-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* license version (for licenses that are versioned, like Apache-1.0 vs Apache-2.0), * SPDX ID without the version suffix, * link to license file, * copyright holder, * copyright year All mentioned attributes are computed in a best effort, that is, there is no guarantee that the implementation will find the respective values even if it might be available in the package metadata or license file. Also: - add safeguard around read-package-tree - sort packages by name and version before printing the report
- Loading branch information
Showing
9 changed files
with
141 additions
and
18 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
const fsPromises = require('fs').promises | ||
|
||
const { isString, isObject, isArray, compact } = require('lodash') | ||
|
||
/** | ||
* Inpsects the license file and tries to heuristically determine the copyright holder and the copyright year from it. | ||
* | ||
* @param {string} the path to the license file | ||
* @returns {{copyrightYear: string, copyrightHolder: string}} the copyright information parsed from the license file | ||
*/ | ||
module.exports = async function extractCopyright(licenseFilePaths) { | ||
if (!licenseFilePaths || licenseFilePaths.length === 0) { | ||
return {} | ||
} | ||
const licenseFilePath = licenseFilePaths[0] | ||
let handle | ||
try { | ||
handle = await fsPromises.open(licenseFilePath, 'r') | ||
const fullFile = await handle.readFile({ encoding: 'utf-8' }) | ||
const lines = fullFile.split('\n') | ||
// The copyright line should be somewhere at the start, inspect the first few lines. | ||
for (let i = 0; i < Math.min(lines.length, 5); i++) { | ||
const line = lines[i] | ||
const matchWithRange = /copyright(?:.*)(\d{4}\s*-\s*\d{4})(?:[,;.]?)\s+(.*)$/i.exec(line) | ||
if (matchWithRange) { | ||
return cleanUp({ copyrightYear: matchWithRange[1], copyrightHolder: matchWithRange[2] }) | ||
} | ||
const matchWithYear = /copyright(?:.*)(\d{4})(?:[,;.]?)\s+(.*)$/i.exec(line) | ||
if (matchWithYear) { | ||
return cleanUp({ copyrightYear: matchWithYear[1], copyrightHolder: matchWithYear[2] }) | ||
} | ||
const matchWithoutYear = /copyright\s+(.*)$/i.exec(line) | ||
if (matchWithoutYear) { | ||
return cleanUp({ copyrightYear: null, copyrightHolder: matchWithoutYear[1] }) | ||
} | ||
} | ||
} catch (e) { | ||
console.warn('Could not open license file to parse copyright information.', e) | ||
} finally { | ||
if (handle) { | ||
await handle.close() | ||
} | ||
} | ||
return {} | ||
} | ||
|
||
function cleanUp(copyright) { | ||
const patterns = [ | ||
/\s*All rights reserved.\s*/ig, | ||
/\s*\([^\s]+@[^\s]+\)/ig, // matches "([email protected])" | ||
/\s*<[^\s]+@[^\s]+>/ig, // matches "<[email protected]>" | ||
/\s*<http[^\s]+>/ig, // matches "<http(s)://domain.tld>" | ||
/\s*\([cC]\)/ig | ||
] | ||
patterns.forEach(p => { | ||
copyright.copyrightHolder = copyright.copyrightHolder.replace(p, '') | ||
}) | ||
return copyright | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
const { isString, isObject, isArray, compact } = require('lodash') | ||
|
||
/** | ||
* Takes an SPDX identifier like Apache-1.0 and splits it into "Apache" and "1.0". | ||
* | ||
* @param {string} an SPDX identifier | ||
* @returns {{licenseIdWithoutVersion: string, licenseVersion: string}} the SPDX ID parsed into individual parts. For | ||
* unversioned licenses, licenseIdWithoutVersion without version will contain the input and licenseVersion will be | ||
* null. | ||
*/ | ||
module.exports = function extractLicenseText(spdxId) { | ||
const match = /^(.*?)-(\d[\d\.]+)$/.exec(spdxId) | ||
if (match) { | ||
return { | ||
licenseIdWithoutVersion: match[1], | ||
licenseVersion: match[2] | ||
} | ||
} | ||
return { | ||
licenseIdWithoutVersion: spdxId, | ||
licenseVersion: null | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters