apache · kezhenxu94 · May 18, 2022 · May 18, 2022
diff --git a/.licenserc.yaml b/.licenserc.yaml
@@ -27,9 +27,9 @@ header: # `header` section is configurations for source codes license header.
       to you under the Apache License, Version 2.0 (the
       "License"); you may not use this file except in compliance
       with the License.  You may obtain a copy of the License at
-    
+
           http://www.apache.org/licenses/LICENSE-2.0
-      
+
       Unless required by applicable law or agreed to in writing,
       software distributed under the License is distributed on an
       "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -46,9 +46,9 @@ header: # `header` section is configurations for source codes license header.
       to you under the Apache License, Version 2.0 (the
       "License"); you may not use this file except in compliance
       with the License.  You may obtain a copy of the License at
-    
+
           http://www.apache.org/licenses/LICENSE-2.0
-      
+
       Unless required by applicable law or agreed to in writing,
       software distributed under the License is distributed on an
       "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

diff --git a/README.md b/README.md
@@ -764,7 +764,7 @@ header: # <1>
 dependency: # <15>
   files: # <16>
     - go.mod
-  license: # <17>
+  licenses: # <17>
     - name: dependency-name # <18>
       version: dependency-version # <19>
       license: Apache-2.0 # <20>

diff --git a/pkg/deps/golang.go b/pkg/deps/golang.go
@@ -84,28 +84,34 @@ func (resolver *GoModResolver) Resolve(goModFile string, licenses []*ConfigDepLi
 // ResolvePackages resolves the licenses of the given packages.
 func (resolver *GoModResolver) ResolvePackages(modules []*packages.Module, licenses []*ConfigDepLicense, report *Report) error {
 	for _, module := range modules {
-		var decalreLicense *ConfigDepLicense
-		for _, l := range licenses {
-			if l.Name == module.Path && l.Version == module.Version {
-				decalreLicense = l
+		func() {
+			for _, l := range licenses {
+				if l.Name == module.Path && l.Version == module.Version {
+					report.Resolve(&Result{
+						Dependency:    module.Path,
+						LicenseSpdxID: l.License,
+						Version:       module.Version,
+					})
+					return
+				}
 			}
-		}
-		err := resolver.ResolvePackageLicense(module, decalreLicense, report)
-		if err != nil {
-			logger.Log.Warnf("Failed to resolve the license of <%s>: %v\n", module.Path, err)
-			report.Skip(&Result{
-				Dependency:    module.Path,
-				LicenseSpdxID: Unknown,
-				Version:       module.Version,
-			})
-		}
+			err := resolver.ResolvePackageLicense(module, report)
+			if err != nil {
+				logger.Log.Warnf("Failed to resolve the license of <%s@%s>: %v\n", module.Path, module.Version, err)
+				report.Skip(&Result{
+					Dependency:    module.Path,
+					LicenseSpdxID: Unknown,
+					Version:       module.Version,
+				})
+			}
+		}()
 	}
 	return nil
 }
 
 var possibleLicenseFileName = regexp.MustCompile(`(?i)^LICENSE|LICENCE(\.txt)?|COPYING(\.txt)?$`)
 
-func (resolver *GoModResolver) ResolvePackageLicense(module *packages.Module, declareLicense *ConfigDepLicense, report *Report) error {
+func (resolver *GoModResolver) ResolvePackageLicense(module *packages.Module, report *Report) error {
 	dir := module.Dir
 
 	for {
@@ -123,22 +129,16 @@ func (resolver *GoModResolver) ResolvePackageLicense(module *packages.Module, de
 			if err != nil {
 				return err
 			}
-			var licenseID string
-			if declareLicense != nil {
-				licenseID = declareLicense.License
-			} else {
-				identifier, err := license.Identify(module.Path, string(content))
-				if err != nil {
-					return err
-				}
-				licenseID = identifier
+			identifier, err := license.Identify(module.Path, string(content))
+			if err != nil {
+				return err
 			}
 
 			report.Resolve(&Result{
 				Dependency:      module.Path,
 				LicenseFilePath: licenseFilePath,
 				LicenseContent:  string(content),
-				LicenseSpdxID:   licenseID,
+				LicenseSpdxID:   identifier,
 				Version:         module.Version,
 			})
 			return nil

diff --git a/pkg/deps/jar.go b/pkg/deps/jar.go
@@ -37,7 +37,7 @@ func (resolver *JarResolver) CanResolve(jarFile string) bool {
 	return filepath.Ext(jarFile) == ".jar"
 }
 
-func (resolver *JarResolver) Resolve(jarFile string, licenses []*ConfigDepLicense, report *Report) error {
+func (resolver *JarResolver) Resolve(jarFile string, report *Report) error {
 	state := NotFound
 	if err := resolver.ResolveJar(&state, jarFile, Unknown, report); err != nil {
 		dep := filepath.Base(jarFile)
@@ -76,7 +76,7 @@ func (resolver *JarResolver) ResolveJar(state *State, jarFile, version string, r
 				return err
 			}
 
-			return resolver.IdentifyLicense(jarFile, dep, buf.String(), version, nil, report)
+			return resolver.IdentifyLicense(jarFile, dep, buf.String(), version, report)
 		}
 	}
 
@@ -122,23 +122,17 @@ func (resolver *JarResolver) ReadFileFromZip(archiveFile *zip.File) (*bytes.Buff
 	return buf, nil
 }
 
