Module: SPDX Private

Defined in:
utils/spdx.rb

Overview

This module is part of a private API. This module may only be used in the Homebrew/brew repository. Third parties should avoid using this module if possible, as it may be removed or changed without warning.

Helper module for updating SPDX license data.

Constant Summary collapse

DATA_PATH =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning. 

(HOMEBREW_DATA_PATH/"spdx").freeze
API_URL =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning. 

"https://api.github.com/repos/spdx/license-list-data/releases/latest"
ALLOWED_LICENSE_SYMBOLS =

This constant is part of a private API. This constant may only be used in the Homebrew/brew repository. Third parties should avoid using this constant if possible, as it may be removed or changed without warning. 

[
  :public_domain,
  :cannot_represent,
].freeze

Class Method Summary collapse

Class Method Details

.deprecated_license?(license) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean) 


72
73
74
75
76
77
78
79
80
 
# File 'utils/spdx.rb', line 72

def deprecated_license?(license)
  return false if ALLOWED_LICENSE_SYMBOLS.include? license
  return false unless valid_license?(license)

  license = license.delete_suffix "+"
  license_data["licenses"].none? do |spdx_license|
    spdx_license["licenseId"] == license && !spdx_license["isDeprecatedLicenseId"]
  end
end

.download_latest_license_data!(to: DATA_PATH) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning. 



30
31
32
33
34
 
# File 'utils/spdx.rb', line 30

def download_latest_license_data!(to: DATA_PATH)
  data_url = "https://raw.githubusercontent.com/spdx/license-list-data/#{latest_tag}/json/"
  Utils::Curl.curl_download("#{data_url}licenses.json", to: to/"spdx_licenses.json")
  Utils::Curl.curl_download("#{data_url}exceptions.json", to: to/"spdx_exceptions.json")
end

.exception_dataObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning. 



22
23
24
 
# File 'utils/spdx.rb', line 22

def exception_data
  @exception_data ||= JSON.parse (DATA_PATH/"spdx_exceptions.json").read
end

.forbidden_licenses_include?(license, forbidden_licenses) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean) 


192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
 
# File 'utils/spdx.rb', line 192

def forbidden_licenses_include?(license, forbidden_licenses)
  return true if forbidden_licenses.key? license

  name, version, = license_version_info license

  forbidden_licenses.each_value do |license_info|
    forbidden_name, forbidden_version, forbidden_or_later = *license_info
    next if forbidden_name != name

    return true if forbidden_or_later && forbidden_version <= version

    return true if forbidden_version == version
  end
  false
end

.latest_tagObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning. 



26
27
28
 
# File 'utils/spdx.rb', line 26

def latest_tag
  @latest_tag ||= GitHub::API.open_rest(API_URL)["tag_name"]
end

.license_dataObject

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning. 



18
19
20
 
# File 'utils/spdx.rb', line 18

def license_data
  @license_data ||= JSON.parse (DATA_PATH/"spdx_licenses.json").read
end

.license_expression_to_string(license_expression, bracket: false, hash_type: nil) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning. 



88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
 
# File 'utils/spdx.rb', line 88

def license_expression_to_string(license_expression, bracket: false, hash_type: nil)
  case license_expression
  when String
    license_expression
  when Symbol
    license_expression.to_s.tr("_", " ").gsub(/\b(?<!\w['’`()])[a-z]/, &:capitalize)
  when Hash
    expressions = []

    if license_expression.keys.length == 1
      hash_type = license_expression.keys.first
      if hash_type.is_a? String
        expressions.push "#{hash_type} with #{license_expression[hash_type][:with]}"
      else
        expressions += license_expression[hash_type].map do |license|
          license_expression_to_string license, bracket: true, hash_type:
        end
      end
    else
      bracket = false
      license_expression.each do |expression|
        expressions.push license_expression_to_string([expression].to_h, bracket: true)
      end
    end

    operator = if hash_type == :any_of
      " or "
    else
      " and "
    end

    if bracket
      "(#{expressions.join operator})"
    else
      expressions.join operator
    end
  end
end

.license_version_info(license) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning. 



