Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature/adapt checks for warning #62

Closed
wants to merge 54 commits into from
Closed

Feature/adapt checks for warning #62

Changes from all commits
Commits
Show all changes
54 commits
Select commit Hold shift + click to select a range
be4a47c
Update scancode-toolkit requirement from <=31.2.6 to <=32.0.7
dependabot[bot] Oct 2, 2023
53dc988
working from 32.0.7
ct2034 Oct 9, 2023
85df286
is_license_text check fixed with new result semantics
ct2034 Oct 9, 2023
db494df
linting fix
ct2034 Oct 9, 2023
ca0e3e1
handling of ignored files
ct2034 Oct 9, 2023
c53c22b
formatting
ct2034 Oct 9, 2023
073e6fb
this is all WIP
ct2034 Oct 9, 2023
6555c19
Merge branch 'main' into dependabot/pip/scancode-toolkit-lte-32.0.7
ct2034 Oct 30, 2023
5312b77
Unnecessary "else" after "return"
ct2034 Oct 30, 2023
d747147
still bad with 32.0.8
ct2034 Oct 30, 2023
8f18304
ignoring those rules
ct2034 Oct 30, 2023
dada029
Merge branch 'main' into dependabot/pip/scancode-toolkit-lte-32.0.7
ant-u Feb 23, 2024
f633c28
changed method get_spdx_license_name back, WIP
ant-u Feb 23, 2024
1e7a499
scancode get_copyrights function filtering word 'anything', changed t…
ant-u Feb 27, 2024
b5d3b25
linter issues
ant-u Feb 27, 2024
fd8d6de
Added spaces around comment for scancode to recognize copyright message
ant-u Feb 27, 2024
af457d3
Merge branch 'main' of https://github.com/boschresearch/ros_license_t…
ant-u Feb 27, 2024
648de94
added check for only one license text which is in spdx to start handl…
ant-u Mar 4, 2024
59be16e
When only one SPDX License File exists, make a warning to change the …
ant-u Mar 4, 2024
27393ff
Added check if multiple files exist
ant-u Mar 5, 2024
28cede1
restructured LicenseTextExistsCheck
ant-u Mar 5, 2024
eec394c
reverted restructure of check since pytest has trouble with it
ant-u Mar 5, 2024
b7859b4
moved LicenseTextExists checks to seperate function
ant-u Mar 6, 2024
9aefe6a
made own evaluation function for licenseInCodeCheck
ant-u Mar 6, 2024
945cd93
added irgnore flag for too many attributes localy to package.py since…
ant-u Mar 6, 2024
622738e
Converted check_licenses mehtod to function
ant-u Mar 6, 2024
75c2d63
restructured Check LicensesInCode and TextExists to work with attribu…
ant-u Mar 6, 2024
6c9ba21
added test for two licenses with both tags not in spdx
ant-u Mar 6, 2024
5af585d
changed license from test to MPL
ant-u Mar 6, 2024
89f05d9
Added negative test for two not in spdx tags but one for own license …
ant-u Mar 6, 2024
f51e03b
added test for ignoring contents of readme
ant-u Mar 11, 2024
4590a29
added ignore file in json format to set all files, types and folders …
ant-u Mar 11, 2024
07f813e
added test for hidden folder that should also be ignored (simulating …
ant-u Mar 11, 2024
4ee05fe
merged two lines
ant-u Mar 11, 2024
065ff46
changed check for LicenceTag to Fail if tag and file are not same lic…
ant-u Mar 12, 2024
87bd4fc
Documenting requirements for pypi update (#56)
ct2034 Mar 13, 2024
690dfc6
Merge branch 'main' into feature/handling-false-positives
ant-u Mar 18, 2024
3a99d0e
linter issues
ant-u Mar 18, 2024
2c861e9
Merge branch 'main' into feature/error_for_spdx_license_and_tag
ant-u Mar 18, 2024
cecde49
deleted unnecessary attribute from pull request
ant-u Mar 18, 2024
371d631
introduced .scanignore file, keeping local var for ignoring default f…
ant-u Mar 18, 2024
0a9573b
Added list of default ignored items to readme
ant-u Mar 18, 2024
60b824e
Merge branch 'main' into feature/handling-false-positives
ant-u Mar 18, 2024
87b062a
Merge pull request #54 from boschresearch/feature/error_for_spdx_lice…
ant-u Mar 18, 2024
0cb67b7
Merge pull request #53 from boschresearch/feature/handling-false-posi…
ant-u Mar 18, 2024
90afb3e
Feature: add check for every license has a matching tag (#55)
ant-u Mar 19, 2024
78114a6
adapted first test
ant-u Mar 25, 2024
5633bbb
added check_output_status function to check every test for single che…
ant-u Mar 25, 2024
7d672f8
changed tests that don't result in an error to new test form
ant-u Mar 28, 2024
8ee384c
pinned version of spdx_tools to 0.7.0 since in 0.8.2 LICENSE_MAP was …
ant-u Mar 28, 2024
644023f
Merge branch 'main' of https://github.com/boschresearch/ros_license_t…
ant-u Mar 28, 2024
9bd5198
pinned version of scancode-toolkit because 32.1.0 needs spdx-tools 0.8.2
ant-u Mar 28, 2024
1ff7e30
loosened dependencies for versions
ant-u Mar 28, 2024
5a1705a
Merge branch 'main' into feature/adapt_checks_for_warning
ant-u Apr 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
185 changes: 128 additions & 57 deletions test/systemtest/test_separate_pkgs.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,13 @@
import subprocess
import unittest
from test.systemtest._test_helpers import make_repo, remove_repo
from typing import Optional

