0.x.0 release to include +breaking changes), but is considered *mature*: breaking changes are minimised +and breaking releases are infrequent. + +Rand libs have inter-dependencies and make use of the +[semver trick](https://github.com/dtolnay/semver-trick/) in order to make traits +compatible across crate versions. (This is especially important for `RngCore` +and `SeedableRng`.) A few crate releases are thus compatibility shims, +depending on the *next* lib version (e.g. `rand_core` versions `0.2.2` and +`0.3.1`). This means, for example, that `rand_core_0_4_0::SeedableRng` and +`rand_core_0_3_0::SeedableRng` are distinct, incompatible traits, which can +cause build errors. Usually, running `cargo update` is enough to fix any issues. + +### Yanked versions + +Some versions of Rand crates have been yanked ("unreleased"). Where this occurs, +the crate's CHANGELOG *should* be updated with a rationale, and a search on the +issue tracker with the keyword `yank` *should* uncover the motivation. + +### Rust version requirements + +Since version 0.8, Rand requires **Rustc version 1.36 or greater**. +Rand 0.7 requires Rustc 1.32 or greater while versions 0.5 require Rustc 1.22 or +greater, and 0.4 and 0.3 (since approx. June 2017) require Rustc version 1.15 or +greater. Subsets of the Rand code may work with older Rust versions, but this is +not supported. + +Continuous Integration (CI) will always test the minimum supported Rustc version +(the MSRV). The current policy is that this can be updated in any +Rand release if required, but the change must be noted in the changelog. + +## Crate Features + +Rand is built with these features enabled by default: + +- `std` enables functionality dependent on the `std` lib +- `alloc` (implied by `std`) enables functionality requiring an allocator +- `getrandom` (implied by `std`) is an optional dependency providing the code + behind `rngs::OsRng` +- `std_rng` enables inclusion of `StdRng`, `thread_rng` and `random` + (the latter two *also* require that `std` be enabled) + +Optionally, the following dependencies can be enabled: + +- `log` enables logging via the `log` crate + +Additionally, these features configure Rand: + +- `small_rng` enables inclusion of the `SmallRng` PRNG +- `nightly` enables some optimizations requiring nightly Rust +- `simd_support` (experimental) enables sampling of SIMD values + (uniformly random SIMD integers and floats), requiring nightly Rust +- `min_const_gen` enables generating random arrays of + any size using min-const-generics, requiring Rust ≥ 1.51. + +Note that nightly features are not stable and therefore not all library and +compiler versions will be compatible. This is especially true of Rand's +experimental `simd_support` feature. + +Rand supports limited functionality in `no_std` mode (enabled via +`default-features = false`). In this case, `OsRng` and `from_entropy` are +unavailable (unless `getrandom` is enabled), large parts of `seq` are +unavailable (unless `alloc` is enabled), and `thread_rng` and `random` are +unavailable. + +### WASM support + +The WASM target `wasm32-unknown-unknown` is not *automatically* supported by +`rand` or `getrandom`. To solve this, either use a different target such as +`wasm32-wasi` or add a direct dependency on `getrandom` with the `js` feature +(if the target supports JavaScript). See +[getrandom#WebAssembly support](https://docs.rs/getrandom/latest/getrandom/#webassembly-support). + +# License + +Rand is distributed under the terms of both the MIT license and the +Apache License (Version 2.0). + +See [LICENSE-APACHE](LICENSE-APACHE) and [LICENSE-MIT](LICENSE-MIT), and +[COPYRIGHT](COPYRIGHT) for details. diff --git a/tests/summarycode/data/score/no_license_ambiguity/SECURITY.md b/tests/summarycode/data/score/no_license_ambiguity/SECURITY.md new file mode 100644 index 00000000000..a31b4e23fd3 --- /dev/null +++ b/tests/summarycode/data/score/no_license_ambiguity/SECURITY.md @@ -0,0 +1,69 @@ +# Security Policy + +## No guarantees + +Support is provided on a best-effort bases only. +No binding guarantees can be provided. + +## Security premises + +Rand provides the trait `rand_core::CryptoRng` aka `rand::CryptoRng` as a marker +trait. Generators implementing `RngCore` *and* `CryptoRng`, and given the +additional constraints that: + +- Instances of seedable RNGs (those implementing `SeedableRng`) are + constructed with cryptographically secure seed values +- The state (memory) of the RNG and its seed value are not be exposed + +are expected to provide the following: + +- An attacker can gain no advantage over chance (50% for each bit) in + predicting the RNG output, even with full knowledge of all prior outputs. + +For some RNGs, notably `OsRng`, `ThreadRng` and those wrapped by `ReseedingRng`, +we provide limited mitigations against side-channel attacks: + +- After a process fork on Unix, there is an upper-bound on the number of bits + output by the RNG before the processes diverge, after which outputs from + each process's RNG are uncorrelated +- After the state (memory) of an RNG is leaked, there is an upper-bound on the + number of bits of output by the RNG before prediction of output by an + observer again becomes computationally-infeasible + +Additionally, derivations from such an RNG (including the `Rng` trait, +implementations of the `Distribution` trait, and `seq` algorithms) should not +introduce significant bias other than that expected from the operation in +question (e.g. bias from a weighted distribution). + +## Supported Versions + +We will attempt to uphold these premises in the following crate versions, +provided that only the latest patch version is used, and with potential +exceptions for theoretical issues without a known exploit: + +| Crate | Versions | Exceptions | +| ----- | -------- | ---------- | +| `rand` | 0.8 | | +| `rand` | 0.7 | | +| `rand` | 0.5, 0.6 | Jitter | +| `rand` | 0.4 | Jitter, ISAAC | +| `rand_core` | 0.2 - 0.6 | | +| `rand_chacha` | 0.1 - 0.3 | | + +Explanation of exceptions: + +- Jitter: `JitterRng` is used as an entropy source when the primary source + fails; this source may not be secure against side-channel attacks, see #699. +- ISAAC: the [ISAAC](https://burtleburtle.net/bob/rand/isaacafa.html) RNG used + to implement `thread_rng` is difficult to analyse and thus cannot provide + strong assertions of security. + +## Known issues + +In `rand` version 0.3 (0.3.18 and later), if `OsRng` fails, `thread_rng` is +seeded from the system time in an insecure manner. + +## Reporting a Vulnerability + +To report a vulnerability, [open a new issue](https://github.com/rust-random/rand/issues/new). +Once the issue is resolved, the vulnerability should be [reported to RustSec](https://github.com/RustSec/advisory-db/blob/master/CONTRIBUTING.md). diff --git a/tests/summarycode/data/score/no_license_ambiguity/rustfmt.toml b/tests/summarycode/data/score/no_license_ambiguity/rustfmt.toml new file mode 100644 index 00000000000..6a2d9d48215 --- /dev/null +++ b/tests/summarycode/data/score/no_license_ambiguity/rustfmt.toml @@ -0,0 +1,32 @@ +# This rustfmt file is added for configuration, but in practice much of our +# code is hand-formatted, frequently with more readable results. + +# Comments: +normalize_comments = true +wrap_comments = false +comment_width = 90 # small excess is okay but prefer 80 + +# Arguments: +use_small_heuristics = "Default" +# TODO: single line functions only where short, please? +# https://github.com/rust-lang/rustfmt/issues/3358 +fn_single_line = false +fn_args_layout = "Compressed" +overflow_delimited_expr = true +where_single_line = true + +# enum_discrim_align_threshold = 20 +# struct_field_align_threshold = 20 + +# Compatibility: +edition = "2018" # we require compatibility back to 1.32.0 + +# Misc: +inline_attribute_width = 80 +blank_lines_upper_bound = 2 +reorder_impl_items = true +# report_todo = "Unnumbered" +# report_fixme = "Unnumbered" + +# Ignored files: +ignore = [] diff --git a/tests/summarycode/data/score2/no_license_or_copyright-expected.json b/tests/summarycode/data/score/no_license_or_copyright-expected.json similarity index 99% rename from tests/summarycode/data/score2/no_license_or_copyright-expected.json rename to tests/summarycode/data/score/no_license_or_copyright-expected.json index 0fb33bd217d..8415614c94b 100644 --- a/tests/summarycode/data/score2/no_license_or_copyright-expected.json +++ b/tests/summarycode/data/score/no_license_or_copyright-expected.json @@ -9,7 +9,7 @@ "--info": true, "--json": "", "--license": true, - "--license-clarity-score-2": true + "--license-clarity-score": true }, "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", "output_format_version": "2.0.0", diff --git a/tests/summarycode/data/score/consistent_licenses/README.md b/tests/summarycode/data/score/no_license_or_copyright/README.md similarity index 100% rename from tests/summarycode/data/score/consistent_licenses/README.md rename to tests/summarycode/data/score/no_license_or_copyright/README.md diff --git a/tests/summarycode/data/score/top_declared/index.js b/tests/summarycode/data/score/no_license_or_copyright/index.js similarity index 100% rename from tests/summarycode/data/score/top_declared/index.js rename to tests/summarycode/data/score/no_license_or_copyright/index.js diff --git a/tests/summarycode/data/score2/no_license_or_copyright/package.json b/tests/summarycode/data/score/no_license_or_copyright/package.json similarity index 100% rename from tests/summarycode/data/score2/no_license_or_copyright/package.json rename to tests/summarycode/data/score/no_license_or_copyright/package.json diff --git a/tests/summarycode/data/score2/no_license_text-expected.json b/tests/summarycode/data/score/no_license_text-expected.json similarity index 99% rename from tests/summarycode/data/score2/no_license_text-expected.json rename to tests/summarycode/data/score/no_license_text-expected.json index 92e16f60040..ff07e3353c2 100644 --- a/tests/summarycode/data/score2/no_license_text-expected.json +++ b/tests/summarycode/data/score/no_license_text-expected.json @@ -9,7 +9,7 @@ "--info": true, "--json": "", "--license": true, - "--license-clarity-score-2": true + "--license-clarity-score": true }, "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", "output_format_version": "2.0.0", diff --git a/tests/summarycode/data/score2/no_license_text/README.md b/tests/summarycode/data/score/no_license_text/README.md similarity index 100% rename from tests/summarycode/data/score2/no_license_text/README.md rename to tests/summarycode/data/score/no_license_text/README.md diff --git a/tests/summarycode/data/score/top_declared_not/index.js b/tests/summarycode/data/score/no_license_text/index.js similarity index 100% rename from tests/summarycode/data/score/top_declared_not/index.js rename to tests/summarycode/data/score/no_license_text/index.js diff --git a/tests/summarycode/data/score/consistent_licenses_not/package.json b/tests/summarycode/data/score/no_license_text/package.json similarity index 100% rename from tests/summarycode/data/score/consistent_licenses_not/package.json rename to tests/summarycode/data/score/no_license_text/package.json diff --git a/tests/summarycode/data/score/single_file-expected.json b/tests/summarycode/data/score/single_file-expected.json deleted file mode 100644 index 4a0598fee5a..00000000000 --- a/tests/summarycode/data/score/single_file-expected.json +++ /dev/null @@ -1,104 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "1.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.14", - "files_count": 1 - } - } - ], - "license_clarity_score": { - "score": 0, - "declared": false, - "discovered": 0, - "consistency": false, - "spdx": false, - "license_texts": false - }, - "files": [ - { - "path": "single_file", - "type": "directory", - "name": "single_file", - "base_name": "single_file", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 1, - "dirs_count": 0, - "size_count": 11, - "scan_errors": [] - }, - { - "path": "single_file/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 11, - "sha1": "fc7cfc3571c2ff947a562c5f48cfcacba7aeb858", - "md5": "32296806c95d11fb5ae0ab083c1390c9", - "sha256": "c656426acc857b2ff5de97daf8ae8ca38a9ca07ed79a4ee82f0f195d3e2ca847", - "mime_type": "text/plain", - "file_type": "ASCII text, with no line terminators", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file diff --git a/tests/summarycode/data/score/single_file/README.md b/tests/summarycode/data/score/single_file/README.md deleted file mode 100644 index afc50e40cf0..00000000000 --- a/tests/summarycode/data/score/single_file/README.md +++ /dev/null @@ -1 +0,0 @@ -Some readme \ No newline at end of file diff --git a/tests/summarycode/data/score/spdx_licenses-expected.json b/tests/summarycode/data/score/spdx_licenses-expected.json deleted file mode 100644 index c832da12cf0..00000000000 --- a/tests/summarycode/data/score/spdx_licenses-expected.json +++ /dev/null @@ -1,373 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "2.