-
Notifications
You must be signed in to change notification settings - Fork 308
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Associate stand-alone ScanCode exceptions to licenses #5078
Conversation
a4fc1ef
to
1adf0d3
Compare
scanner/src/main/kotlin/scanners/scancode/ScanCodeResultParser.kt
Outdated
Show resolved
Hide resolved
I've split out some changes to #5080. |
1adf0d3
to
744e596
Compare
I've generalized the solution in additional commits, please have another look. |
Codecov Report
@@ Coverage Diff @@
## main #5078 +/- ##
============================================
+ Coverage 72.42% 72.47% +0.05%
Complexity 1894 1894
============================================
Files 251 251
Lines 13412 13440 +28
Branches 1891 1898 +7
============================================
+ Hits 9714 9741 +27
Misses 2710 2710
- Partials 988 989 +1
Continue to review full report at Codecov.
|
scanner/src/main/kotlin/scanners/scancode/ScanCodeResultParser.kt
Outdated
Show resolved
Hide resolved
.firstOrNull { it.second <= LICENSES_WITH_EXCEPTIONS_TOLERANCE_LINES } | ||
|
||
if (llvm != null) { | ||
llvmExceptions.remove(llvm.first) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe it would be better to keep it in case there are more Apache-2.0 findings within the tolerance range.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess that wouldn't work easily as I'm later handling the remaining exceptions in llvmExceptions
.
"Apache-2.0" -> apacheLicenses += it | ||
"LLVM-exception" -> llvmExceptions += it | ||
else -> otherFindings += it | ||
val e = remainingExceptions.iterator() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Using e
here makes the code look a bit like it would handle actual throwable exceptions, not license exceptions.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Renamed to i
instead 😁 (Unless you come up with a better name, but I'd like to keep it short.)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
...although IMO e.remove()
read nicer than i.remove()
.
scanner/src/test/kotlin/scanners/scancode/ScanCodeResultParserTest.kt
Outdated
Show resolved
Hide resolved
49e2341
to
d304ea2
Compare
Signed-off-by: Sebastian Schuberth <sebastian.schuberth@bosch.io>
This will be used by upcoming changes. Signed-off-by: Sebastian Schuberth <sebastian.schuberth@bosch.io>
E.g. ScanCode reports exceptions to licenses as individual license findings. That is problematic as exceptions on their own are not valid SPDX expressions, also see [1]. Introduce a new function that fixes up findings by associating exceptions by their belonging licenses. [1]: aboutcode-org/scancode-toolkit#2873 Signed-off-by: Sebastian Schuberth <sebastian.schuberth@bosch.io>
Signed-off-by: Sebastian Schuberth <sebastian.schuberth@bosch.io>
d304ea2
to
8bb4682
Compare
I've made a (hopefully) final refacting to put the (now) generic |
Please have a look at the individual commit messages for the details.