1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[rubygems/rubygems] Update SPDX list and warn on deprecated identifiers.

Browse Source 
https://github.com/rubygems/rubygems/commit/61667028f5
This commit is contained in:
Josef Šimánek 2023-08-30 02:31:09 +02:00 committed by git
parent d647709d1a
commit 4cf68908e5
4 changed files with 117 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
lib/rubygems/specification_policy.rb
View File

@ -371,10 +371,21 @@ duplicate dependency on #{dep}, (#{prev.requirement}) use:
licenses.each do |license| licenses.each do |license|
next if Gem::Licenses.match?(license) || license.nil? next if Gem::Licenses.match?(license) || license.nil?
license_id_deprecated = Gem::Licenses.deprecated_license_id?(license)
exception_id_deprecated = Gem::Licenses.deprecated_exception_id?(license)
suggestions = Gem::Licenses.suggestions(license) suggestions = Gem::Licenses.suggestions(license)
if license_id_deprecated
main_message = "License identifier '#{license}' is deprecated"
elsif exception_id_deprecated
main_message = "Exception identifier at '#{license}' is deprecated"
else
main_message = "License identifier '#{license}' is invalid"
end
message = <<-WARNING message = <<-WARNING
license value '#{license}' is invalid. Use a license identifier from #{main_message}. Use an identifier from
http://spdx.org/licenses or '#{Gem::Licenses::NONSTANDARD}' for a nonstandard license, https://spdx.org/licenses or '#{Gem::Licenses::NONSTANDARD}' for a nonstandard license,
or set it to nil if you don't want to specify a license. or set it to nil if you don't want to specify a license.
WARNING WARNING
message += "Did you mean #{suggestions.map {|s| "'#{s}'" }.join(", ")}?\n" unless suggestions.nil? message += "Did you mean #{suggestions.map {|s| "'#{s}'" }.join(", ")}?\n" unless suggestions.nil?
@ -382,8 +393,8 @@ or set it to nil if you don't want to specify a license.
end end
warning <<-WARNING if licenses.empty? warning <<-WARNING if licenses.empty?
licenses is empty, but is recommended. Use a license identifier from licenses is empty, but is recommended. Use an license identifier from
http://spdx.org/licenses or '#{Gem::Licenses::NONSTANDARD}' for a nonstandard license, https://spdx.org/licenses or '#{Gem::Licenses::NONSTANDARD}' for a nonstandard license,
or set it to nil if you don't want to specify a license. or set it to nil if you don't want to specify a license.
WARNING WARNING
end end

98
lib/rubygems/util/licenses.rb
View File

@ -22,10 +22,8 @@ class Gem::Licenses
AFL-2.0 AFL-2.0
AFL-2.1 AFL-2.1
AFL-3.0 AFL-3.0
AGPL-1.0
AGPL-1.0-only AGPL-1.0-only
AGPL-1.0-or-later AGPL-1.0-or-later
AGPL-3.0
AGPL-3.0-only AGPL-3.0-only
AGPL-3.0-or-later AGPL-3.0-or-later
AMDPLPA AMDPLPA
@ -58,8 +56,6 @@ class Gem::Licenses
Artistic-2.0 Artistic-2.0
BSD-1-Clause BSD-1-Clause
BSD-2-Clause BSD-2-Clause
BSD-2-Clause-FreeBSD
BSD-2-Clause-NetBSD
BSD-2-Clause-Patent BSD-2-Clause-Patent
BSD-2-Clause-Views BSD-2-Clause-Views
BSD-3-Clause BSD-3-Clause
@ -219,21 +215,18 @@ class Gem::Licenses
FreeBSD-DOC FreeBSD-DOC
FreeImage FreeImage
GD GD
GFDL-1.1
GFDL-1.1-invariants-only GFDL-1.1-invariants-only
GFDL-1.1-invariants-or-later GFDL-1.1-invariants-or-later
GFDL-1.1-no-invariants-only GFDL-1.1-no-invariants-only
GFDL-1.1-no-invariants-or-later GFDL-1.1-no-invariants-or-later
GFDL-1.1-only GFDL-1.1-only
GFDL-1.1-or-later GFDL-1.1-or-later
GFDL-1.2
GFDL-1.2-invariants-only GFDL-1.2-invariants-only
GFDL-1.2-invariants-or-later GFDL-1.2-invariants-or-later
GFDL-1.2-no-invariants-only GFDL-1.2-no-invariants-only
GFDL-1.2-no-invariants-or-later GFDL-1.2-no-invariants-or-later
GFDL-1.2-only GFDL-1.2-only
GFDL-1.2-or-later GFDL-1.2-or-later
GFDL-1.3
GFDL-1.3-invariants-only GFDL-1.3-invariants-only
GFDL-1.3-invariants-or-later GFDL-1.3-invariants-or-later
GFDL-1.3-no-invariants-only GFDL-1.3-no-invariants-only
@ -242,25 +235,12 @@ class Gem::Licenses
GFDL-1.3-or-later GFDL-1.3-or-later
GL2PS GL2PS
GLWTPL GLWTPL
GPL-1.0
GPL-1.0+
GPL-1.0-only GPL-1.0-only
GPL-1.0-or-later GPL-1.0-or-later
GPL-2.0
GPL-2.0+
GPL-2.0-only GPL-2.0-only
GPL-2.0-or-later GPL-2.0-or-later
GPL-2.0-with-GCC-exception
GPL-2.0-with-autoconf-exception
GPL-2.0-with-bison-exception
GPL-2.0-with-classpath-exception
GPL-2.0-with-font-exception
GPL-3.0
GPL-3.0+
GPL-3.0-only GPL-3.0-only
GPL-3.0-or-later GPL-3.0-or-later
GPL-3.0-with-GCC-exception
GPL-3.0-with-autoconf-exception
Giftware Giftware
Glide Glide
Glulxe Glulxe
@ -298,16 +278,10 @@ class Gem::Licenses
Knuth-CTAN Knuth-CTAN
LAL-1.2 LAL-1.2
LAL-1.3 LAL-1.3
LGPL-2.0
LGPL-2.0+
LGPL-2.0-only LGPL-2.0-only
LGPL-2.0-or-later LGPL-2.0-or-later
LGPL-2.1
LGPL-2.1+
LGPL-2.1-only LGPL-2.1-only
LGPL-2.1-or-later LGPL-2.1-or-later
LGPL-3.0
LGPL-3.0+
LGPL-3.0-only LGPL-3.0-only
LGPL-3.0-or-later LGPL-3.0-or-later
LGPLLR LGPLLR
@ -387,7 +361,6 @@ class Gem::Licenses
Newsletr Newsletr
Nokia Nokia
Noweb Noweb
Nunit
O-UDA-1.0 O-UDA-1.0
OCCT-PL OCCT-PL
OCLC-2.0 OCLC-2.0
@ -486,7 +459,6 @@ class Gem::Licenses
Spencer-86 Spencer-86
Spencer-94 Spencer-94
Spencer-99 Spencer-99
StandardML-NJ
SugarCRM-1.1.3 SugarCRM-1.1.3
SunPro SunPro
Symlinks Symlinks
@ -539,7 +511,6 @@ class Gem::Licenses
Zimbra-1.4 Zimbra-1.4
Zlib Zlib
blessing blessing
bzip2-1.0.5
bzip2-1.0.6 bzip2-1.0.6
checkmk checkmk
copyleft-next-0.3.0 copyleft-next-0.3.0
@ -548,7 +519,6 @@ class Gem::Licenses
diffmark diffmark
dtoa dtoa
dvipdfm dvipdfm
eCos-2.0
eGenix eGenix
etalab-2.0 etalab-2.0
gSOAP-1.3b gSOAP-1.3b
@ -566,13 +536,46 @@ class Gem::Licenses
psutils psutils
snprintf snprintf
w3m w3m
wxWindows
xinetd xinetd
xlock xlock
xpp xpp
zlib-acknowledgement zlib-acknowledgement
].freeze ].freeze
DEPRECATED_LICENSE_IDENTIFIERS = %w[
AGPL-1.0
AGPL-3.0
BSD-2-Clause-FreeBSD
BSD-2-Clause-NetBSD
GFDL-1.1
GFDL-1.2
GFDL-1.3
GPL-1.0
GPL-1.0+
GPL-2.0
GPL-2.0+
GPL-2.0-with-GCC-exception
GPL-2.0-with-autoconf-exception
GPL-2.0-with-bison-exception
GPL-2.0-with-classpath-exception
GPL-2.0-with-font-exception
GPL-3.0
GPL-3.0+
GPL-3.0-with-GCC-exception
GPL-3.0-with-autoconf-exception
LGPL-2.0
LGPL-2.0+
LGPL-2.1
LGPL-2.1+
LGPL-3.0
LGPL-3.0+
Nunit
StandardML-NJ
bzip2-1.0.5
eCos-2.0
wxWindows
].freeze
# exception identifiers # exception identifiers
EXCEPTION_IDENTIFIERS = %w[ EXCEPTION_IDENTIFIERS = %w[
389-exception 389-exception
@ -605,7 +608,6 @@ class Gem::Licenses
LZMA-exception LZMA-exception
Libtool-exception Libtool-exception
Linux-syscall-note Linux-syscall-note
Nokia-Qt-exception-1.1
OCCT-exception-1.0 OCCT-exception-1.0
OCaml-LGPL-linking-exception OCaml-LGPL-linking-exception
OpenJDK-assembly-exception-1.0 OpenJDK-assembly-exception-1.0
@ -633,7 +635,11 @@ class Gem::Licenses
x11vnc-openssl-exception x11vnc-openssl-exception
].freeze ].freeze
REGEXP = / DEPRECATED_EXCEPTION_IDENTIFIERS = %w[
Nokia-Qt-exception-1.1
].freeze
VALID_REGEXP = /
\A \A
(?: (?:
#{Regexp.union(LICENSE_IDENTIFIERS)} #{Regexp.union(LICENSE_IDENTIFIERS)}
@ -645,8 +651,32 @@ class Gem::Licenses
\Z \Z
/ox.freeze /ox.freeze
DEPRECATED_LICENSE_REGEXP = /
\A
#{Regexp.union(DEPRECATED_LICENSE_IDENTIFIERS)}
\+?
(?:\s WITH \s .+?)?
\Z
/ox.freeze
DEPRECATED_EXCEPTION_REGEXP = /
\A
.+?
\+?
(?:\s WITH \s #{Regexp.union(DEPRECATED_EXCEPTION_IDENTIFIERS)})
\Z
/ox.freeze
def self.match?(license) def self.match?(license)
REGEXP.match?(license) VALID_REGEXP.match?(license)
end
def self.deprecated_license_id?(license)
DEPRECATED_LICENSE_REGEXP.match?(license)
end
def self.deprecated_exception_id?(license)
DEPRECATED_EXCEPTION_REGEXP.match?(license)
end end
def self.suggestions(license) def self.suggestions(license)