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.14", - "files_count": 4 - } - } - ], - "license_clarity_score": { - "score": 30, - "declared": true, - "discovered": 0, - "consistency": false, - "spdx": false, - "license_texts": false - }, - "files": [ - { - "path": "spdx_licenses", - "type": "directory", - "name": "spdx_licenses", - "base_name": "spdx_licenses", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 4, - "dirs_count": 1, - "size_count": 1186, - "scan_errors": [] - }, - { - "path": "spdx_licenses/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 295, - "sha1": "7d770c5ffdcf659c944a670225ab43db9f33d4a8", - "md5": "4b8955afbb3a8aa01933e99e331e4acf", - "sha256": "aac3e1032f4dffd347854cbe37d559223f2d61173caa649ca7cd0cfb11987334", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "spdx_licenses/package.json", - "type": "file", - "name": "package.json", - "base_name": "package", - "extension": ".json", - "size": 829, - "sha1": "003103b742ebfb1e76e80d9fc05ab0b3046f2ab6", - "md5": "bd8911e2d8af0caa689f76b9975761fd", - "sha256": "d27968b827780212a965387f5ec3421ee59a0bf9166847629db0e716e6d2d9c3", - "mime_type": "application/json", - "file_type": "JSON data", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 7, - "end_line": 7, - "matched_rule": { - "identifier": "mit_30.RULE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 2, - "matched_length": 2, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 1.83, - "copyrights": [], - "holders": [], - "authors": [ - { - "author": "Alexander Plavinski ", - "start_line": 6, - "end_line": 6 - } - ], - "is_legal": false, - "is_manifest": true, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "spdx_licenses/src", - "type": "directory", - "name": "src", - "base_name": "src", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 2, - "dirs_count": 0, - "size_count": 62, - "scan_errors": [] - }, - { - "path": "spdx_licenses/src/index.js", - "type": "file", - "name": "index.js", - "base_name": "index", - "extension": ".js", - "size": 32, - "sha1": "4c9f2b0ba719d3e0d974753e4b6c828d6dfd2283", - "md5": "6ec41034e04432ee375d0e14fba596f4", - "sha256": "c1512f9bcc19ce05be1741085084b648444bc083e073abb0d227694d9da7b945", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 1, - "end_line": 1, - "matched_rule": { - "identifier": "spdx-license-identifier: mit", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "1-spdx-id", - "rule_length": 4, - "matched_length": 4, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 100.0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "spdx_licenses/src/index2.js", - "type": "file", - "name": "index2.js", - "base_name": "index2", - "extension": ".js", - "size": 30, - "sha1": "d13739705c669be4eba590bb6b684f5dbfcbfb4d", - "md5": "21b5727747a414065e1e5534827fef02", - "sha256": "30a1d44e7010af6c3f410630243ea7db9c26b3876d2e1a6d6cb57436e7b4eedc", - "mime_type": "text/plain", - "file_type": "ASCII text, with no line terminators", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [ - { - "key": "apache-2.0", - "score": 100.0, - "name": "Apache License 2.0", - "short_name": "Apache 2.0", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "Apache Software Foundation", - "homepage_url": "http://www.apache.org/licenses/", - "text_url": "http://www.apache.org/licenses/LICENSE-2.0", - "reference_url": "https://scancode-licensedb.aboutcode.org/apache-2.0", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/apache-2.0.yml", - "spdx_license_key": "Apache-2.0", - "spdx_url": "https://spdx.org/licenses/Apache-2.0", - "start_line": 1, - "end_line": 1, - "matched_rule": { - "identifier": "apache-2.0_176.RULE", - "license_expression": "apache-2.0", - "licenses": [ - "apache-2.0" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": true, - "is_license_tag": false, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 4, - "matched_length": 4, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "apache-2.0" - ], - "percentage_of_license_text": 66.67, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file diff --git a/tests/summarycode/data/score/spdx_licenses/README.md b/tests/summarycode/data/score/spdx_licenses/README.md deleted file mode 100644 index 5609113f254..00000000000 --- a/tests/summarycode/data/score/spdx_licenses/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# @invisionag/eslint-config-ivx - -# Usage - -Install the peer dependencies as development dependencies: -- `eslint^3.19.0` -- `prettier^1.5.2` - -Install `@invisionag/eslint-config-ivx` as a development dependency. - -In your `.eslintrc.js`: -```js -module.exports = { - extends: '@invisionag/ivx', -}; -``` diff --git a/tests/summarycode/data/score/spdx_licenses/package.json b/tests/summarycode/data/score/spdx_licenses/package.json deleted file mode 100644 index f54d82ed9fa..00000000000 --- a/tests/summarycode/data/score/spdx_licenses/package.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "@invisionag/eslint-config-ivx", - "version": "0.0.10", - "main": "index.js", - "repository": "https://github.com/ivx/eslint-config-ivx.git", - "author": "Alexander Plavinski ", - "license": "MIT", - "scripts": { - "test": "eslint ." - }, - "peerDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - }, - "dependencies": { - "babel-eslint": "^7.2.3", - "eslint-config-airbnb": "^15.1.0", - "eslint-config-prettier": "^2.3.0", - "eslint-plugin-flowtype": "^2.34.1", - "eslint-plugin-import": "^2.6.1", - "eslint-plugin-jsx-a11y": "^5.1.1", - "eslint-plugin-prettier": "^2.2.0", - "eslint-plugin-react": "^7.3.0", - "eslint-plugin-react-functional-set-state": "^1.0.1" - }, - "devDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - } -} diff --git a/tests/summarycode/data/score/spdx_licenses/src/index.js b/tests/summarycode/data/score/spdx_licenses/src/index.js deleted file mode 100644 index 8096cb46020..00000000000 --- a/tests/summarycode/data/score/spdx_licenses/src/index.js +++ /dev/null @@ -1 +0,0 @@ -// SPDX-License-Identifier: MIT diff --git a/tests/summarycode/data/score/spdx_licenses/src/index2.js b/tests/summarycode/data/score/spdx_licenses/src/index2.js deleted file mode 100644 index 33307f1c2c5..00000000000 --- a/tests/summarycode/data/score/spdx_licenses/src/index2.js +++ /dev/null @@ -1 +0,0 @@ -//based on Apache 2.0 License. \ No newline at end of file diff --git a/tests/summarycode/data/score/spdx_licenses_not-expected.json b/tests/summarycode/data/score/spdx_licenses_not-expected.json deleted file mode 100644 index 4b11d444aa2..00000000000 --- a/tests/summarycode/data/score/spdx_licenses_not-expected.json +++ /dev/null @@ -1,373 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "1.