from ros_license_toolkit.main import main
from ros_license_toolkit.checks import Status

SUCCESS = Status.SUCCESS
WARNING = Status.WARNING
FAILURE = Status.FAILURE


class TestPkgs(unittest.TestCase):
Expand Down Expand Up @@ -54,16 +59,19 @@ def test_pkg_both_tags_not_spdx(self):
""" Test on a package that has two different Licenses that both
have a not SPDX conform Tag. License files and source files
are SPDX conform"""
self.assertEqual(os.EX_OK, main([
"test/_test_data/test_pkg_both_tags_not_spdx"
]))
process, stdout = open_subprocess("test_pkg_both_tags_not_spdx")
self.assertEqual(os.EX_OK, process.returncode)
self.assertTrue(check_output_status(
stdout, SUCCESS, WARNING, WARNING, WARNING, WARNING))

def test_pkg_both_tags_not_spdx_one_file_own(self):
"""Test on a package that has two licenses. One is self-defined, other
one with not SPDX tag but therefore code and license file in SPDX"""
self.assertEqual(os.EX_DATAERR, main([
"test/_test_data/test_pkg_both_tags_not_spdx_one_file_own"
]))
process, stdout = open_subprocess(
"test_pkg_both_tags_not_spdx_one_file_own")
self.assertEqual(os.EX_DATAERR, process.returncode)
self.assertTrue(check_output_status(
stdout, SUCCESS, WARNING, FAILURE, WARNING, WARNING))

def test_pkg_code_has_no_license(self):
"""Test on a package that has a correct package.xml with a license
Expand All @@ -76,78 +84,96 @@ def test_pkg_code_has_no_license(self):
def test_pkg_has_code_disjoint(self):
"""Test on a package with two disjoint sets of source files under
a license different from the package main license."""
self.assertEqual(os.EX_OK, main(
["test/_test_data/test_pkg_has_code_disjoint"]))
process, stdout = open_subprocess("test_pkg_has_code_disjoint")
self.assertEqual(os.EX_OK, process.returncode)
self.assertTrue(check_output_status(stdout))

def test_pkg_has_code_of_different_license(self):
"""Test on a package with source files under a license different
from the package main license (here LGPL). It should fail, because
the additional license is not declared in the package.xml."""
self.assertEqual(os.EX_DATAERR, main(
["test/_test_data/test_pkg_has_code_of_different_license"]))
process, stdout = open_subprocess(
"test_pkg_has_code_of_different_license")
self.assertEqual(os.EX_DATAERR, process.returncode)
self.assertTrue(check_output_status(stdout, exp_lic_in_code=FAILURE))

def test_pkg_has_code_of_different_license_and_tag(self):
"""Test on a package with source files under a license different
from the package main license, but the additional license is declared
in the package.xml."""
self.assertEqual(os.EX_OK, main(
["test/_test_data/"
"test_pkg_has_code_of_different_license_and_tag"]))
process, stdout = open_subprocess(
"test_pkg_has_code_of_different_license_and_tag")
self.assertEqual(os.EX_OK, process.returncode)
self.assertTrue(check_output_status(stdout))

def test_pkg_has_code_of_different_license_and_wrong_tag(self):
"""Test on a package with source files under a license different
from the package main license, but the additional license is declared
in the package.xml, but with the wrong name."""
self.assertEqual(os.EX_DATAERR, main(
["test/_test_data/"
"test_pkg_has_code_of_different_license_and_wrong_tag"]))
process, stdout = open_subprocess(
"test_pkg_has_code_of_different_license_and_wrong_tag")
self.assertEqual(os.EX_DATAERR, process.returncode)
self.assertTrue(check_output_status(
stdout, exp_lic_text_exits=FAILURE, exp_lic_in_code=FAILURE))

def test_pkg_ignore_readme_contents(self):
"""Test on a package with readme files. READMEs mention licenses
that are not in package and shall therefore be ignored."""
test_result = main(["test/_test_data/test_pkg_ignore_readme_contents"])
self.assertEqual(os.EX_OK, test_result)
process, stdout = open_subprocess("test_pkg_ignore_readme_contents")
self.assertEqual(os.EX_OK, process.returncode)
self.assertTrue(check_output_status(stdout))

