-
-
Notifications
You must be signed in to change notification settings - Fork 532
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Improve License Clarity at Top Package Level #3792
base: develop
Are you sure you want to change the base?
Conversation
Signed-off-by: swastik <swastkk@gmail.com>
Signed-off-by: swastik <swastkk@gmail.com>
Signed-off-by: swastik <swastkk@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@swastkk you are regenerating all the tests with useless churn. This adds more things to review and is not ideal. Let's do things differently. You can delete your last commit and push regenerated test fixtures for only the tests which were failing.
...agedcode/data/alpine/apkbuild-problems/alpine14/community/ksshaskpass/APKBUILD-expected.json
Outdated
Show resolved
Hide resolved
c5791ba
to
fa8fcfc
Compare
Signed-off-by: swastik <swastkk@gmail.com>
fa8fcfc
to
64957ec
Compare
@swastkk this is not correct atm:
This new plugin could be there in |
Signed-off-by: swastik <swastkk@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this make sure the license_clarity_score
attribute is added only on using the --summary-package command line option? No. Look at your test regenerations, none of these tests have this option enabled, still have this attribute added.
You have to pass the package_summary
option like we have the package_only
CLI option here: https://github.com/nexB/scancode-toolkit/blob/develop/src/packagedcode/plugin_package.py#L203, then further pass it down to create_package_and_deps
at https://github.com/nexB/scancode-toolkit/blob/develop/src/packagedcode/plugin_package.py#L263 and further to package.to_dict()
at https://github.com/nexB/scancode-toolkit/blob/develop/src/packagedcode/plugin_package.py#L367 to actually be able to correctly set the attribute package_summary
at https://github.com/swastkk/scancode-toolkit/blob/improve-license-clarity/src/packagedcode/models.py#L1544 you added thorugh this PR. Otherwise it's always set to one value.
…mary as Postscan Plugin Signed-off-by: swastik <swastkk@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
More changes required.
Please merge latest develop afterwards.
...an/copyright/debian-slim-2021-04-07/usr/share/doc/gcc-9-base/copyright-detailed.expected.yml
Outdated
Show resolved
Hide resolved
tests/summarycode/data/package_summary/basic-plugin-testing/codebase/src/a.py
Outdated
Show resolved
Hide resolved
tests/summarycode/data/package_summary/basic-plugin-testing/expected.json
Outdated
Show resolved
Hide resolved
…inor changes Signed-off-by: swastik <swastkk@gmail.com>
Signed-off-by: swastik <swastkk@gmail.com>
Signed-off-by: swastik <swastkk@gmail.com>
eb60d58
to
9da7f6e
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See comments above. And sup on populating license clarity and other attributes?
...kage_summary/change-case-change-case-5.4.4.zip-extract/change-case-change-case-5.4.4/LICENSE
Outdated
Show resolved
Hide resolved
...e-change-case-5.4.4.zip-extract/change-case-change-case-5.4.4/packages/change-case/README.md
Outdated
Show resolved
Hide resolved
...change-case-5.4.4.zip-extract/change-case-change-case-5.4.4/packages/change-case/src/keys.ts
Outdated
Show resolved
Hide resolved
Signed-off-by: swastik <swastkk@gmail.com>
Signed-off-by: swastik <swastkk@gmail.com>
…B#3817 Signed-off-by: swastik <swastkk@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Couple more nits.
Signed-off-by: swastik <swastkk@gmail.com>
…arity_score nexB#3817 Signed-off-by: swastik <swastkk@gmail.com>
…e(Without other_license_detections) Signed-off-by: swastik <swastkk@gmail.com>
…date test, nexB#3802 Signed-off-by: swastik <swastkk@gmail.com>
c7813fd
to
6144567
Compare
Signed-off-by: swastik <swastkk@gmail.com>
…esources nexB#1395 Signed-off-by: swastik <swastkk@gmail.com>
Signed-off-by: swastik <swastkk@gmail.com>
Signed-off-by: swastik <swastkk@gmail.com>
Signed-off-by: swastik <swastkk@gmail.com>
…#3862 Signed-off-by: swastik <swastkk@gmail.com>
…bute class & instance nexB#3862 Signed-off-by: swastik <swastkk@gmail.com>
… & used properly nexB#3862 Signed-off-by: swastik <swastkk@gmail.com>
…nexB#3862 Signed-off-by: swastik <swastkk@gmail.com>
Signed-off-by: swastik <swastkk@gmail.com>
…nexB#3862 Signed-off-by: swastik <swastkk@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See initial comments: We need some major refactoring.
Also please do not include multiple empty files for test when only one is fine. For example you have multiple empty files under tests/packagedcode/data/package_summary/change-case-change-case-5.4.4.zip-extract/change-case-change-case-5.4.4/packages/change-case/src/
. Also add some license expressions in the source files (not all files, only one) to check whether other_license_expression
is correctly populated.
values.append(value) | ||
|
||
if is_codebase: | ||
for resource in resources.walk(topdown=True): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
for resource in resources.walk(topdown=True): | |
for resource in codebase.walk(topdown=True): |
This is wrong and extremely confusing code. You cannot store a codebase object in a resources
variable and walk/get attributes from it depending on a flag value. You should only pass resources
here from before, and these should always be resource objects consistently. See other comments on this.
for value in getattr(resource, field_name, []) or []: | ||
values.append(value) | ||
|
||
if is_codebase: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Let's not make this function complex, we should instead, do a codebase.get_resource(path=resource_path)
to get the resource objects for a specific path string (make sure you test these for the strip_root
CLI option).
We should not do two things which are basically the same, depending om a flag value, but we should try to make the inputs same instead, so that same code is valid for both.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is True everywhere else, you are using resources
to carry both codebase objects and resource dictionaries. This is never a good thing, make sure you only carry a list of resource objects and the codebase object seperately (some cases this is needed for cetain functions) in both cases.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
By this, I didn't understand why we will be doing the codebase.get_resource(path=resource_path)
, as we are using a single func compute_license_score
and inside it we were calling the get_field_values_from_resources
which can be renamed, as for the package-summary
, we were passing the Complete Package with all its resources comibined together with resource field
, shouldn't it be a better approach to use a flag for getting field values for the Package Object that already contains resources with it and normal field_value
collecttion from the complete codebase for the overall summary
for the codebase.
Like using package_level_summary
flag in the compute_license_score
func or something else?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
understand why we will be doing the codebase.get_resource(path=resource_path)
Because in one case we are using a resource mapping, in another case we are using resource objects, this should not be the case, it should always be obejcts.
See also the following comment:
you are using resources to carry both codebase objects and resource dictionaries.
This is not okay. We should instead modify and always use a list of resources (for a specific package, or alternatively all the resources in the codebase) passed in the function.
…_package_resources to get package resources Signed-off-by: swastik <swastkk@gmail.com>
Signed-off-by: swastik <swastkk@gmail.com>
Signed-off-by: swastik <swastkk@gmail.com>
Signed-off-by: swastik <swastkk@gmail.com>
Fixes #3802
Tasks
Run tests locally to check for errors.
Signed-off-by: swastkk swastkk@gmail.com