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.14", - "files_count": 4 - } - } - ], - "license_clarity_score": { - "score": 30, - "declared": true, - "discovered": 0, - "consistency": false, - "spdx": false, - "license_texts": false - }, - "files": [ - { - "path": "spdx_licenses_not", - "type": "directory", - "name": "spdx_licenses_not", - "base_name": "spdx_licenses_not", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 4, - "dirs_count": 1, - "size_count": 1254, - "scan_errors": [] - }, - { - "path": "spdx_licenses_not/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 295, - "sha1": "7d770c5ffdcf659c944a670225ab43db9f33d4a8", - "md5": "4b8955afbb3a8aa01933e99e331e4acf", - "sha256": "aac3e1032f4dffd347854cbe37d559223f2d61173caa649ca7cd0cfb11987334", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "spdx_licenses_not/package.json", - "type": "file", - "name": "package.json", - "base_name": "package", - "extension": ".json", - "size": 829, - "sha1": "003103b742ebfb1e76e80d9fc05ab0b3046f2ab6", - "md5": "bd8911e2d8af0caa689f76b9975761fd", - "sha256": "d27968b827780212a965387f5ec3421ee59a0bf9166847629db0e716e6d2d9c3", - "mime_type": "application/json", - "file_type": "JSON data", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 7, - "end_line": 7, - "matched_rule": { - "identifier": "mit_30.RULE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 2, - "matched_length": 2, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 1.83, - "copyrights": [], - "holders": [], - "authors": [ - { - "author": "Alexander Plavinski ", - "start_line": 6, - "end_line": 6 - } - ], - "is_legal": false, - "is_manifest": true, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "spdx_licenses_not/src", - "type": "directory", - "name": "src", - "base_name": "src", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 2, - "dirs_count": 0, - "size_count": 130, - "scan_errors": [] - }, - { - "path": "spdx_licenses_not/src/index.js", - "type": "file", - "name": "index.js", - "base_name": "index", - "extension": ".js", - "size": 32, - "sha1": "4c9f2b0ba719d3e0d974753e4b6c828d6dfd2283", - "md5": "6ec41034e04432ee375d0e14fba596f4", - "sha256": "c1512f9bcc19ce05be1741085084b648444bc083e073abb0d227694d9da7b945", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 1, - "end_line": 1, - "matched_rule": { - "identifier": "spdx-license-identifier: mit", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "1-spdx-id", - "rule_length": 4, - "matched_length": 4, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 100.0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "spdx_licenses_not/src/index2.js", - "type": "file", - "name": "index2.js", - "base_name": "index2", - "extension": ".js", - "size": 98, - "sha1": "3e219659f4f4ca3387a682b5108034428fe385d9", - "md5": "b0974427598854f8fc3f4f89c2680ec3", - "sha256": "eaeaf264754776f109f269869377ba250ccd3d7a849387c1ff8632f2c76d5695", - "mime_type": "text/plain", - "file_type": "ASCII text, with no line terminators", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [ - { - "key": "other-permissive", - "score": 100.0, - "name": "Other Permissive Licenses", - "short_name": "Other Permissive Licenses", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "nexB", - "homepage_url": null, - "text_url": "", - "reference_url": "https://scancode-licensedb.aboutcode.org/other-permissive", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/other-permissive.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/other-permissive.yml", - "spdx_license_key": "LicenseRef-scancode-other-permissive", - "spdx_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/other-permissive.LICENSE", - "start_line": 1, - "end_line": 1, - "matched_rule": { - "identifier": "other-permissive_10.RULE", - "license_expression": "other-permissive", - "licenses": [ - "other-permissive" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": true, - "is_license_tag": false, - "is_license_intro": false, - "has_unknown": false, - "matcher": "1-hash", - "rule_length": 16, - "matched_length": 16, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "other-permissive" - ], - "percentage_of_license_text": 100.0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": false, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file diff --git a/tests/summarycode/data/score/spdx_licenses_not/README.md b/tests/summarycode/data/score/spdx_licenses_not/README.md deleted file mode 100644 index 5609113f254..00000000000 --- a/tests/summarycode/data/score/spdx_licenses_not/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# @invisionag/eslint-config-ivx - -# Usage - -Install the peer dependencies as development dependencies: -- `eslint^3.19.0` -- `prettier^1.5.2` - -Install `@invisionag/eslint-config-ivx` as a development dependency. - -In your `.eslintrc.js`: -```js -module.exports = { - extends: '@invisionag/ivx', -}; -``` diff --git a/tests/summarycode/data/score/spdx_licenses_not/package.json b/tests/summarycode/data/score/spdx_licenses_not/package.json deleted file mode 100644 index f54d82ed9fa..00000000000 --- a/tests/summarycode/data/score/spdx_licenses_not/package.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "@invisionag/eslint-config-ivx", - "version": "0.0.10", - "main": "index.js", - "repository": "https://github.com/ivx/eslint-config-ivx.git", - "author": "Alexander Plavinski ", - "license": "MIT", - "scripts": { - "test": "eslint ." - }, - "peerDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - }, - "dependencies": { - "babel-eslint": "^7.2.3", - "eslint-config-airbnb": "^15.1.0", - "eslint-config-prettier": "^2.3.0", - "eslint-plugin-flowtype": "^2.34.1", - "eslint-plugin-import": "^2.6.1", - "eslint-plugin-jsx-a11y": "^5.1.1", - "eslint-plugin-prettier": "^2.2.0", - "eslint-plugin-react": "^7.3.0", - "eslint-plugin-react-functional-set-state": "^1.0.1" - }, - "devDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - } -} diff --git a/tests/summarycode/data/score/spdx_licenses_not/src/index.js b/tests/summarycode/data/score/spdx_licenses_not/src/index.js deleted file mode 100644 index 8096cb46020..00000000000 --- a/tests/summarycode/data/score/spdx_licenses_not/src/index.js +++ /dev/null @@ -1 +0,0 @@ -// SPDX-License-Identifier: MIT diff --git a/tests/summarycode/data/score/spdx_licenses_not/src/index2.js b/tests/summarycode/data/score/spdx_licenses_not/src/index2.js deleted file mode 100644 index 921ac89f376..00000000000 --- a/tests/summarycode/data/score/spdx_licenses_not/src/index2.js +++ /dev/null @@ -1 +0,0 @@ -//This project is made available under its own **Blueprint License**, based on Apache 2.0 License. \ No newline at end of file diff --git a/tests/summarycode/data/score/top_declared-expected.json b/tests/summarycode/data/score/top_declared-expected.json deleted file mode 100644 index 15daafbab01..00000000000 --- a/tests/summarycode/data/score/top_declared-expected.json +++ /dev/null @@ -1,221 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "1.