-func (resolver *JarResolver) IdentifyLicense(path, dep, content, version string, declareLicense *ConfigDepLicense, report *Report) error {
-	var licenseID string
-	if declareLicense != nil {
-		licenseID = declareLicense.License
-	} else {
-		identifier, err := license.Identify(path, content)
-		if err != nil {
-			return err
-		}
-		licenseID = identifier
+func (resolver *JarResolver) IdentifyLicense(path, dep, content, version string, report *Report) error {
+	identifier, err := license.Identify(path, content)
+	if err != nil {
+		return err
 	}
 
 	report.Resolve(&Result{
 		Dependency:      dep,
 		LicenseFilePath: path,
 		LicenseContent:  content,
-		LicenseSpdxID:   licenseID,
+		LicenseSpdxID:   identifier,
 		Version:         version,
 	})
 	return nil

diff --git a/pkg/deps/jar_test.go b/pkg/deps/jar_test.go
@@ -96,11 +96,11 @@ func TestResolveJar(t *testing.T) {
 	<project xmlns="http://maven.apache.org/POM/4.0.0"
 		xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
 		<modelVersion>4.0.0</modelVersion>
-	
+
 		<groupId>apache</groupId>
 		<artifactId>skywalking-eyes</artifactId>
 		<version>1.0</version>
-	
+
 		<dependencies>
 			<!-- https://mvnrepository.com/artifact/junit/junit -->
 			<dependency>
@@ -132,7 +132,7 @@ func TestResolveJar(t *testing.T) {
 		report := deps.Report{}
 		for _, jar := range jars {
 			if resolver.CanResolve(jar) {
-				if err := resolver.Resolve(jar, nil, &report); err != nil {
+				if err := resolver.Resolve(jar, &report); err != nil {
 					t.Error(err)
 					return
 				}

diff --git a/pkg/deps/maven.go b/pkg/deps/maven.go
@@ -144,38 +144,44 @@ func (resolver *MavenPomResolver) LoadDependencies() ([]*Dependency, error) {
 // ResolveDependencies resolves the licenses of the given dependencies
 func (resolver *MavenPomResolver) ResolveDependencies(deps []*Dependency, licenses []*ConfigDepLicense, report *Report) error {
 	for _, dep := range deps {
-		state := NotFound
-		var declareLicense *ConfigDepLicense
-		for _, l := range licenses {
-			if l.Name == fmt.Sprintf("%s:%s", dep.GroupID, dep.ArtifactID) && l.Version == dep.Version {
-				declareLicense = l
+		func() {
+			for _, l := range licenses {
+				if l.Name == fmt.Sprintf("%s:%s", dep.GroupID, dep.ArtifactID) && l.Version == dep.Version {
+					report.Resolve(&Result{
+						Dependency:    dep.Jar(),
+						LicenseSpdxID: l.License,
+						Version:       dep.Version,
+					})
+					return
+				}
 			}
-		}
-		err := resolver.ResolveLicense(&state, dep, declareLicense, report)
-		if err != nil {
-			logger.Log.Warnf("Failed to resolve the license of <%s>: %v\n", dep.Jar(), state.String())
-			report.Skip(&Result{
-				Dependency:    dep.Jar(),
-				LicenseSpdxID: Unknown,
-				Version:       dep.Version,
-			})
-		}
+			state := NotFound
+			err := resolver.ResolveLicense(&state, dep, report)
+			if err != nil {
+				logger.Log.Warnf("Failed to resolve the license of <%s>: %v\n", dep.Jar(), state.String())
+				report.Skip(&Result{
+					Dependency:    dep.Jar(),
+					LicenseSpdxID: Unknown,
+					Version:       dep.Version,
+				})
+			}
+		}()
 	}
 	return nil
 }
 
 // ResolveLicense search all possible locations of the license, such as pom file, jar package
-func (resolver *MavenPomResolver) ResolveLicense(state *State, dep *Dependency, declareLicense *ConfigDepLicense, report *Report) error {
+func (resolver *MavenPomResolver) ResolveLicense(state *State, dep *Dependency, report *Report) error {
 	err := resolver.ResolveJar(state, filepath.Join(resolver.repo, dep.Path(), dep.Jar()), dep.Version, report)
 	if err == nil {
 		return nil
 	}
 
-	return resolver.ResolveLicenseFromPom(state, dep, declareLicense, report)
+	return resolver.ResolveLicenseFromPom(state, dep, report)
 }
 
 // ResolveLicenseFromPom search for license in the pom file, which may appear in the header comments or in license element of xml
-func (resolver *MavenPomResolver) ResolveLicenseFromPom(state *State, dep *Dependency, declareLicense *ConfigDepLicense, report *Report) (err error) {
+func (resolver *MavenPomResolver) ResolveLicenseFromPom(state *State, dep *Dependency, report *Report) (err error) {
 	pomFile := filepath.Join(resolver.repo, dep.Path(), dep.Pom())
 
 	pom, err := resolver.ReadLicensesFromPom(pomFile)
@@ -198,7 +204,7 @@ func (resolver *MavenPomResolver) ResolveLicenseFromPom(state *State, dep *Depen
 		return err
 	} else if headerComments != "" {
 		*state |= FoundLicenseInPomHeader
-		return resolver.IdentifyLicense(pomFile, dep.Jar(), headerComments, dep.Version, declareLicense, report)
+		return resolver.IdentifyLicense(pomFile, dep.Jar(), headerComments, dep.Version, report)
 	}
 
 	return fmt.Errorf("not found in pom file")