mirror of
https://github.com/anchore/syft
synced 2024-11-13 23:57:07 +00:00
test: update tests to match new SPDXLicense structure
Signed-off-by: Christopher Phillips <32073428+spiffcs@users.noreply.github.com>
This commit is contained in:
parent
8a722d0ffe
commit
6f401891e7
3 changed files with 28 additions and 6 deletions
|
@ -3,13 +3,16 @@ package helpers
|
|||
import (
|
||||
"crypto/sha256"
|
||||
"fmt"
|
||||
"strings"
|
||||
"regexp"
|
||||
|
||||
"github.com/anchore/syft/internal/spdxlicense"
|
||||
"github.com/anchore/syft/syft/license"
|
||||
"github.com/anchore/syft/syft/pkg"
|
||||
"strings"
|
||||
)
|
||||
|
||||
var validSPDXValue = regexp.MustCompile("[^A-Za-z0-9\\-\\.]+")
|
||||
|
||||
func License(p pkg.Package) (concluded, declared string) {
|
||||
// source: https://spdx.github.io/spdx-spec/v2.3/package-information/#713-concluded-license-field
|
||||
// The options to populate this field are limited to:
|
||||
|
@ -60,6 +63,7 @@ func joinLicenses(licenses []SPDXLicense) string {
|
|||
type SPDXLicense struct {
|
||||
ID string
|
||||
Value string
|
||||
FullText string
|
||||
}
|
||||
|
||||
func ParseLicenses(raw []pkg.License) (concluded, declared []SPDXLicense) {
|
||||
|
@ -69,14 +73,25 @@ func ParseLicenses(raw []pkg.License) (concluded, declared []SPDXLicense) {
|
|||
}
|
||||
|
||||
candidate := SPDXLicense{}
|
||||
// a pkg license can have a couple combinations of values
|
||||
if l.SPDXExpression != "" {
|
||||
// extract which value was used for the license
|
||||
switch {
|
||||
case l.SPDXExpression != "":
|
||||
candidate.ID = l.SPDXExpression
|
||||
hash := sha256.Sum256([]byte(l.Value))
|
||||
candidate.ID = fmt.Sprintf("%s%x", spdxlicense.LicenseRefPrefix, hash)
|
||||
candidate.Value = l.Value
|
||||
case l.Value != "":
|
||||
hash := sha256.Sum256([]byte(l.Value))
|
||||
candidate.ID = fmt.Sprintf("%s%x", spdxlicense.LicenseRefPrefix, hash)
|
||||
validSpdxRef := validSPDXValue.ReplaceAllString(l.Value, "-")
|
||||
candidate.Value = fmt.Sprintf("%s%s", spdxlicense.LicenseRefPrefix, validSpdxRef)
|
||||
default:
|
||||
hash := sha256.Sum256([]byte(l.FullText))
|
||||
candidate.ID = fmt.Sprintf("%s%x", spdxlicense.LicenseRefPrefix, hash)
|
||||
candidate.FullText = l.FullText
|
||||
}
|
||||
|
||||
// extract if concluded or declared
|
||||
switch l.Type {
|
||||
case license.Concluded:
|
||||
concluded = append(concluded, candidate)
|
||||
|
|
|
@ -77,7 +77,7 @@ func Test_License(t *testing.T) {
|
|||
expected: expected{
|
||||
concluded: "NOASSERTION",
|
||||
// because we separate licenses between valid SPDX and non valid, valid ID always end at the front
|
||||
declared: "MIT AND LicenseRef-one-thing-first AND LicenseRef-two-things----second",
|
||||
declared: "MIT AND LicenseRef-one-thing-first AND LicenseRef-two-things-second",
|
||||
},
|
||||
},
|
||||
{
|
||||
|
@ -121,6 +121,11 @@ func Test_joinLicenses(t *testing.T) {
|
|||
args: []string{"MIT AND Apache", "GPL-3.0-only"},
|
||||
want: "(MIT AND Apache) AND GPL-3.0-only",
|
||||
},
|
||||
{
|
||||
name: "multiple licenses with license references?",
|
||||
args: []string{"MIT AND Apache", "GPL-3.0-only"},
|
||||
want: "(MIT AND Apache) AND GPL-3.0-only",
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
|
|
|
@ -81,6 +81,7 @@ func NewLicenseFromType(value string, t license.Type) License {
|
|||
// in this case we annotate this as the full text to not lose value and do not extract the complex case
|
||||
if strings.Contains(value, "\n") {
|
||||
return License{
|
||||
Type: t,
|
||||
FullText: value,
|
||||
}
|
||||
}
|
||||
|
@ -98,6 +99,7 @@ func NewLicenseFromType(value string, t license.Type) License {
|
|||
}
|
||||
|
||||
return License{
|
||||
Value: value,
|
||||
SPDXExpression: spdxExpression,
|
||||
Type: t,
|
||||
Locations: file.NewLocationSet(),
|
||||
|
|
Loading…
Reference in a new issue