Module: SPDX Private

Defined in:

utils/spdx.rb

Overview

This module is part of a private API. This module may only be used in the Homebrew/brew repository. Third parties should avoid using this module if possible, as it may be removed or changed without warning.

Helper module for updating SPDX license data.

Constant Summary

DATA_PATH =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

T.let((HOMEBREW_DATA_PATH/"spdx").freeze, Pathname)

API_URL =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

"https://api.github.com/repos/spdx/license-list-data/releases/latest"

LICENSEREF_PREFIX =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

"LicenseRef-Homebrew-"

ALLOWED_LICENSE_SYMBOLS =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning.

[
  :public_domain,
  :cannot_represent,
].freeze

Class Method Summary

• .deprecated_license?(license) ⇒ Boolean private
• .download_latest_license_data!(to: DATA_PATH) ⇒ void private
• .exception_data ⇒ Hash{String => T.untyped} private
• .forbidden_licenses_include?(license, forbidden_licenses) ⇒ Boolean private
• .latest_tag ⇒ String private
• .license_data ⇒ Hash{String => T.untyped} private
• .license_expression_to_string(license_expression, bracket: false, hash_type: nil) ⇒ String^? private
• .license_version_info(license) ⇒ Array<([String, Symbol])>, Array<(String, [String, nil], Boolean)> private
• .licenses_forbid_installation?(license_expression, forbidden_licenses) ⇒ Boolean private
• .parse_license_expression(license_expression) ⇒ Array<(Array<String, Symbol>, Array<String>)> private
• .string_to_license_expression(string) ⇒ String, ... private
• .valid_license?(license) ⇒ Boolean private
• .valid_license_exception?(exception) ⇒ Boolean private

Class Method Details

.deprecated_license?(license) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Parameters:

• license (String, Symbol)

Returns:

• (Boolean)

# File 'utils/spdx.rb', line 94

def deprecated_license?(license)
  return false if ALLOWED_LICENSE_SYMBOLS.include? license
  return false unless valid_license?(license)

  license = license.to_s.delete_suffix "+"
  license_data["licenses"].none? do |spdx_license|
    spdx_license["licenseId"] == license && !spdx_license["isDeprecatedLicenseId"]
  end
end

.download_latest_license_data!(to: DATA_PATH) ⇒ void

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

This method returns an undefined value.

Parameters:

• to (Pathname) (defaults to: DATA_PATH)

# File 'utils/spdx.rb', line 36

def download_latest_license_data!(to: DATA_PATH)
  data_url = "https://raw.githubusercontent.com/spdx/license-list-data/#{latest_tag}/json/"
  Utils::Curl.curl_download("#{data_url}licenses.json", to: to/"spdx_licenses.json")
  Utils::Curl.curl_download("#{data_url}exceptions.json", to: to/"spdx_exceptions.json")
end

.exception_data ⇒ Hash{String => T.untyped}

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

• (Hash{String => T.untyped})

# File 'utils/spdx.rb', line 25

def exception_data
  @exception_data ||= T.let(JSON.parse((DATA_PATH/"spdx_exceptions.json").read),
                            T.nilable(T::Hash[String, T.untyped]))
end

.forbidden_licenses_include?(license, forbidden_licenses) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Parameters:

• license (Symbol, String)
• forbidden_licenses (Hash{Symbol, String => T.untyped})

Returns:

• (Boolean)

# File 'utils/spdx.rb', line 260

def forbidden_licenses_include?(license, forbidden_licenses)
  return true if forbidden_licenses.key? license

  name, version, = license_version_info license

  forbidden_licenses.each_value do |license_info|
    forbidden_name, forbidden_version, forbidden_or_later = *license_info
    next if forbidden_name != name

    return true if forbidden_or_later && forbidden_version <= version

    return true if forbidden_version == version
  end
  false
end

.latest_tag ⇒ String

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

• (String)

# File 'utils/spdx.rb', line 31

def latest_tag
  @latest_tag ||= T.let(GitHub::API.open_rest(API_URL)["tag_name"], T.nilable(String))
end

.license_data ⇒ Hash{String => T.untyped}

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

• (Hash{String => T.untyped})

# File 'utils/spdx.rb', line 20

def license_data
  @license_data ||= T.let(JSON.parse((DATA_PATH/"spdx_licenses.json").read), T.nilable(T::Hash[String, T.untyped]))
end

.license_expression_to_string(license_expression, bracket: false, hash_type: nil) ⇒ String^?