161
162
163
164
165
166
167
168
169
170
171
172
173
 
# File 'utils/spdx.rb', line 161

def license_version_info(license)
  return [license] if ALLOWED_LICENSE_SYMBOLS.include? license

  match = license.match(/-(?<version>[0-9.]+)(?:-.*?)??(?<or_later>\+|-only|-or-later)?$/)
  return [license] if match.blank?

  license_name = license.split(match[0]).first
  or_later = match["or_later"].present? && %w[+ -or-later].include?(match["or_later"])

  # [name, version, later versions allowed?]
  # e.g. GPL-2.0-or-later --> ["GPL", "2.0", true]
  [license_name, match["version"], or_later]
end

.licenses_forbid_installation?(license_expression, forbidden_licenses) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean) 


175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
 
# File 'utils/spdx.rb', line 175

def licenses_forbid_installation?(license_expression, forbidden_licenses)
  case license_expression
  when String, Symbol
    forbidden_licenses_include? license_expression.to_s, forbidden_licenses
  when Hash
    key = license_expression.keys.first
    case key
    when :any_of
      license_expression[key].all? { |license| licenses_forbid_installation? license, forbidden_licenses }
    when :all_of
      license_expression[key].any? { |license| licenses_forbid_installation? license, forbidden_licenses }
    else
      forbidden_licenses_include? key, forbidden_licenses
    end
  end
end

.parse_license_expression(license_expression) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning. 



36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
 
# File 'utils/spdx.rb', line 36

def parse_license_expression(license_expression)
  licenses = T.let([], T::Array[T.any(String, Symbol)])
  exceptions = T.let([], T::Array[String])

  case license_expression
  when String, Symbol
    licenses.push license_expression
  when Hash, Array
    if license_expression.is_a? Hash
      license_expression = license_expression.filter_map do |key, value|
        if key.is_a? String
          licenses.push key
          exceptions.push value[:with]
          next
        end
        value
      end
    end

    license_expression.each do |license|
      sub_license, sub_exception = parse_license_expression license
      licenses += sub_license
      exceptions += sub_exception
    end
  end

  [licenses, exceptions]
end

.string_to_license_expression(string) ⇒ Object

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning. 



127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
 
# File 'utils/spdx.rb', line 127

def string_to_license_expression(string)
  return if string.blank?

  result = string
  result_type = nil

  and_parts = string.split(/ and (?![^(]*\))/)
  if and_parts.length > 1
    result = and_parts
    result_type = :all_of
  else
    or_parts = string.split(/ or (?![^(]*\))/)
    if or_parts.length > 1
      result = or_parts
      result_type = :any_of
    end
  end

  if result_type
    result.map! do |part|
      part = part[1..-2] if part[0] == "(" && part[-1] == ")"
      string_to_license_expression(part)
    end
    { result_type => result }
  else
    with_parts = string.split(" with ", 2)
    if with_parts.length > 1
      { with_parts.first => { with: with_parts.second } }
    else
      result
    end
  end
end

.valid_license?(license) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean) 


65
66
67
68
69
70
 
# File 'utils/spdx.rb', line 65

def valid_license?(license)
  return ALLOWED_LICENSE_SYMBOLS.include? license if license.is_a? Symbol

  license = license.delete_suffix "+"
  license_data["licenses"].any? { |spdx_license| spdx_license["licenseId"] == license }
end

.valid_license_exception?(exception) ⇒ Boolean

This method is part of a private API. This method may only be used in the Homebrew/brew repository. Third parties should avoid using this method if possible, as it may be removed or changed without warning.

Returns:

  • (Boolean) 


82
83
84
85
86
 
# File 'utils/spdx.rb', line 82

def valid_license_exception?(exception)
  exception_data["exceptions"].any? do |spdx_exception|
    spdx_exception["licenseExceptionId"] == exception && !spdx_exception["isDeprecatedLicenseId"]
  end
end