def test_pkg_name_not_in_spdx(self):
"""Test on a package that has valid License file with BSD-3-Clause
but its license tag BSD is not in SPDX format"""
process, stdout = open_subprocess("test_pkg_name_not_in_spdx")
self.assertEqual(os.EX_OK, process.returncode)
self.assertIn(b"WARNING", stdout)
self.assertTrue(check_output_status(
stdout, SUCCESS, WARNING, WARNING, SUCCESS, WARNING))

def test_pkg_no_file_attribute(self):
"""Test on a package with License file that is not referenced in
package.xml"""
self.assertEqual(os.EX_OK, main(
["test/_test_data/test_pkg_no_file_attribute"]))
process, stdout = open_subprocess("test_pkg_no_file_attribute")
self.assertEqual(os.EX_OK, process.returncode)
self.assertTrue(check_output_status(stdout))

def test_pkg_no_license(self):
"""Test on a package with no license declared in the package.xml."""
self.assertEqual(os.EX_DATAERR, main(
["test/_test_data/test_pkg_no_license"]))
process, stdout = open_subprocess("test_pkg_no_license")
self.assertEqual(os.EX_DATAERR, process.returncode)
self.assertTrue(check_output_status(
stdout, FAILURE, SUCCESS, FAILURE, FAILURE, SUCCESS))

def test_pkg_no_license_file(self):
"""Test on a package with no license text file."""
self.assertEqual(os.EX_DATAERR, main(
["test/_test_data/test_pkg_no_license_file"]))
process, stdout = open_subprocess("test_pkg_no_license_file")
self.assertEqual(os.EX_DATAERR, process.returncode)
self.assertTrue(check_output_status(
stdout, exp_lic_text_exits=FAILURE))

def test_pkg_one_correct_one_license_file_missing(self):
"""Test on a package that has one correct license with file
and code, but also one not known license tag without file"""
self.assertEqual(os.EX_DATAERR, main(
["test/_test_data/test_pkg_one_correct_one_license_file_missing"]))
process, stdout = open_subprocess(
"test_pkg_one_correct_one_license_file_missing")
self.assertEqual(os.EX_DATAERR, process.returncode)
self.assertTrue(check_output_status(
stdout, SUCCESS, WARNING, FAILURE, FAILURE, SUCCESS))

def test_pkg_spdx_name(self):
"""Test on a package with a license declared in the package.xml
with the SPDX name."""
self.assertEqual(os.EX_OK, main(
["test/_test_data/test_pkg_spdx_name"]))
process, stdout = open_subprocess("test_pkg_spdx_name")
self.assertEqual(os.EX_OK, process.returncode)
self.assertTrue(check_output_status(stdout))

def test_pkg_spdx_tag(self):
"""Test on a package with a license declared in the package.xml
with the SPDX tag."""
self.assertEqual(os.EX_OK, main(
["test/_test_data/test_pkg_spdx_tag"]))
process, stdout = open_subprocess("test_pkg_spdx_tag")
self.assertEqual(os.EX_OK, process.returncode)
self.assertTrue(check_output_status(stdout))

def test_pkg_too_many_license_files(self):
""""Test on a package with multiple License files that are not
Expand All @@ -157,64 +183,69 @@ def test_pkg_too_many_license_files(self):
self.assertIn(b"bsd.LICENSE", stdout)
self.assertIn(b"apl.LICENSE", stdout)
self.assertNotIn(b"../../../LICENSE", stdout)
self.assertTrue(check_output_status(
stdout, exp_lic_files_referenced=FAILURE))

def test_pkg_tag_not_spdx(self):
"""Test on a package that has one linked declaration, one code file
but not in SPDX tag. Tag must be gotten from declaration."""
process, stdout = open_subprocess("test_pkg_tag_not_spdx")
self.assertEqual(os.EX_OK, process.returncode)
self.assertIn(b"WARNING", stdout)
self.assertIn(b"'code_with_afl.py' is of AFL-2.0 but its Tag is AFL.",
stdout)
self.assertTrue(check_output_status(
stdout, SUCCESS, WARNING, WARNING, WARNING, WARNING))

def test_pkg_unknown_license(self):
"""Test on a package with an unknown license declared in the
package.xml."""
# using subprocess.Popen instead of main() to capture stdout
with subprocess.Popen(
["ros_license_toolkit",
"test/_test_data/test_pkg_unknown_license"],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE
) as process:
stdout, _ = process.communicate()
self.assertNotEqual(os.EX_OK, process.returncode)
self.assertIn(b'not in SPDX list of licenses', stdout)
self.assertIn(b'my own fancy license 1.0', stdout)
process, stdout = open_subprocess("test_pkg_unknown_license")
self.assertEqual(os.EX_DATAERR, process.returncode)
self.assertTrue(check_output_status(
stdout, exp_lic_tag_spdx=WARNING, exp_lic_text_exits=FAILURE))