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.14", - "files_count": 3 - } - } - ], - "license_clarity_score": { - "score": 30, - "declared": true, - "discovered": 0, - "consistency": false, - "spdx": false, - "license_texts": false - }, - "files": [ - { - "path": "top_declared", - "type": "directory", - "name": "top_declared", - "base_name": "top_declared", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 3, - "dirs_count": 0, - "size_count": 2161, - "scan_errors": [] - }, - { - "path": "top_declared/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 295, - "sha1": "7d770c5ffdcf659c944a670225ab43db9f33d4a8", - "md5": "4b8955afbb3a8aa01933e99e331e4acf", - "sha256": "aac3e1032f4dffd347854cbe37d559223f2d61173caa649ca7cd0cfb11987334", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "top_declared/index.js", - "type": "file", - "name": "index.js", - "base_name": "index", - "extension": ".js", - "size": 1037, - "sha1": "53771edd1e0765de7400174e42ca2e8e5840055f", - "md5": "ec9dc4294f83d24294f07e6a0676c338", - "sha256": "2b61833228890116dded1849a683d31d0273e0cf985a7bf0cc419aa7edefd839", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "top_declared/package.json", - "type": "file", - "name": "package.json", - "base_name": "package", - "extension": ".json", - "size": 829, - "sha1": "003103b742ebfb1e76e80d9fc05ab0b3046f2ab6", - "md5": "bd8911e2d8af0caa689f76b9975761fd", - "sha256": "d27968b827780212a965387f5ec3421ee59a0bf9166847629db0e716e6d2d9c3", - "mime_type": "application/json", - "file_type": "JSON data", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 7, - "end_line": 7, - "matched_rule": { - "identifier": "mit_30.RULE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 2, - "matched_length": 2, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 1.83, - "copyrights": [], - "holders": [], - "authors": [ - { - "author": "Alexander Plavinski ", - "start_line": 6, - "end_line": 6 - } - ], - "is_legal": false, - "is_manifest": true, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file diff --git a/tests/summarycode/data/score/top_declared/README.md b/tests/summarycode/data/score/top_declared/README.md deleted file mode 100644 index 5609113f254..00000000000 --- a/tests/summarycode/data/score/top_declared/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# @invisionag/eslint-config-ivx - -# Usage - -Install the peer dependencies as development dependencies: -- `eslint^3.19.0` -- `prettier^1.5.2` - -Install `@invisionag/eslint-config-ivx` as a development dependency. - -In your `.eslintrc.js`: -```js -module.exports = { - extends: '@invisionag/ivx', -}; -``` diff --git a/tests/summarycode/data/score/top_declared/package.json b/tests/summarycode/data/score/top_declared/package.json deleted file mode 100644 index f54d82ed9fa..00000000000 --- a/tests/summarycode/data/score/top_declared/package.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "@invisionag/eslint-config-ivx", - "version": "0.0.10", - "main": "index.js", - "repository": "https://github.com/ivx/eslint-config-ivx.git", - "author": "Alexander Plavinski ", - "license": "MIT", - "scripts": { - "test": "eslint ." - }, - "peerDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - }, - "dependencies": { - "babel-eslint": "^7.2.3", - "eslint-config-airbnb": "^15.1.0", - "eslint-config-prettier": "^2.3.0", - "eslint-plugin-flowtype": "^2.34.1", - "eslint-plugin-import": "^2.6.1", - "eslint-plugin-jsx-a11y": "^5.1.1", - "eslint-plugin-prettier": "^2.2.0", - "eslint-plugin-react": "^7.3.0", - "eslint-plugin-react-functional-set-state": "^1.0.1" - }, - "devDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - } -} diff --git a/tests/summarycode/data/score/top_declared_not-expected.json b/tests/summarycode/data/score/top_declared_not-expected.json deleted file mode 100644 index 695318dbce6..00000000000 --- a/tests/summarycode/data/score/top_declared_not-expected.json +++ /dev/null @@ -1,180 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "1.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.14", - "files_count": 3 - } - } - ], - "license_clarity_score": { - "score": 0, - "declared": false, - "discovered": 0, - "consistency": false, - "spdx": false, - "license_texts": false - }, - "files": [ - { - "path": "top_declared_not", - "type": "directory", - "name": "top_declared_not", - "base_name": "top_declared_not", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 3, - "dirs_count": 0, - "size_count": 2141, - "scan_errors": [] - }, - { - "path": "top_declared_not/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 295, - "sha1": "7d770c5ffdcf659c944a670225ab43db9f33d4a8", - "md5": "4b8955afbb3a8aa01933e99e331e4acf", - "sha256": "aac3e1032f4dffd347854cbe37d559223f2d61173caa649ca7cd0cfb11987334", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "top_declared_not/index.js", - "type": "file", - "name": "index.js", - "base_name": "index", - "extension": ".js", - "size": 1037, - "sha1": "53771edd1e0765de7400174e42ca2e8e5840055f", - "md5": "ec9dc4294f83d24294f07e6a0676c338", - "sha256": "2b61833228890116dded1849a683d31d0273e0cf985a7bf0cc419aa7edefd839", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "top_declared_not/package.json", - "type": "file", - "name": "package.json", - "base_name": "package", - "extension": ".json", - "size": 809, - "sha1": "c07fce758705b949299768f7a404a51ce31ead7a", - "md5": "6670be3f86bde3893f575303b9b33b24", - "sha256": "77891e545535e7cd9b8de9eb9633d60083e17a4120c2edb5181cef3abd906c9f", - "mime_type": "application/json", - "file_type": "JSON data", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [ - { - "author": "Alexander Plavinski ", - "start_line": 6, - "end_line": 6 - } - ], - "is_legal": false, - "is_manifest": true, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file diff --git a/tests/summarycode/data/score/top_declared_not/README.md b/tests/summarycode/data/score/top_declared_not/README.md deleted file mode 100644 index 5609113f254..00000000000 --- a/tests/summarycode/data/score/top_declared_not/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# @invisionag/eslint-config-ivx - -# Usage - -Install the peer dependencies as development dependencies: -- `eslint^3.19.0` -- `prettier^1.5.2` - -Install `@invisionag/eslint-config-ivx` as a development dependency. - -In your `.eslintrc.js`: -```js -module.exports = { - extends: '@invisionag/ivx', -}; -``` diff --git a/tests/summarycode/data/score/top_declared_not/package.json b/tests/summarycode/data/score/top_declared_not/package.json deleted file mode 100644 index 000d0fd9f00..00000000000 --- a/tests/summarycode/data/score/top_declared_not/package.json +++ /dev/null @@ -1,29 +0,0 @@ -{ - "name": "@invisionag/eslint-config-ivx", - "version": "0.0.10", - "main": "index.js", - "repository": "https://github.com/ivx/eslint-config-ivx.git", - "author": "Alexander Plavinski ", - "scripts": { - "test": "eslint ." - }, - "peerDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - }, - "dependencies": { - "babel-eslint": "^7.2.3", - "eslint-config-airbnb": "^15.1.0", - "eslint-config-prettier": "^2.3.0", - "eslint-plugin-flowtype": "^2.34.1", - "eslint-plugin-import": "^2.6.1", - "eslint-plugin-jsx-a11y": "^5.1.1", - "eslint-plugin-prettier": "^2.2.0", - "eslint-plugin-react": "^7.3.0", - "eslint-plugin-react-functional-set-state": "^1.0.1" - }, - "devDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - } -} diff --git a/tests/summarycode/data/score2/basic-expected.json b/tests/summarycode/data/score2/basic-expected.json deleted file mode 100644 index bb4717d38b5..00000000000 --- a/tests/summarycode/data/score2/basic-expected.json +++ /dev/null @@ -1,328 +0,0 @@ -{ - "headers": [ - { - "tool_name": "scancode-toolkit", - "options": { - "input": "", - "--classify": true, - "--copyright": true, - "--info": true, - "--json": "", - "--license": true, - "--license-clarity-score-2": true - }, - "notice": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.", - "output_format_version": "2.0.0", - "message": null, - "errors": [], - "extra_data": { - "spdx_license_list_version": "3.16", - "files_count": 3 - } - } - ], - "license_clarity_score": { - "score": 100, - "declared_license": true, - "precise_license_detection": true, - "has_license_text": true, - "declared_copyrights": true, - "conflicting_license_categories": false, - "ambigous_compound_licensing": false - }, - "files": [ - { - "path": "basic", - "type": "directory", - "name": "basic", - "base_name": "basic", - "extension": "", - "size": 0, - "sha1": null, - "md5": null, - "sha256": null, - "mime_type": null, - "file_type": null, - "programming_language": null, - "is_binary": false, - "is_text": false, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [], - "license_expressions": [], - "percentage_of_license_text": 0, - "copyrights": [], - "holders": [], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 3, - "dirs_count": 0, - "size_count": 4286, - "scan_errors": [] - }, - { - "path": "basic/README.md", - "type": "file", - "name": "README.md", - "base_name": "README", - "extension": ".md", - "size": 1348, - "sha1": "f4399249b905c17338eb06776a7205d6f643d396", - "md5": "d897358d498fd2dbb1efedfa297fc0f3", - "sha256": "63940bc96c0feeef3b22b96d7d6a4873cdb7f12151ce3362967afdc7f8ec6698", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 20, - "end_line": 37, - "matched_rule": { - "identifier": "mit.LICENSE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": true, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": false, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 161, - "matched_length": 161, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 79.31, - "copyrights": [ - { - "copyright": "Copyright (c) Example, Inc.", - "start_line": 18, - "end_line": 18 - } - ], - "holders": [ - { - "holder": "Example, Inc.", - "start_line": 18, - "end_line": 18 - } - ], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": true, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "basic/index.js", - "type": "file", - "name": "index.js", - "base_name": "index", - "extension": ".js", - "size": 2109, - "sha1": "1ef59e75d33ed8b7b43548fd55843d894db4b910", - "md5": "1385905becfdfd8d777342fcb1242d83", - "sha256": "1780e44cd2317e04461131b34ea6fa5b1da4a571123c9a391ddc3b865c456298", - "mime_type": "text/plain", - "file_type": "ASCII text", - "programming_language": "JavaScript", - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": true, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 2, - "end_line": 19, - "matched_rule": { - "identifier": "mit.LICENSE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": true, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": false, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 161, - "matched_length": 161, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 64.4, - "copyrights": [ - { - "copyright": "Copyright (c) 2007 nexB Inc.", - "start_line": 1, - "end_line": 1 - } - ], - "holders": [ - { - "holder": "nexB Inc.", - "start_line": 1, - "end_line": 1 - } - ], - "authors": [], - "is_legal": false, - "is_manifest": false, - "is_readme": false, - "is_top_level": true, - "is_key_file": false, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - }, - { - "path": "basic/package.json", - "type": "file", - "name": "package.json", - "base_name": "package", - "extension": ".json", - "size": 829, - "sha1": "003103b742ebfb1e76e80d9fc05ab0b3046f2ab6", - "md5": "bd8911e2d8af0caa689f76b9975761fd", - "sha256": "d27968b827780212a965387f5ec3421ee59a0bf9166847629db0e716e6d2d9c3", - "mime_type": "application/json", - "file_type": "JSON data", - "programming_language": null, - "is_binary": false, - "is_text": true, - "is_archive": false, - "is_media": false, - "is_source": false, - "is_script": false, - "licenses": [ - { - "key": "mit", - "score": 100.0, - "name": "MIT License", - "short_name": "MIT