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Parameters:

• license_expression (String, Symbol, Hash{Symbol, String, nil => T.untyped})
• bracket (Boolean) (defaults to: false)
• hash_type (String, Symbol, nil) (defaults to: nil)

Returns:

• (String, nil)

# File 'utils/spdx.rb', line 118

def license_expression_to_string(license_expression, bracket: false, hash_type: nil)
  case license_expression
  when String
    license_expression
  when Symbol
    LICENSEREF_PREFIX + license_expression.to_s.tr("_", "-")
  when Hash
    expressions = []

    if license_expression.keys.length == 1
      hash_type = license_expression.keys.first
      if hash_type.is_a? String
        expressions.push "#{hash_type} WITH #{license_expression[hash_type][:with]}"
      else
        expressions += license_expression[hash_type].map do |license|
          license_expression_to_string license, bracket: true, hash_type:
        end
      end
    else
      bracket = false
      license_expression.each do |expression|
        expressions.push license_expression_to_string([expression].to_h, bracket: true)
      end
    end

    operator = if hash_type == :any_of
      " OR "
    else
      " AND "
    end

    if bracket
      "(#{expressions.join operator})"
    else
      expressions.join operator
    end
  end
end

.license_version_info(license) ⇒ Array<([String, Symbol])>, Array<(String, [String, nil], Boolean)>

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Parameters:

• license (String, Symbol)

Returns:

• (Array<([String, Symbol])>, Array<(String, [String, nil], Boolean)>)

# File 'utils/spdx.rb', line 217

def license_version_info(license)
  return [license] if ALLOWED_LICENSE_SYMBOLS.include? license

  match = license.match(/-(?<version>[0-9.]+)(?:-.*?)??(?<or_later>\+|-only|-or-later)?$/)
  return [license] if match.blank?

  license_name = license.to_s.split(match[0].to_s).first
  or_later = match["or_later"].present? && %w[+ -or-later].include?(match["or_later"])

  # [name, version, later versions allowed?]
  # e.g. GPL-2.0-or-later --> ["GPL", "2.0", true]
  [license_name, match["version"], or_later]
end

.licenses_forbid_installation?(license_expression, forbidden_licenses) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Parameters:

• license_expression (String, Symbol, Hash{Symbol => T.untyped})
• forbidden_licenses (Hash{Symbol => T.untyped})

Returns:

• (Boolean)

# File 'utils/spdx.rb', line 235

def licenses_forbid_installation?(license_expression, forbidden_licenses)
  case license_expression
  when String, Symbol
    forbidden_licenses_include? license_expression.to_s, forbidden_licenses
  when Hash
    key = license_expression.keys.first
    return false if key.nil?

    case key
    when :any_of
      license_expression[key].all? { |license| licenses_forbid_installation? license, forbidden_licenses }
    when :all_of
      license_expression[key].any? { |license| licenses_forbid_installation? license, forbidden_licenses }
    else
      forbidden_licenses_include? key, forbidden_licenses
    end
  end
end

.parse_license_expression(license_expression) ⇒ Array<(Array<String, Symbol>, Array<String>)>

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Parameters:

• license_expression (String, Symbol, Hash{Symbol, String => T.untyped}, Array<String>)

Returns:

• (Array<(Array<String, Symbol>, Array<String>)>)

# File 'utils/spdx.rb', line 56

def parse_license_expression(license_expression)
  licenses = T.let([], T::Array[T.any(String, Symbol)])
  exceptions = T.let([], T::Array[String])

  case license_expression
  when String, Symbol
    licenses.push license_expression
  when Hash, Array
    if license_expression.is_a? Hash
      license_expression = license_expression.filter_map do |key, value|
        if key.is_a? String
          licenses.push key
          exceptions.push value[:with]
          next
        end
        value
      end
    end

    license_expression.each do |license|
      sub_license, sub_exception = parse_license_expression license
      licenses += sub_license
      exceptions += sub_exception
    end
  end

  [licenses, exceptions]
end

.string_to_license_expression(string) ⇒ String, ...

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Parameters:

• string (String, nil)

Returns:

• (String, Symbol, Hash{String, Symbol => T.untyped}, nil)

# File 'utils/spdx.rb', line 170

def string_to_license_expression(string)
  return if string.blank?

  result = string
  result_type = nil

  and_parts = string.split(/ and (?![^(]*\))/i)
  if and_parts.length > 1
    result = and_parts
    result_type = :all_of
  else
    or_parts = string.split(/ or (?![^(]*\))/i)
    if or_parts.length > 1
      result = or_parts
      result_type = :any_of
    end
  end

  if result_type
    result.map! do |part|
      part = part[1..-2] if part[0] == "(" && part[-1] == ")"
      string_to_license_expression(part)
    end
    { result_type => result }
  else
    with_parts = string.split(/ with /i, 2)
    if with_parts.length > 1
      { with_parts.first => { with: with_parts.second } }
    else
      return result unless result.start_with?(LICENSEREF_PREFIX)

      license_sym = result.delete_prefix(LICENSEREF_PREFIX).downcase.tr("-", "_").to_sym
      ALLOWED_LICENSE_SYMBOLS.include?(license_sym) ? license_sym : result
    end
  end
end

.valid_license?(license) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Parameters:

• license (String, Symbol)

Returns:

• (Boolean)

# File 'utils/spdx.rb', line 86

def valid_license?(license)
  return ALLOWED_LICENSE_SYMBOLS.include? license if license.is_a? Symbol

  license = license.delete_suffix "+"
  license_data["licenses"].any? { |spdx_license| spdx_license["licenseId"] == license }
end

.valid_license_exception?(exception) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Parameters:

• exception (String)

Returns:

• (Boolean)

# File 'utils/spdx.rb', line 105

def valid_license_exception?(exception)
  exception_data["exceptions"].any? do |spdx_exception|
    spdx_exception["licenseExceptionId"] == exception && !spdx_exception["isDeprecatedLicenseId"]
  end
end