Skip to content
This repository has been archived by the owner on Feb 14, 2025. It is now read-only.

Check licenses for compatibility and reject licenses not in whitelist #207

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 21 additions & 12 deletions .travis.yml
Original file line number Diff line number Diff line change
@@ -1,18 +1,27 @@
dist: bionic
language: python
env:
- REPO=lyft/confidant
sudo: required
services:
- docker
before_install:
- docker build -f Dockerfile -t $REPO:$TRAVIS_COMMIT .
- docker run -v $PWD/confidant/dist:/tmp/dist $REPO:$TRAVIS_COMMIT /bin/sh -c "cp -r /srv/confidant/confidant/dist/. /tmp/dist/."
language: generic
matrix:
include:
- env:
- 'REPO=lyft/confidant'
- 'TEST_SUITE=docker'
sudo: required
services:
- docker
before_install:
- docker build -f Dockerfile -t $REPO:$TRAVIS_COMMIT .
- docker run -v $PWD/confidant/dist:/tmp/dist $REPO:$TRAVIS_COMMIT /bin/sh -c "cp -r /srv/confidant/confidant/dist/. /tmp/dist/."
- env:
- 'TEST_SUITE=licenses_docker'
sudo: required
services:
- docker
before_install:
- docker pull licensefinder/license_finder
install:
- gem install travis --no-document
- echo "no install step"
script:
- travis lint .travis.yml --skip-completion-check
- docker run $REPO:$TRAVIS_COMMIT /bin/sh -c "make test"
- make test_${TEST_SUITE}
after_success:
- ./docker_push.sh
deploy:
16 changes: 16 additions & 0 deletions Makefile
Original file line number Diff line number Diff line change
@@ -3,9 +3,25 @@ SHELL := /bin/bash

test: test_lint test_unit

test_docker:
docker run ${REPO}:${TRAVIS_COMMIT} /bin/sh -c "make test"

test_lint:
mkdir -p build
set -o pipefail; flake8 | sed "s#^\./##" > build/flake8.txt || (cat build/flake8.txt && exit 1)

test_lint_docker:
docker run ${REPO}:${TRAVIS_COMMIT} /bin/sh -c "make test_lint"

test_unit:
nosetests --with-path=confidant tests/unit

test_unit_docker:
docker run ${REPO}:${TRAVIS_COMMIT} /bin/sh -c "make test_unit"

test_licenses:
apt-get install -y build-essential libffi-dev libxml2-dev libxmlsec1-dev python-dev
license_finder -p