License", - "category": "Permissive", - "is_exception": false, - "is_unknown": false, - "owner": "MIT", - "homepage_url": "http://opensource.org/licenses/mit-license.php", - "text_url": "http://opensource.org/licenses/mit-license.php", - "reference_url": "https://scancode-licensedb.aboutcode.org/mit", - "scancode_text_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.LICENSE", - "scancode_data_url": "https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses/mit.yml", - "spdx_license_key": "MIT", - "spdx_url": "https://spdx.org/licenses/MIT", - "start_line": 7, - "end_line": 7, - "matched_rule": { - "identifier": "mit_30.RULE", - "license_expression": "mit", - "licenses": [ - "mit" - ], - "referenced_filenames": [], - "is_license_text": false, - "is_license_notice": false, - "is_license_reference": false, - "is_license_tag": true, - "is_license_intro": false, - "has_unknown": false, - "matcher": "2-aho", - "rule_length": 2, - "matched_length": 2, - "match_coverage": 100.0, - "rule_relevance": 100 - } - } - ], - "license_expressions": [ - "mit" - ], - "percentage_of_license_text": 1.83, - "copyrights": [], - "holders": [], - "authors": [ - { - "author": "Alexander Plavinski ", - "start_line": 6, - "end_line": 6 - } - ], - "is_legal": false, - "is_manifest": true, - "is_readme": false, - "is_top_level": true, - "is_key_file": true, - "files_count": 0, - "dirs_count": 0, - "size_count": 0, - "scan_errors": [] - } - ] -} \ No newline at end of file diff --git a/tests/summarycode/data/score2/basic/package.json b/tests/summarycode/data/score2/basic/package.json deleted file mode 100644 index f54d82ed9fa..00000000000 --- a/tests/summarycode/data/score2/basic/package.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "@invisionag/eslint-config-ivx", - "version": "0.0.10", - "main": "index.js", - "repository": "https://github.com/ivx/eslint-config-ivx.git", - "author": "Alexander Plavinski ", - "license": "MIT", - "scripts": { - "test": "eslint ." - }, - "peerDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - }, - "dependencies": { - "babel-eslint": "^7.2.3", - "eslint-config-airbnb": "^15.1.0", - "eslint-config-prettier": "^2.3.0", - "eslint-plugin-flowtype": "^2.34.1", - "eslint-plugin-import": "^2.6.1", - "eslint-plugin-jsx-a11y": "^5.1.1", - "eslint-plugin-prettier": "^2.2.0", - "eslint-plugin-react": "^7.3.0", - "eslint-plugin-react-functional-set-state": "^1.0.1" - }, - "devDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - } -} diff --git a/tests/summarycode/data/score2/inconsistent_licenses_copyleft/README.md b/tests/summarycode/data/score2/inconsistent_licenses_copyleft/README.md deleted file mode 100644 index f006181c3c3..00000000000 --- a/tests/summarycode/data/score2/inconsistent_licenses_copyleft/README.md +++ /dev/null @@ -1,37 +0,0 @@ -# @invisionag/eslint-config-ivx - -# Usage - -Install the peer dependencies as development dependencies: -- `eslint^3.19.0` -- `prettier^1.5.2` - -Install `@invisionag/eslint-config-ivx` as a development dependency. - -In your `.eslintrc.js`: -```js -module.exports = { - extends: '@invisionag/ivx', -}; -``` - -Copyright (c) Example, Inc. - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/tests/summarycode/data/score2/inconsistent_licenses_copyleft/index.js b/tests/summarycode/data/score2/inconsistent_licenses_copyleft/index.js deleted file mode 100644 index b6127d64177..00000000000 --- a/tests/summarycode/data/score2/inconsistent_licenses_copyleft/index.js +++ /dev/null @@ -1,74 +0,0 @@ -Copyright (c) 2007 nexB Inc. All right reserved -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY -CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, -TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE -SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -module.exports = { - extends: [ - 'airbnb', - 'prettier', - 'prettier/flowtype', - 'prettier/react', - 'plugin:flowtype/recommended', - ], - parser: 'babel-eslint', - plugins: ['prettier', 'flowtype', 'react-functional-set-state'], - env: { - browser: true, - node: true, - jest: true, - }, - rules: { - 'no-undef-init': 1, - 'react/sort-comp': [ - 1, - { - order: [ - 'type-annotations', - 'static-methods', - 'lifecycle', - 'everything-else', - 'render', - ], - groups: { - rendering: ['/^render.+$/', 'render'], - }, - }, - ], - 'react/jsx-filename-extension': [ - 1, - { - extensions: ['.js'], - }, - ], - 'react-functional-set-state/no-this-state-props': 2, - 'import/no-extraneous-dependencies': [ - 'error', - { - devDependencies: true, - }, - ], - 'prettier/prettier': [ - 'error', - { - trailingComma: 'all', - singleQuote: true, - }, - ], - }, -}; diff --git a/tests/summarycode/data/score2/inconsistent_licenses_copyleft/package.json b/tests/summarycode/data/score2/inconsistent_licenses_copyleft/package.json deleted file mode 100644 index f54d82ed9fa..00000000000 --- a/tests/summarycode/data/score2/inconsistent_licenses_copyleft/package.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "@invisionag/eslint-config-ivx", - "version": "0.0.10", - "main": "index.js", - "repository": "https://github.com/ivx/eslint-config-ivx.git", - "author": "Alexander Plavinski ", - "license": "MIT", - "scripts": { - "test": "eslint ." - }, - "peerDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - }, - "dependencies": { - "babel-eslint": "^7.2.3", - "eslint-config-airbnb": "^15.1.0", - "eslint-config-prettier": "^2.3.0", - "eslint-plugin-flowtype": "^2.34.1", - "eslint-plugin-import": "^2.6.1", - "eslint-plugin-jsx-a11y": "^5.1.1", - "eslint-plugin-prettier": "^2.2.0", - "eslint-plugin-react": "^7.3.0", - "eslint-plugin-react-functional-set-state": "^1.0.1" - }, - "devDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - } -} diff --git a/tests/summarycode/data/score2/no_license_or_copyright/README.md b/tests/summarycode/data/score2/no_license_or_copyright/README.md deleted file mode 100644 index 5609113f254..00000000000 --- a/tests/summarycode/data/score2/no_license_or_copyright/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# @invisionag/eslint-config-ivx - -# Usage - -Install the peer dependencies as development dependencies: -- `eslint^3.19.0` -- `prettier^1.5.2` - -Install `@invisionag/eslint-config-ivx` as a development dependency. - -In your `.eslintrc.js`: -```js -module.exports = { - extends: '@invisionag/ivx', -}; -``` diff --git a/tests/summarycode/data/score2/no_license_or_copyright/index.js b/tests/summarycode/data/score2/no_license_or_copyright/index.js deleted file mode 100644 index c98f2d67c87..00000000000 --- a/tests/summarycode/data/score2/no_license_or_copyright/index.js +++ /dev/null @@ -1,54 +0,0 @@ -module.exports = { - extends: [ - 'airbnb', - 'prettier', - 'prettier/flowtype', - 'prettier/react', - 'plugin:flowtype/recommended', - ], - parser: 'babel-eslint', - plugins: ['prettier', 'flowtype', 'react-functional-set-state'], - env: { - browser: true, - node: true, - jest: true, - }, - rules: { - 'no-undef-init': 1, - 'react/sort-comp': [ - 1, - { - order: [ - 'type-annotations', - 'static-methods', - 'lifecycle', - 'everything-else', - 'render', - ], - groups: { - rendering: ['/^render.