From e19b828cea6a6027cceae78f05d81317347d21be Mon Sep 17 00:00:00 2001 From: kezhenxu94 Date: Mon, 4 Sep 2023 19:18:37 +0800 Subject: [PATCH 1/9] Add `|` as comment indicator (#168) --- pkg/license/norm.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkg/license/norm.go b/pkg/license/norm.go index c01a8d9e..c9761d5f 100644 --- a/pkg/license/norm.go +++ b/pkg/license/norm.go @@ -70,6 +70,8 @@ var ( regexp.MustCompile(`(?m)^\s*{\*+`), // {* regexp.MustCompile(`(?m)^\s*\*+}`), // *} regexp.MustCompile(`(?m)^\s*'+`), // ' + + regexp.MustCompile(`(?m)^\s*\|+`), // ' } flattenSpace = regexp.MustCompile(`\s+`) From 45c9d9c2b50cdbebd8c688abba8fa8597105eed3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=90=B4=E6=99=9F=20Wu=20Sheng?= Date: Tue, 10 Oct 2023 08:51:15 +0800 Subject: [PATCH 2/9] Correct the way of joining slack channels (#169) --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 1b3d8499..e670766e 100644 --- a/README.md +++ b/README.md @@ -763,7 +763,7 @@ The `header check` command theoretically supports all kinds of file types, while [Apache License 2.0](https://github.com/apache/skywalking-eyes/blob/master/LICENSE) ## Contact Us -* Submit [an issue](https://github.com/apache/skywalking/issues/new) by using [INFRA] as title prefix. -* Mail list: **dev@skywalking.apache.org**. Mail to dev-subscribe@skywalking.apache.org, follow the reply to subscribe the mail list. -* Join `skywalking` channel at [Apache Slack](http://s.apache.org/slack-invite). If the link is not working, find the latest one at [Apache INFRA WIKI](https://cwiki.apache.org/confluence/display/INFRA/Slack+Guest+Invites). -* Twitter, [ASFSkyWalking](https://twitter.com/ASFSkyWalking) +* Mail list: **dev@skywalking.apache.org**. Mail to `dev-subscribe@skywalking.apache.org`, follow the reply to subscribe the mail list. +* Send `Request to join SkyWalking slack` mail to the mail list(`dev@skywalking.apache.org`), we will invite you in. +* For Chinese speaker, send `[CN] Request to join SkyWalking slack` mail to the mail list(`dev@skywalking.apache.org`), we will invite you in. +* Twitter, [ASFSkyWalking](https://twitter.com/AsfSkyWalking) From a790ab8dd23a7f861c18bd6aaa9b012e3a234bce Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Wed, 1 Nov 2023 11:14:57 +0800 Subject: [PATCH 3/9] feature: add weak-compatible to dependency check (#171) --- assets/compatibility/Apache-2.0.yaml | 19 +++++++++++++ commands/deps_check.go | 11 +++++++- pkg/deps/check.go | 26 +++++++++++------ pkg/deps/check_test.go | 42 ++++++++++++++++++++++------ 4 files changed, 81 insertions(+), 17 deletions(-) diff --git a/assets/compatibility/Apache-2.0.yaml b/assets/compatibility/Apache-2.0.yaml index 752f8714..4111a245 100644 --- a/assets/compatibility/Apache-2.0.yaml +++ b/assets/compatibility/Apache-2.0.yaml @@ -89,3 +89,22 @@ incompatible: - CPOL-1.02 - NPL-1.0 - NPL-1.1 + +weak-compatible: + - CDDL-1.0 + - CDDL-1.1 + - CPL-1.0 + - EPL-1.0 + - EPL-2.0 + - ErlPL-1.1 + - IPA + - IPL-1.0 + - LicenseRef-scancode-ubuntu-font-1.0 + - LicenseRef-scancode-unrar + - MPL-1.0 + - MPL-1.1 + - MPL-2.0 + - OFL-1.1 + - OSL-3.0 + - Ruby + - SPL-1.0 \ No newline at end of file diff --git a/commands/deps_check.go b/commands/deps_check.go index 8073d0bb..87aab079 100644 --- a/commands/deps_check.go +++ b/commands/deps_check.go @@ -26,6 +26,15 @@ import ( "github.com/apache/skywalking-eyes/pkg/deps" ) +var weakCompatible bool + +func init() { + DepsCheckCommand.PersistentFlags().BoolVarP(&weakCompatible, "weak-compatible", "w", false, + "if set to true, treat the weak-compatible licenses as compatible in dependencies check. "+ + "Note: when set to true, make sure to manually confirm that weak-compatible licenses "+ + "are used under the required conditions.") +} + var DepsCheckCommand = &cobra.Command{ Use: "check", Aliases: []string{"c"}, @@ -34,7 +43,7 @@ var DepsCheckCommand = &cobra.Command{ var errors []error configDeps := Config.Dependencies() for _, header := range Config.Headers() { - if err := deps.Check(header.License.SpdxID, configDeps); err != nil { + if err := deps.Check(header.License.SpdxID, configDeps, weakCompatible); err != nil { errors = append(errors, err) } } diff --git a/pkg/deps/check.go b/pkg/deps/check.go index f5c663ad..04e8301a 100644 --- a/pkg/deps/check.go +++ b/pkg/deps/check.go @@ -30,8 +30,9 @@ import ( ) type CompatibilityMatrix struct { - Compatible []string `yaml:"compatible"` - Incompatible []string `yaml:"incompatible"` + Compatible []string `yaml:"compatible"` + Incompatible []string `yaml:"incompatible"` + WeakCompatible []string `yaml:"weak-compatible"` } var matrices = make(map[string]CompatibilityMatrix) @@ -63,7 +64,7 @@ func init() { } } -func Check(mainLicenseSpdxID string, config *ConfigDeps) error { +func Check(mainLicenseSpdxID string, config *ConfigDeps, weakCompatible bool) error { matrix := matrices[mainLicenseSpdxID] report := Report{} @@ -71,7 +72,7 @@ func Check(mainLicenseSpdxID string, config *ConfigDeps) error { return nil } - return CheckWithMatrix(mainLicenseSpdxID, &matrix, &report) + return CheckWithMatrix(mainLicenseSpdxID, &matrix, &report, weakCompatible) } func compare(list []string, spdxID string) bool { @@ -99,16 +100,22 @@ func compareAny(spdxIDs []string, compare func(spdxID string) bool) bool { return false } -func CheckWithMatrix(mainLicenseSpdxID string, matrix *CompatibilityMatrix, report *Report) error { +func compareCompatible(matrix *CompatibilityMatrix, spdxID string, weakCompatible bool) bool { + if weakCompatible { + return compare(matrix.Compatible, spdxID) || compare(matrix.WeakCompatible, spdxID) + } + return compare(matrix.Compatible, spdxID) +} + +func CheckWithMatrix(mainLicenseSpdxID string, matrix *CompatibilityMatrix, report *Report, weakCompatible bool) error { var incompatibleResults []*Result var unknownResults []*Result for _, result := range append(report.Resolved, report.Skipped...) { operator, spdxIDs := parseLicenseExpression(result.LicenseSpdxID) - switch operator { case LicenseOperatorAND: if compareAll(spdxIDs, func(spdxID string) bool { - return compare(matrix.Compatible, spdxID) + return compareCompatible(matrix, spdxID, weakCompatible) }) { continue } @@ -120,7 +127,7 @@ func CheckWithMatrix(mainLicenseSpdxID string, matrix *CompatibilityMatrix, repo case LicenseOperatorOR: if compareAny(spdxIDs, func(spdxID string) bool { - return compare(matrix.Compatible, spdxID) + return compareCompatible(matrix, spdxID, weakCompatible) }) { continue } @@ -134,6 +141,9 @@ func CheckWithMatrix(mainLicenseSpdxID string, matrix *CompatibilityMatrix, repo if compatible := compare(matrix.Compatible, spdxIDs[0]); compatible { continue } + if weakCompatible && compare(matrix.WeakCompatible, spdxIDs[0]) { + continue + } if incompatible := compare(matrix.Incompatible, spdxIDs[0]); incompatible { incompatibleResults = append(incompatibleResults, result) continue diff --git a/pkg/deps/check_test.go b/pkg/deps/check_test.go index db4a250a..27999913 100644 --- a/pkg/deps/check_test.go +++ b/pkg/deps/check_test.go @@ -18,9 +18,10 @@ package deps_test import ( - "github.com/apache/skywalking-eyes/pkg/deps" "strings" "testing" + + "github.com/apache/skywalking-eyes/pkg/deps" ) var TestMatrix = deps.CompatibilityMatrix{ @@ -52,6 +53,9 @@ var TestMatrix = deps.CompatibilityMatrix{ "GPL-2.0-only", "GPL-2.0-or-later", }, + WeakCompatible: []string{ + "MPL-2.0", + }, } func TestCheckWithMatrix(t *testing.T) { @@ -62,7 +66,7 @@ func TestCheckWithMatrix(t *testing.T) { LicenseSpdxID: "Apache-2.0", }, }, - }); err != nil { + }, false); err != nil { t.Errorf("Shouldn't return error") } @@ -77,7 +81,7 @@ func TestCheckWithMatrix(t *testing.T) { LicenseSpdxID: "LGPL-2.0", }, }, - }); err == nil { + }, false); err == nil { t.Errorf("Should return error") } else if !strings.Contains(err.Error(), "Bar | LGPL-2.0") { t.Errorf("Should return error and contains dependency Bar, now is `%s`", err.Error()) @@ -96,7 +100,7 @@ func TestCheckWithMatrix(t *testing.T) { LicenseSpdxID: "Unknown", }, }, - }); err == nil { + }, false); err == nil { t.Errorf("Should return error") } else if !strings.Contains(err.Error(), "Bar | Unknown") { t.Errorf("Should return error and has dependency Bar, now is `%s`", err.Error()) @@ -109,7 +113,7 @@ func TestCheckWithMatrix(t *testing.T) { LicenseSpdxID: "Apache-2.0 OR MIT", }, }, - }); err != nil { + }, false); err != nil { t.Errorf("Shouldn't return error") } @@ -120,7 +124,7 @@ func TestCheckWithMatrix(t *testing.T) { LicenseSpdxID: "GPL-3.0 and GPL-3.0-or-later", }, }, - }); err == nil { + }, false); err == nil { t.Errorf("Should return error") } @@ -131,7 +135,7 @@ func TestCheckWithMatrix(t *testing.T) { LicenseSpdxID: "LGPL-2.1-only AND MIT AND BSD-2-Clause", }, }, - }); err == nil { + }, false); err == nil { t.Errorf("Should return error") } @@ -142,7 +146,29 @@ func TestCheckWithMatrix(t *testing.T) { LicenseSpdxID: "GPL-2.0-or-later WITH Bison-exception-2.2", }, }, - }); err == nil { + }, false); err == nil { t.Errorf("Should return error") } + + if err := deps.CheckWithMatrix("Apache-2.0", &TestMatrix, &deps.Report{ + Resolved: []*deps.Result{ + { + Dependency: "Foo", + LicenseSpdxID: "MPL-2.0", + }, + }, + }, false); err == nil { + t.Errorf("Should return error since weak-compatible is turned off") + } + + if err := deps.CheckWithMatrix("Apache-2.0", &TestMatrix, &deps.Report{ + Resolved: []*deps.Result{ + { + Dependency: "Bar", + LicenseSpdxID: "MPL-2.0", + }, + }, + }, true); err != nil { + t.Errorf("Shouldn't return error") + } } From ee81ff786927ea6ffa48b1e29c48e5289f4753aa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=BD=97=E6=B3=BD=E8=BD=A9?= Date: Sat, 9 Dec 2023 01:38:09 +0800 Subject: [PATCH 4/9] feature: add support for Protocol Buffer (#172) --- assets/languages.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/assets/languages.yaml b/assets/languages.yaml index 949cb6cf..d22e61de 100644 --- a/assets/languages.yaml +++ b/assets/languages.yaml @@ -4345,6 +4345,7 @@ Protocol Buffer: codemirror_mode: protobuf codemirror_mime_type: text/x-protobuf language_id: 297 + comment_style_id: DoubleSlash Public Key: type: data extensions: From ed436a5593c63a25f394ea29da61b0ac3731a9fe Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=BD=97=E6=B3=BD=E8=BD=A9?= Date: Sat, 23 Dec 2023 10:02:43 +0800 Subject: [PATCH 5/9] feature: add support for OPA policy files (#174) --- assets/languages.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/assets/languages.yaml b/assets/languages.yaml index d22e61de..f2a19e12 100644 --- a/assets/languages.yaml +++ b/assets/languages.yaml @@ -3841,6 +3841,7 @@ Open Policy Agent: - ".rego" language_id: 840483232 tm_scope: source.rego + comment_style_id: Hashtag OpenCL: type: programming group: C From e6d1ce46901c759d9d9f84f8bcb97ad028cd5f88 Mon Sep 17 00:00:00 2001 From: George Adams Date: Fri, 22 Mar 2024 12:17:32 +0000 Subject: [PATCH 6/9] add Eclipse Foundation specific Apache 2.0 license header (#178) --- assets/header-templates/Apache-2.0-EF.txt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 assets/header-templates/Apache-2.0-EF.txt diff --git a/assets/header-templates/Apache-2.0-EF.txt b/assets/header-templates/Apache-2.0-EF.txt new file mode 100644 index 00000000..12c2c332 --- /dev/null +++ b/assets/header-templates/Apache-2.0-EF.txt @@ -0,0 +1,7 @@ +Copyright (c) [year] [owner] + +This program and