6
test/rubygems/test_gem_commands_build_command.rb
View File

@ -26,7 +26,7 @@ class TestGemCommandsBuildCommand < Gem::TestCase
end end
@gem = util_spec "some_gem" do |s| @gem = util_spec "some_gem" do |s|
s.license = "AGPL-3.0" s.license = "AGPL-3.0-only"
s.files = ["README.md"] s.files = ["README.md"]
end end
@ -198,8 +198,8 @@ class TestGemCommandsBuildCommand < Gem::TestCase
end end
error = @ui.error.split "\n" error = @ui.error.split "\n"
assert_equal "WARNING: licenses is empty, but is recommended. Use a license identifier from", error.shift assert_equal "WARNING: licenses is empty, but is recommended. Use an license identifier from", error.shift
assert_equal "http://spdx.org/licenses or 'Nonstandard' for a nonstandard license,", error.shift assert_equal "https://spdx.org/licenses or 'Nonstandard' for a nonstandard license,", error.shift
assert_equal "or set it to nil if you don't want to specify a license.", error.shift assert_equal "or set it to nil if you don't want to specify a license.", error.shift
assert_equal "WARNING: See https://guides.rubygems.org/specification-reference/ for help", error.shift assert_equal "WARNING: See https://guides.rubygems.org/specification-reference/ for help", error.shift
assert_equal [], error assert_equal [], error