+$/', 'render'], - }, - }, - ], - 'react/jsx-filename-extension': [ - 1, - { - extensions: ['.js'], - }, - ], - 'react-functional-set-state/no-this-state-props': 2, - 'import/no-extraneous-dependencies': [ - 'error', - { - devDependencies: true, - }, - ], - 'prettier/prettier': [ - 'error', - { - trailingComma: 'all', - singleQuote: true, - }, - ], - }, -}; diff --git a/tests/summarycode/data/score2/no_license_text/index.js b/tests/summarycode/data/score2/no_license_text/index.js deleted file mode 100644 index c98f2d67c87..00000000000 --- a/tests/summarycode/data/score2/no_license_text/index.js +++ /dev/null @@ -1,54 +0,0 @@ -module.exports = { - extends: [ - 'airbnb', - 'prettier', - 'prettier/flowtype', - 'prettier/react', - 'plugin:flowtype/recommended', - ], - parser: 'babel-eslint', - plugins: ['prettier', 'flowtype', 'react-functional-set-state'], - env: { - browser: true, - node: true, - jest: true, - }, - rules: { - 'no-undef-init': 1, - 'react/sort-comp': [ - 1, - { - order: [ - 'type-annotations', - 'static-methods', - 'lifecycle', - 'everything-else', - 'render', - ], - groups: { - rendering: ['/^render.+$/', 'render'], - }, - }, - ], - 'react/jsx-filename-extension': [ - 1, - { - extensions: ['.js'], - }, - ], - 'react-functional-set-state/no-this-state-props': 2, - 'import/no-extraneous-dependencies': [ - 'error', - { - devDependencies: true, - }, - ], - 'prettier/prettier': [ - 'error', - { - trailingComma: 'all', - singleQuote: true, - }, - ], - }, -}; diff --git a/tests/summarycode/data/score2/no_license_text/package.json b/tests/summarycode/data/score2/no_license_text/package.json deleted file mode 100644 index f54d82ed9fa..00000000000 --- a/tests/summarycode/data/score2/no_license_text/package.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "name": "@invisionag/eslint-config-ivx", - "version": "0.0.10", - "main": "index.js", - "repository": "https://github.com/ivx/eslint-config-ivx.git", - "author": "Alexander Plavinski ", - "license": "MIT", - "scripts": { - "test": "eslint ." - }, - "peerDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - }, - "dependencies": { - "babel-eslint": "^7.2.3", - "eslint-config-airbnb": "^15.1.0", - "eslint-config-prettier": "^2.3.0", - "eslint-plugin-flowtype": "^2.34.1", - "eslint-plugin-import": "^2.6.1", - "eslint-plugin-jsx-a11y": "^5.1.1", - "eslint-plugin-prettier": "^2.2.0", - "eslint-plugin-react": "^7.3.0", - "eslint-plugin-react-functional-set-state": "^1.0.1" - }, - "devDependencies": { - "eslint": "^4.5.0", - "prettier": "^1.6.0" - } -} diff --git a/tests/summarycode/test_score.py b/tests/summarycode/test_score.py index 3a88ab4ae41..79d0f0b3b7d 100644 --- a/tests/summarycode/test_score.py +++ b/tests/summarycode/test_score.py @@ -96,4 +96,4 @@ class TestLicenseScore(FileDrivenTesting): pass -build_tests(test_base_dir='score', clazz=TestLicenseScore, regen=False) +build_tests(test_base_dir='score', clazz=TestLicenseScore, regen=True) diff --git a/tests/summarycode/test_score2.py b/tests/summarycode/test_score2.py deleted file mode 100644 index 81019192a42..00000000000 --- a/tests/summarycode/test_score2.py +++ /dev/null @@ -1,99 +0,0 @@ -# -# Copyright (c) nexB Inc. and others. All rights reserved. -# ScanCode is a trademark of nexB Inc. -# SPDX-License-Identifier: Apache-2.0 -# See http://www.apache.org/licenses/LICENSE-2.0 for the license text. -# See https://github.com/nexB/scancode-toolkit for support or download. -# See https://aboutcode.org for more information about nexB OSS projects. -# - -import io -import os - -import click -import pytest - -from commoncode.testcase import FileDrivenTesting -from commoncode.text import python_safe_name -from scancode.cli_test_utils import check_json_scan -from scancode.cli_test_utils import run_scan_click - - -pytestmark = pytest.mark.scanslow - - -""" -Data-driven Score test utilities. -""" - - -test_env = FileDrivenTesting() -test_env.test_data_dir = os.path.join(os.path.dirname(__file__), 'data') - - -def make_test_function(test_name, test_dir, expected_file, regen=False): - """ - Build and return a test function closing on tests arguments and the function - name. Create only a single function for multiple tests (e.g. copyrights and - holders together). - """ - - def closure_test_function(*args, **kwargs): - result_file = test_env.get_temp_file('json') - args = ['--license', - '--copyright', - '--info', - '--classify', - '--license-clarity-score-2', - test_dir, '--json', result_file] - run_scan_click(args) - run_scan_click(args) - check_json_scan( - test_env.get_test_loc(expected_file), - result_file, - remove_file_date=True, - regen=regen, - ) - - test_name = 'test_license_clarity_score_%(test_name)s' % locals() - test_name = python_safe_name(test_name) - if isinstance(test_name, bytes): - test_name = test_name.decode('utf-8') - - closure_test_function.__name__ = test_name - - return closure_test_function, test_name - - -def build_tests(test_base_dir, clazz, regen=False): - """ - Dynamically build test methods from a sequence of CopyrightTest and attach - these method to the clazz test class. - """ - test_dirs = test_env.get_test_loc(test_base_dir) - for td in os.listdir(test_dirs): - td_loc = os.path.join(test_dirs, td) - if not os.path.isdir(td_loc): - continue - expected_file_loc = td_loc.rstrip('/\\') + '-expected.json' - - if regen and not os.path.exists(expected_file_loc): - with io.open(expected_file_loc, 'w') as o: - o.write(u'') - - method, name = make_test_function( - test_name=td, - test_dir=td_loc, - expected_file=expected_file_loc, - regen=regen) - - # attach that method to our test class - setattr(clazz, name, method) - - -class TestLicenseScore(FileDrivenTesting): - # test functions are attached to this class at module import time - pass - - -build_tests(test_base_dir='score2', clazz=TestLicenseScore, regen=False)