Module: SPDX Private

Defined in:
utils/spdx.rb

Overview

This module is part of a private API. This module may only be used in the Homebrew/brew repository. Third parties should avoid using this module if possible, as it may be removed or changed without warning.

Helper module for updating SPDX license data.

Constant Summary collapse

DATA_PATH =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

(HOMEBREW_DATA_PATH/"spdx").freeze
API_URL =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

"https://api.github.com/repos/spdx/license-list-data/releases/latest"
ALLOWED_LICENSE_SYMBOLS =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

[
  :public_domain,
  :cannot_represent,
].freeze

Class Method Summary collapse

Class Method Details

.deprecated_license?(license) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean)


74
75
76
77
78
79
80
81
82
# File 'utils/spdx.rb', line 74

def deprecated_license?(license)
  return false if ALLOWED_LICENSE_SYMBOLS.include? license
  return false unless valid_license?(license)

  license = license.delete_suffix "+"
  license_data["licenses"].none? do |spdx_license|
    spdx_license["licenseId"] == license && !spdx_license["isDeprecatedLicenseId"]
  end
end

.download_latest_license_data!(to: DATA_PATH) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



32
33
34
35
36
# File 'utils/spdx.rb', line 32

def download_latest_license_data!(to: DATA_PATH)
  data_url = "https://raw.githubusercontent.com/spdx/license-list-data/#{latest_tag}/json/"
  Utils::Curl.curl_download("#{data_url}licenses.json", to: to/"spdx_licenses.json")
  Utils::Curl.curl_download("#{data_url}exceptions.json", to: to/"spdx_exceptions.json")
end

.exception_dataObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



24
25
26
# File 'utils/spdx.rb', line 24

def exception_data
  @exception_data ||= JSON.parse (DATA_PATH/"spdx_exceptions.json").read
end

.forbidden_licenses_include?(license, forbidden_licenses) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean)


194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
# File 'utils/spdx.rb', line 194

def forbidden_licenses_include?(license, forbidden_licenses)
  return true if forbidden_licenses.key? license

  name, version, = license_version_info license

  forbidden_licenses.each_value do |license_info|
    forbidden_name, forbidden_version, forbidden_or_later = *license_info
    next if forbidden_name != name

    return true if forbidden_or_later && forbidden_version <= version

    return true if forbidden_version == version
  end
  false
end

.latest_tagObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



28
29
30
# File 'utils/spdx.rb', line 28

def latest_tag
  @latest_tag ||= GitHub::API.open_rest(API_URL)["tag_name"]
end

.license_dataObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



20
21
22
# File 'utils/spdx.rb', line 20

def license_data
  @license_data ||= JSON.parse (DATA_PATH/"spdx_licenses.json").read
end

.license_expression_to_string(license_expression, bracket: false, hash_type: nil) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# File 'utils/spdx.rb', line 90

def license_expression_to_string(license_expression, bracket: false, hash_type: nil)
  case license_expression
  when String
    license_expression
  when Symbol
    license_expression.to_s.tr("_", " ").gsub(/\b(?<!\w['’`()])[a-z]/, &:capitalize)
  when Hash
    expressions = []

    if license_expression.keys.length == 1
      hash_type = license_expression.keys.first
      if hash_type.is_a? String
        expressions.push "#{hash_type} with #{license_expression[hash_type][:with]}"
      else
        expressions += license_expression[hash_type].map do |license|
          license_expression_to_string license, bracket: true, hash_type: hash_type
        end
      end
    else
      bracket = false
      license_expression.each do |expression|
        expressions.push license_expression_to_string([expression].to_h, bracket: true)
      end
    end

    operator = if hash_type == :any_of
      " or "
    else
      " and "
    end

    if bracket
      "(#{expressions.join operator})"
    else
      expressions.join operator
    end
  end
end

.license_version_info(license) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



163
164
165
166
167
168
169
170
171
172
173
174
175
# File 'utils/spdx.rb', line 163

def license_version_info(license)
  return [license] if ALLOWED_LICENSE_SYMBOLS.include? license

  match = license.match(/-(?<version>[0-9.]+)(?:-.*?)??(?<or_later>\+|-only|-or-later)?$/)
  return [license] if match.blank?

  license_name = license.split(match[0]).first
  or_later = match["or_later"].present? && %w[+ -or-later].include?(match["or_later"])

  # [name, version, later versions allowed?]
  # e.g. GPL-2.0-or-later --> ["GPL", "2.0", true]
  [license_name, match["version"], or_later]
end

.licenses_forbid_installation?(license_expression, forbidden_licenses) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean)


177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
# File 'utils/spdx.rb', line 177

def licenses_forbid_installation?(license_expression, forbidden_licenses)
  case license_expression
  when String, Symbol
    forbidden_licenses_include? license_expression.to_s, forbidden_licenses
  when Hash
    key = license_expression.keys.first
    case key
    when :any_of
      license_expression[key].all? { |license| licenses_forbid_installation? license, forbidden_licenses }
    when :all_of
      license_expression[key].any? { |license| licenses_forbid_installation? license, forbidden_licenses }
    else
      forbidden_licenses_include? key, forbidden_licenses
    end
  end
end

.parse_license_expression(license_expression) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# File 'utils/spdx.rb', line 38

def parse_license_expression(license_expression)
  licenses = T.let([], T::Array[T.any(String, Symbol)])
  exceptions = T.let([], T::Array[String])

  case license_expression
  when String, Symbol
    licenses.push license_expression
  when Hash, Array
    if license_expression.is_a? Hash
      license_expression = license_expression.filter_map do |key, value|
        if key.is_a? String
          licenses.push key
          exceptions.push value[:with]
          next
        end
        value
      end
    end

    license_expression.each do |license|
      sub_license, sub_exception = parse_license_expression license
      licenses += sub_license
      exceptions += sub_exception
    end
  end

  [licenses, exceptions]
end

.string_to_license_expression(string) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
# File 'utils/spdx.rb', line 129

def string_to_license_expression(string)
  return if string.blank?

  result = string
  result_type = nil

  and_parts = string.split(/ and (?![^(]*\))/)
  if and_parts.length > 1
    result = and_parts
    result_type = :all_of
  else
    or_parts = string.split(/ or (?![^(]*\))/)
    if or_parts.length > 1
      result = or_parts
      result_type = :any_of
    end
  end

  if result_type
    result.map! do |part|
      part = part[1..-2] if part[0] == "(" && part[-1] == ")"
      string_to_license_expression(part)
    end
    { result_type => result }
  else
    with_parts = string.split(" with ", 2)
    if with_parts.length > 1
      { with_parts.first => { with: with_parts.second } }
    else
      result
    end
  end
end

.valid_license?(license) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean)


67
68
69
70
71
72
# File 'utils/spdx.rb', line 67

def valid_license?(license)
  return ALLOWED_LICENSE_SYMBOLS.include? license if license.is_a? Symbol

  license = license.delete_suffix "+"
  license_data["licenses"].any? { |spdx_license| spdx_license["licenseId"] == license }
end

.valid_license_exception?(exception) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean)


84
85
86
87
88
# File 'utils/spdx.rb', line 84

def valid_license_exception?(exception)
  exception_data["exceptions"].any? do |spdx_exception|
    spdx_exception["licenseExceptionId"] == exception && !spdx_exception["isDeprecatedLicenseId"]
  end
end