Module: SPDX Private

Extended by:
Utils::Curl
Includes:
Utils::Curl
Defined in:
utils/spdx.rb

Overview

This module is part of a private API. This module may only be used in the Homebrew/brew repository. Third parties should avoid using this module if possible, as it may be removed or changed without warning.

Helper module for updating SPDX license data.

Constant Summary collapse

DATA_PATH =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

(HOMEBREW_DATA_PATH/"spdx").freeze
API_URL =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

"https://api.github.com/repos/spdx/license-list-data/releases/latest"
ALLOWED_LICENSE_SYMBOLS =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

[
  :public_domain,
  :cannot_represent,
].freeze

Class Method Summary collapse

Methods included from Utils::Curl

curl, curl_args, curl_check_http_content, curl_download, curl_executable, curl_http_content_headers_and_checksum, curl_output, curl_with_workarounds, http_status_ok?, parse_headers, url_protected_by_cloudflare?, url_protected_by_incapsula?

Class Method Details

.deprecated_license?(license) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean)


77
78
79
80
81
82
83
84
85
# File 'utils/spdx.rb', line 77

def deprecated_license?(license)
  return false if ALLOWED_LICENSE_SYMBOLS.include? license
  return false unless valid_license?(license)

  license = license.delete_suffix "+"
  license_data["licenses"].none? do |spdx_license|
    spdx_license["licenseId"] == license && !spdx_license["isDeprecatedLicenseId"]
  end
end

.download_latest_license_data!(to: DATA_PATH) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



35
36
37
38
39
# File 'utils/spdx.rb', line 35

def download_latest_license_data!(to: DATA_PATH)
  data_url = "https://raw.githubusercontent.com/spdx/license-list-data/#{latest_tag}/json/"
  curl_download("#{data_url}licenses.json", to: to/"spdx_licenses.json", try_partial: false)
  curl_download("#{data_url}exceptions.json", to: to/"spdx_exceptions.json", try_partial: false)
end

.exception_dataObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



27
28
29
# File 'utils/spdx.rb', line 27

def exception_data
  @exception_data ||= JSON.parse (DATA_PATH/"spdx_exceptions.json").read
end

.forbidden_licenses_include?(license, forbidden_licenses) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean)


163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
# File 'utils/spdx.rb', line 163

def forbidden_licenses_include?(license, forbidden_licenses)
  return true if forbidden_licenses.key? license

  name, version, = license_version_info license

  forbidden_licenses.each do |_, license_info|
    forbidden_name, forbidden_version, forbidden_or_later = *license_info
    next unless forbidden_name == name

    return true if forbidden_or_later && forbidden_version <= version

    return true if forbidden_version == version
  end
  false
end

.latest_tagObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



31
32
33
# File 'utils/spdx.rb', line 31

def latest_tag
  @latest_tag ||= GitHub::API.open_rest(API_URL)["tag_name"]
end

.license_dataObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



23
24
25
# File 'utils/spdx.rb', line 23

def license_data
  @license_data ||= JSON.parse (DATA_PATH/"spdx_licenses.json").read
end

.license_expression_to_string(license_expression, bracket: false, hash_type: nil) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# File 'utils/spdx.rb', line 93

def license_expression_to_string(license_expression, bracket: false, hash_type: nil)
  case license_expression
  when String
    license_expression
  when Symbol
    license_expression.to_s.tr("_", " ").titleize
  when Hash
    expressions = []

    if license_expression.keys.length == 1
      hash_type = license_expression.keys.first
      if hash_type.is_a? String
        expressions.push "#{hash_type} with #{license_expression[hash_type][:with]}"
      else
        expressions += license_expression[hash_type].map do |license|
          license_expression_to_string license, bracket: true, hash_type: hash_type
        end
      end
    else
      bracket = false
      license_expression.each do |expression|
        expressions.push license_expression_to_string([expression].to_h, bracket: true)
      end
    end

    operator = if hash_type == :any_of
      " or "
    else
      " and "
    end

    if bracket
      "(#{expressions.join operator})"
    else
      expressions.join operator
    end
  end
end

.license_version_info(license) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



132
133
134
135
136
137
138
139
140
141
142
143
144
# File 'utils/spdx.rb', line 132

def license_version_info(license)
  return [license] if ALLOWED_LICENSE_SYMBOLS.include? license

  match = license.match(/-(?<version>[0-9.]+)(?:-.*?)??(?<or_later>\+|-only|-or-later)?$/)
  return [license] if match.blank?

  license_name = license.split(match[0]).first
  or_later = match["or_later"].present? && %w[+ -or-later].include?(match["or_later"])

  # [name, version, later versions allowed?]
  # e.g. GPL-2.0-or-later --> ["GPL", "2.0", true]
  [license_name, match["version"], or_later]
end

.licenses_forbid_installation?(license_expression, forbidden_licenses) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean)


146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
# File 'utils/spdx.rb', line 146

def licenses_forbid_installation?(license_expression, forbidden_licenses)
  case license_expression
  when String, Symbol
    forbidden_licenses_include? license_expression.to_s, forbidden_licenses
  when Hash
    key = license_expression.keys.first
    case key
    when :any_of
      license_expression[key].all? { |license| licenses_forbid_installation? license, forbidden_licenses }
    when :all_of
      license_expression[key].any? { |license| licenses_forbid_installation? license, forbidden_licenses }
    else
      forbidden_licenses_include? key, forbidden_licenses
    end
  end
end

.parse_license_expression(license_expression) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.



41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
# File 'utils/spdx.rb', line 41

def parse_license_expression(license_expression)
  licenses = T.let([], T::Array[T.any(String, Symbol)])
  exceptions = T.let([], T::Array[String])

  case license_expression
  when String, Symbol
    licenses.push license_expression
  when Hash, Array
    if license_expression.is_a? Hash
      license_expression = license_expression.map do |key, value|
        if key.is_a? String
          licenses.push key
          exceptions.push value[:with]
          next
        end
        value
      end.compact
    end

    license_expression.each do |license|
      sub_license, sub_exception = parse_license_expression license
      licenses += sub_license
      exceptions += sub_exception
    end
  end

  [licenses, exceptions]
end

.valid_license?(license) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean)


70
71
72
73
74
75
# File 'utils/spdx.rb', line 70

def valid_license?(license)
  return ALLOWED_LICENSE_SYMBOLS.include? license if license.is_a? Symbol

  license = license.delete_suffix "+"
  license_data["licenses"].any? { |spdx_license| spdx_license["licenseId"] == license }
end

.valid_license_exception?(exception) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean)


87
88
89
90
91
# File 'utils/spdx.rb', line 87

def valid_license_exception?(exception)
  exception_data["exceptions"].any? do |spdx_exception|
    spdx_exception["licenseExceptionId"] == exception && !spdx_exception["isDeprecatedLicenseId"]
  end
end