51
test/rubygems/test_gem_specification.rb
View File

@ -3104,8 +3104,8 @@ Please report a bug if this causes problems.
end end
assert_match <<-WARNING, @ui.error assert_match <<-WARNING, @ui.error
WARNING: licenses is empty, but is recommended. Use a license identifier from WARNING: licenses is empty, but is recommended. Use an license identifier from
http://spdx.org/licenses or 'Nonstandard' for a nonstandard license, https://spdx.org/licenses or 'Nonstandard' for a nonstandard license,
or set it to nil if you don't want to specify a license. or set it to nil if you don't want to specify a license.
WARNING WARNING
end end
@ -3156,8 +3156,8 @@ or set it to nil if you don't want to specify a license.
end end
assert_match <<-WARNING, @ui.error assert_match <<-WARNING, @ui.error
WARNING: license value 'BSD' is invalid. Use a license identifier from WARNING: License identifier 'BSD' is invalid. Use an identifier from
http://spdx.org/licenses or 'Nonstandard' for a nonstandard license, https://spdx.org/licenses or 'Nonstandard' for a nonstandard license,
or set it to nil if you don't want to specify a license. or set it to nil if you don't want to specify a license.
WARNING WARNING
end end
@ -3173,7 +3173,7 @@ or set it to nil if you don't want to specify a license.
assert_empty @ui.error assert_empty @ui.error
end end
def test_validate_license_values_plus def test_validate_deprecated_license_values_plus
util_setup_validate util_setup_validate
use_ui @ui do use_ui @ui do
@ -3181,7 +3181,11 @@ or set it to nil if you don't want to specify a license.
@a1.validate @a1.validate
end end
assert_empty @ui.error assert_match <<-WARNING, @ui.error
WARNING: License identifier 'GPL-2.0+' is deprecated. Use an identifier from
https://spdx.org/licenses or 'Nonstandard' for a nonstandard license,
or set it to nil if you don't want to specify a license.
WARNING
end end
def test_validate_license_values_or_later def test_validate_license_values_or_later
@ -3199,7 +3203,7 @@ or set it to nil if you don't want to specify a license.
util_setup_validate util_setup_validate
use_ui @ui do use_ui @ui do
@a1.licenses = ["GPL-2.0+ WITH Autoconf-exception-2.0"] @a1.licenses = ["GPL-2.0-or-later WITH Autoconf-exception-2.0"]
@a1.validate @a1.validate
end end
@ -3215,13 +3219,13 @@ or set it to nil if you don't want to specify a license.
end end
assert_match <<-WARNING, @ui.error assert_match <<-WARNING, @ui.error
WARNING: license value 'GPL-2.0+ FOO' is invalid. Use a license identifier from WARNING: License identifier 'GPL-2.0+ FOO' is invalid. Use an identifier from
http://spdx.org/licenses or 'Nonstandard' for a nonstandard license, https://spdx.org/licenses or 'Nonstandard' for a nonstandard license,
or set it to nil if you don't want to specify a license. or set it to nil if you don't want to specify a license.
WARNING WARNING
assert_match <<-WARNING, @ui.error assert_match <<-WARNING, @ui.error
WARNING: license value 'GPL-2.0 FOO' is invalid. Use a license identifier from WARNING: License identifier 'GPL-2.0+ FOO' is invalid. Use an identifier from
http://spdx.org/licenses or 'Nonstandard' for a nonstandard license, https://spdx.org/licenses or 'Nonstandard' for a nonstandard license,
or set it to nil if you don't want to specify a license. or set it to nil if you don't want to specify a license.
WARNING WARNING
end end
@ -3230,13 +3234,28 @@ or set it to nil if you don't want to specify a license.
util_setup_validate util_setup_validate
use_ui @ui do use_ui @ui do
@a1.licenses = ["GPL-2.0+ WITH Autocofn-exception-2.0"] @a1.licenses = ["GPL-2.0-only WITH Autocofn-exception-2.0"]
@a1.validate @a1.validate
end end
assert_match <<-WARNING, @ui.error assert_match <<-WARNING, @ui.error
WARNING: license value 'GPL-2.0+ WITH Autocofn-exception-2.0' is invalid. Use a license identifier from WARNING: License identifier 'GPL-2.0-only WITH Autocofn-exception-2.0' is invalid. Use an identifier from
http://spdx.org/licenses or 'Nonstandard' for a nonstandard license, https://spdx.org/licenses or 'Nonstandard' for a nonstandard license,
or set it to nil if you don't want to specify a license.
WARNING
end
def test_validate_license_with_deprecated_exception
util_setup_validate
use_ui @ui do
@a1.licenses = ["GPL-2.0-only WITH Nokia-Qt-exception-1.1"]
@a1.validate
end
assert_match <<-WARNING, @ui.error
WARNING: Exception identifier at 'GPL-2.0-only WITH Nokia-Qt-exception-1.1' is deprecated. Use an identifier from
https://spdx.org/licenses or 'Nonstandard' for a nonstandard license,
or set it to nil if you don't want to specify a license. or set it to nil if you don't want to specify a license.
WARNING WARNING
end end
@ -3250,8 +3269,8 @@ or set it to nil if you don't want to specify a license.
end end
assert_match <<-WARNING, @ui.error assert_match <<-WARNING, @ui.error
WARNING: license value 'ruby' is invalid. Use a license identifier from WARNING: License identifier 'ruby' is invalid. Use an identifier from
http://spdx.org/licenses or 'Nonstandard' for a nonstandard license, https://spdx.org/licenses or 'Nonstandard' for a nonstandard license,
or set it to nil if you don't want to specify a license. or set it to nil if you don't want to specify a license.
Did you mean 'Ruby'? Did you mean 'Ruby'?
WARNING WARNING