the accompanying materials are made +available under the terms of the Apache Software License 2.0 +which is available at https://www.apache.org/licenses/LICENSE-2.0. + +SPDX-License-Identifier: Apache-2.0 From 97538682f556b56cc7422ece660d8d7e6c4fb013 Mon Sep 17 00:00:00 2001 From: George Adams Date: Thu, 28 Mar 2024 15:01:31 +0000 Subject: [PATCH 7/9] add instructions to fix header issues in markdown comment (#179) --- pkg/review/header.go | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/pkg/review/header.go b/pkg/review/header.go index 55d6b5df..d0c48621 100644 --- a/pkg/review/header.go +++ b/pkg/review/header.go @@ -257,11 +257,10 @@ func IsPR() bool { return os.Getenv("GITHUB_EVENT_NAME") == "pull_request" } -// TODO add fixing guide func Markdown(result *header2.Result) string { return fmt.Sprintf(` -[license-eye](https://github.com/apache/skywalking-eyes/tree/main/cmd/license-eye) has totally checked %d files. +[license-eye](https://github.com/apache/skywalking-eyes/tree/main/cmd/license-eye) has checked %d files. | Valid | Invalid | Ignored | Fixed | | --- | --- | --- | --- | | %d | %d | %d | %d | @@ -270,6 +269,15 @@ func Markdown(result *header2.Result) string { %v + +
+ Use this command to fix any missing license headers + + `+"```bash\n"+ + "docker run -it --rm -v $(pwd):/github/workspace apache/skywalking-eyes header fix\n"+ + "```"+ + ` +
`, Identification, len(result.Success)+len(result.Failure)+len(result.Ignored), From 6753eaeab2d30d8b777f33637bf48794f70888d0 Mon Sep 17 00:00:00 2001 From: George Adams Date: Tue, 2 Apr 2024 15:52:24 +0100 Subject: [PATCH 8/9] bump action/setup-go to v5 (#180) --- .github/workflows/license-eye-check.yaml | 2 +- action.yml | 2 +- dependency/action.yml | 2 +- header/action.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/license-eye-check.yaml b/.github/workflows/license-eye-check.yaml index ed6884f8..72da41bf 100644 --- a/.github/workflows/license-eye-check.yaml +++ b/.github/workflows/license-eye-check.yaml @@ -30,7 +30,7 @@ jobs: steps: - uses: actions/checkout@v2 - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: go-version: 1.18 diff --git a/action.yml b/action.yml index 690bae86..cb54c26c 100644 --- a/action.yml +++ b/action.yml @@ -45,7 +45,7 @@ runs: using: "composite" steps: - name: Set up Go 1.18 - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: 1.18 cache-dependency-path: ${{ github.action_path }}/go.sum diff --git a/dependency/action.yml b/dependency/action.yml index 2c5a97d1..82f64586 100644 --- a/dependency/action.yml +++ b/dependency/action.yml @@ -43,7 +43,7 @@ runs: using: "composite" steps: - name: Set up Go 1.18 - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: 1.18 cache-dependency-path: ${{ github.action_path }}/go.sum diff --git a/header/action.yml b/header/action.yml index 5ea9f7f1..513e67fb 100644 --- a/header/action.yml +++ b/header/action.yml @@ -45,7 +45,7 @@ runs: using: "composite" steps: - name: Set up Go 1.18 - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: 1.18 cache-dependency-path: ${{ github.action_path }}/go.sum From cd7b195c51fd3d6ad52afceb760719ddc6b3ee91 Mon Sep 17 00:00:00 2001 From: kezhenxu94 Date: Sun, 7 Apr 2024 09:49:32 +0800 Subject: [PATCH 9/9] Draft release notes for 0.6.0 (#181) --- CHANGES.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGES.md b/CHANGES.md index 8fe310c5..b8130ecf 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,10 @@ +## 0.6.0 + +* Add instructions to fix header issues in markdown comment. +* Add Eclipse Foundation specific Apache 2.0 license header. +* Add support for OPA policy files, protobuf. +* Add weak-compatible check to dependency check. + ## 0.5.0 * feat(header templates): add support for AGPL-3.0 by @elijaholmos in https://github.com/apache/skywalking-eyes/pull/125