def test_pkg_unknown_license_missing_file(self):
"""Test on a package that has an unknown license
without a license file"""
self.assertEqual(os.EX_DATAERR, main(
["test/_test_data/test_pkg_unknown_license_missing_file"]))
process, stdout = open_subprocess(
"test_pkg_unknown_license_missing_file")
self.assertEqual(os.EX_DATAERR, process.returncode)
self.assertTrue(check_output_status(
stdout, exp_lic_tag_spdx=WARNING, exp_lic_text_exits=FAILURE))

def test_pkg_with_license_and_file(self):
"""Test on a package with a license declared in the package.xml
and a matching license text file."""
self.assertEqual(os.EX_OK, main(
["test/_test_data/test_pkg_with_license_and_file"]))
process, stdout = open_subprocess("test_pkg_with_license_and_file")
self.assertEqual(os.EX_OK, process.returncode)
self.assertTrue(check_output_status(stdout))

def test_pkg_with_multiple_licenses_no_source_files_tag(self):
"""Test on a package with multiple licenses declared in the
package.xml, none of which have source file tags."""
self.assertEqual(os.EX_DATAERR, main(
["test/_test_data/"
"test_pkg_with_multiple_licenses_no_source_files_tag"]))
process, stdout = open_subprocess(
"test_pkg_with_multiple_licenses_no_source_files_tag")
self.assertEqual(os.EX_DATAERR, process.returncode)
self.assertTrue(check_output_status(
stdout, exp_lic_tag_exists=FAILURE))

def test_pkg_with_multiple_licenses_one_referenced_incorrect(self):
"""Test on a package with multiple licenses declared in the
package.xml. First has tag not in SPDX list with correct source file,
second is in SPDX."""
package.xml. First has tag not in SPDX list with correct
source file, second is in SPDX."""
process, stdout = open_subprocess(
"test_pkg_with_multiple_licenses_one_referenced_incorrect")
self.assertEqual(os.EX_OK, process.returncode)
self.assertIn(b"WARNING Licenses ['BSD'] are not in SPDX list", stdout)
self.assertTrue(check_output_status(
stdout, SUCCESS, WARNING, WARNING, WARNING, WARNING))

def test_pkg_wrong_license_file(self):
"""Test on a package with a license text file that does not match
the license declared in the package.xml, both tag and file in spdx"""
self.assertEqual(os.EX_DATAERR, main(
["test/_test_data/test_pkg_wrong_license_file"]))
process, stdout = open_subprocess("test_pkg_wrong_license_file")
self.assertEqual(os.EX_DATAERR, process.returncode)
self.assertTrue(check_output_status(
stdout, exp_lic_text_exits=FAILURE,
exp_lic_files_referenced=WARNING))


def open_subprocess(test_data_name: str):
Expand All @@ -229,5 +260,45 @@ def open_subprocess(test_data_name: str):
return process, stdout


def check_output_status(output: str,
exp_lic_tag_exists: Status = Status.SUCCESS,
exp_lic_tag_spdx: Status = Status.SUCCESS,
exp_lic_text_exits: Status = Status.SUCCESS,
exp_lic_in_code: Status = Status.SUCCESS,
exp_lic_files_referenced: Status = Status.SUCCESS
) -> bool:
"""Check output of each check for expected status."""
# pylint: disable=too-many-arguments

real_lic_tag_exists = get_test_result(output, "LicenseTagExistsCheck")
real_lic_tag_spdx = get_test_result(output, "LicenseTagIsInSpdxListCheck")
real_lic_text_exits = get_test_result(output, "LicenseTextExistsCheck")
real_lic_in_code = get_test_result(output, "LicensesInCodeCheck")
real_lic_files_referenced = get_test_result(
output, "LicenseFilesReferencedCheck")

return exp_lic_tag_exists == real_lic_tag_exists \
and exp_lic_tag_spdx == real_lic_tag_spdx \
and exp_lic_text_exits == real_lic_text_exits \
and exp_lic_in_code == real_lic_in_code \
and exp_lic_files_referenced == real_lic_files_referenced


def get_test_result(output: str, test_name: str) -> Optional[Status]:
"""Get single test result for specific test."""
lines = output.splitlines()
for i, line in enumerate(lines):
if test_name in str(line):
if i + 1 < len(lines):
result_line = str(lines[i + 1])
if "FAILURE" in result_line:
return FAILURE
if "WARNING" in result_line:
return WARNING
if "SUCCESS" in result_line:
return SUCCESS
return None


if __name__ == '__main__':
unittest.main()
Loading