test_licenses_docker:
docker run -v ${PWD}:/scan -it licensefinder/license_finder /bin/bash -lc "cd /scan && make test_licenses"
4 changes: 4 additions & 0 deletions config/license_finder.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
decisions_file: './config/license_finder_decisions.yml'
python_version: '3'
pip_requirements_path: './requirements3.txt'
235 changes: 235 additions & 0 deletions config/license_finder_decisions.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,235 @@
---
- - :whitelist
- MIT
- :who:
:why:
:versions: []
:when: 2019-11-19 01:55:51.429439100 Z
- - :whitelist
- ISC
- :who:
:why:
:versions: []
:when: 2019-11-19 02:00:10.960824500 Z
- - :whitelist
- BSD
- :who:
:why:
:versions: []
:when: 2019-11-19 02:00:48.608694400 Z
- - :whitelist
- Python Software Foundation License
- :who:
:why:
:versions: []
:when: 2019-11-19 02:01:14.298710000 Z
- - :whitelist
- Simplified BSD
- :who:
:why:
:versions: []
:when: 2019-11-19 02:01:28.972522900 Z
- - :whitelist
- Apache 2.0
- :who:
:why:
:versions: []
:when: 2019-11-19 02:01:42.801093000 Z
- - :whitelist
- CC0-1.0
- :who:
:why:
:versions: []
:when: 2019-11-19 02:01:57.707287400 Z
- - :whitelist
- MIT/X11
- :who:
:why:
:versions: []
:when: 2019-11-19 02:02:08.599410600 Z
- - :whitelist
- New BSD
- :who:
:why:
:versions: []
:when: 2019-11-19 02:02:20.566269000 Z
- - :whitelist
- Expat license
- :who:
:why:
:versions: []
:when: 2019-11-19 02:04:52.898901000 Z
- - :whitelist
- ASL
- :who:
:why:
:versions: []
:when: 2019-11-19 02:06:33.891629700 Z
- - :whitelist
- Mozilla Public License 2.0
- :who:
:why:
:versions: []
:when: 2019-11-19 02:06:56.556790400 Z
- - :whitelist
- LGPL
- :who:
:why:
:versions: []
:when: 2019-11-19 02:15:55.862389300 Z
- - :whitelist
- Apache License v2.0
- :who:
:why:
:versions: []
:when: 2019-11-19 02:16:05.679307500 Z
- - :whitelist
- Public Domain
- :who:
:why:
:versions: []
:when: 2019-11-19 02:16:14.403847400 Z
- - :whitelist
- GNU LGPL
- :who:
:why:
:versions: []
:when: 2019-11-19 02:16:20.654080000 Z
- - :approve
- active-x-obfuscator
- :who:
:why: Uses MIT
:versions: []
:when: 2019-11-19 02:17:44.734536300 Z
- - :approve
- amdefine
- :who:
:why: Dual licensed, with two approved licenses
:versions: []
:when: 2019-11-19 02:23:04.653198000 Z
- - :approve
- atob
- :who:
:why: Dual licensed, with two approved licenses
:versions: []
:when: 2019-11-19 02:23:13.345680600 Z
- - :approve
- aws-sign2
- :who:
:why: MIT licensed, see js file header
:versions: []
:when: 2019-11-19 02:23:21.677034600 Z
- - :approve
- base64id
- :who:
:why: MIT licensed
:versions: []
:when: 2019-11-19 02:23:30.465542700 Z
- - :approve
- buffers
- :who:
:why: MIT licensed
:versions: []
:when: 2019-11-19 02:23:39.743678500 Z
- - :approve
- cryptography
- :who:
:why: Dual licensed, with two approved licenses
:versions: []
:when: 2019-11-19 02:23:51.463313600 Z
- - :approve
- dateformat
- :who:
:why: MIT license
:versions: []
:when: 2019-11-19 02:24:34.761542300 Z
- - :approve
- docutils
- :who:
:why: used for doc generation, not as library, using PD part
:versions: []
:when: 2019-11-19 02:28:22.199427300 Z
- - :approve
- domhandler
- :who:
:why: BSD2 licensed
:versions: []
:when: 2019-11-19 02:28:53.758951800 Z
- - :approve
- domutils
- :who:
:why: BSD2 licensed
:versions: []
:when: 2019-11-19 02:29:08.209368400 Z
- - :approve
- entities
- :who:
:why: Modified BSD, checked and valid
:versions: []
:when: 2019-11-19 02:29:32.168686800 Z
- - :approve
- forever-agent
- :who:
:why: Apache2 licensed
:versions: []
:when: 2019-11-19 02:30:07.156268000 Z
- - :approve
- idna
- :who:
:why: Modified BSD, checked and valid
:versions: []
:when: 2019-11-19 02:30:21.115549400 Z
- - :approve
- ndg-httpsclient
- :who:
:why: BSD licensed
:versions: []
:when: 2019-11-19 02:30:38.728308800 Z
- - :approve
- oauth-sign
- :who:
:why: Apache2 licensed
:versions: []
:when: 2019-11-19 02:31:01.569389300 Z
- - :approve
- python-dateutil
- :who:
:why: BSD and Apache2 licensed
:versions: []
:when: 2019-11-19 02:31:30.792815000 Z
- - :approve
- rc
- :who:
:why: Multi-licensed under approved licenses
:versions: []
:when: 2019-11-19 02:32:08.459004400 Z
- - :approve
- shelljs
- :who:
:why: BSD licensed
:versions: []
:when: 2019-11-19 02:32:27.739563800 Z
- - :approve
- spdx-exceptions
- :who:
:why: Only data, so CC-BY-3.0 is OK
:versions: []
:when: 2019-11-19 02:32:47.869039500 Z
- - :approve
- tinycolor
- :who:
:why: MIT licensed
:versions: []
:when: 2019-11-19 02:33:15.853370100 Z
- - :approve
- tweetnacl
- :who:
:why: Effectively PD license, sigh
:versions: []
:when: 2019-11-19 02:33:52.145372300 Z
- - :approve
- uglify-js
- :who:
:why: BSD license in README
:versions: []
:when: 2019-11-19 02:34:38.062177700 Z