Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update license detection #2505

Merged
merged 57 commits into from
Apr 23, 2021
Merged

Update license detection #2505

merged 57 commits into from
Apr 23, 2021

Conversation

pombredanne
Copy link
Member

@pombredanne pombredanne commented Apr 22, 2021
edited
Loading

This is an omnibus PR for license detection updates for April 2021

Tasks

  • Reviewed contribution guidelines
  • PR is descriptively titled 📑 and links the original issue above 🔗
  • Tests pass -- look for a green checkbox ✔️ a few minutes after opening your PR
    Run tests locally to check for errors.
  • Commits are in uniquely-named feature branch and has no merge conflicts 📁

@pombredanne
Add new SSPL detection rule
1a16236 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new aand improved license detection rules #2404
adff0dc 
Reported-by: Till Jaeger @LeChasseur
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Update CHANGELOG
075d4d8 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new license detection rule
9114f6f 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add minimum coverage
bbba3fa 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Enable using synclib as a library
b3609bc 
In particular some functions need all scancode licenses
but not always.

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Generate new FP rules from SPDX id sequences
d8a31be 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Correctly npm test for unknown licenses
bb40033 
And add tests for npm.compute_normalized_license

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new false positive rules for SPDX ids
5f39252 
These are generated sequences of false positive licenses tyically
found in license lists and license handling tools.

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Streamline debug tracing printouts
3133a13 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Do not remove overlaping false positive matches
3a9f71b 
- Instead keep them until later stages of license matches refinements
otherwise some false positive may be ignored.

- Also streamline debug tracing printouts

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new generated license false positive rules
2b7fb90 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Addnew misc. license detection rules
081bf90 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new and improved license detection rules
9c94995 
Adn update corresponding tests

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Split license validation tests in five suites
841a5e9 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Make GPL rules less false-positive prone #2484
f13957e 
Add "only_known_words: yes" flag to these short GPL rules that are
otherwise too often spurious false positive detections.

Reported-by: Pierre Tardy <pierre.tardy@renault.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add tests for false positive GPL detections #2484
4823b67 
Reported-by: Pierre Tardy <pierre.tardy@renault.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Remove redundant build_licenses_db fundtion
6e87760 
Remove function  licensedcode.cache.build_licenses_db as this is only a
thin wrapper on licensedcode.models.load_licenses

Also remove lower() in license URLs check

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Format code for readability
82e0c10 
Also remove unused MAX_DIST variable reference in refine_matches()

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Run filter_if_only_known_words_rule() last #2484
6492998 
In refine_matches() call filter_if_only_known_words_rule() later in the
process to ensure that small contained rules are not left at the end.

Also format code

Reported-by: Pierre Tardy <pierre.tardy@renault.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Allow query_tokenizer() call without stopwords #2484
eaa82f8 
We need this such that we later treat stopwords as if they are unknown
words.

Reported-by: Pierre Tardy <pierre.tardy@renault.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Call tokens_by_line() with arguments #2484
06fc09b 
Calling tokens_by_line() with location and query_string arguments makes
the code clearer and easier to read.

Also apply minor formattings

Reported-by: Pierre Tardy <pierre.tardy@renault.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Treat stopwords the same as unknown words #2484
2038f28 
Run tokens_by_line() first without a stopwords argument.
This allows stopword tokens to be included in the token stream and
later to be treated as "unknown" tokens. This way the presence of
stopwords in a match can impact a license match score and a license rule
with `with_only_known_words: yes` annot be matched not only if there
are unknown words but also if there are stopwords mixed its rule words.

Also add a simple end-to-end integration test for this.

Reported-by: Pierre Tardy <pierre.tardy@renault.com>
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Rename variable names for clarity
0899c5f 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new or update KDE "Accepted" L/GPL licenses
26c048b 
Use KDE's own license refs.
Make these regular licenses, not exceptions.

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new and improved license detection rules
5e72f06 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new WPD license derived from the OGL license
6ed2456 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Remove other licenses from exception text
505e468 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add bsla variant without advertizing clause
306e4cc 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Improve rules relevance
0ff7ac7 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Generate FP license rules not only from ngrams
e4fc12d 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Improve copyright detection
ca849c2 
Weed out some false positive detections

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Update tests with latest expectations
7c6bcd9 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Ignore local tmp directories in tests
5b99659 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new license detection rules
2f0a51f 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new false positive license detection rules
e26ab80 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Improve rule relevance and coverage
10b927c 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Update test expectation to match latest rules
72aba1e 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Track stopwords in license queries and matches
94ee3ae 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Requalify some bsd-new and bsd-simplified rules
3d6e021 
Correct qualification of bsd-new and bsd-simplified rules that were
incorrectly qualified as one or the other.

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Correct is_license_text flags
6bb69a3 
There are notices, not texts

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Treat consistently third-party SDPX licenseref
3b63933 
For spdx_license_key, we use LicenseRef-scancode-*
And we track other LicenseRef in other_spdx_license_keys

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new rules and improve existing license rules
8c2d12e 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Fix YAML syntax
6014264 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Bump relevance for SPDX id
a5610a1 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Rename test method for clarity
25e12aa 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Use separate index and query tokenizer functions
6b04eb4 
Having a single function is nice but means there is an overhead on each
call.

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Improve filter_if_only_known_words_rule()
284f4c5 
- Add new LicenseMatch.qcontains_stopwords() to check if stopwords are
  included in the matched range. And use function in
  filter_if_only_known_words_rule() filter.
- Simplify handling of stop words in matched text processing.
- Use separate index and query tokenizer functions

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Update query_tokenizer tests
db8a535 
Also add new index_tokenizer tests

Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Correctly track positions with stopwords present
265e7d3 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Use query_string argument where needed
28f29c9 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add kde-accepted licenses to rules
ce990bc 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Align test expectations with latest rules set
2a2efc7 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Add new license detection rules
4a89a9b 
Signed-off-by: Philippe Ombredanne <pombredanne@nexb.com>
@pombredanne
Copy link
Member Author

Merging this now. There are many new rules, including several generated rules for false positives list of SPDX license ids often found in license-related packages code and their test files.

@pombredanne pombredanne merged commit bb04420 into develop Apr 23, 2021
@pombredanne pombredanne deleted the 2021-04-license-updates branch April 23, 2021 06:41
sthagen
sthagen reviewed Apr 25, 2021
View reviewed changes
src/licensedcode/data/rules/gpl-3.0_gpl_30_bare_words.yml Outdated
@@ -1,3 +1,5 @@
license_expression: gpl-3.0
is_license_tag: yes
relevance: 100
relevance: 60
only_known_words: yes
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❤️

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:)

This was referenced Aug 14, 2021
Closed
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sthagen sthagen sthagen left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@pombredanne @sthagen