Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add an SPDX file to the repository to streamline license and security reviews by user organizations #42102

Merged
merged 44 commits into from
Dec 21, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
44 commits
Select commit Hold shift + click to select a range
4ed2221
Add an SPDX file to the repository. Incomplete at this point, only li…
SamuraiAku Sep 3, 2021
1f2474f
Correction to patchelf License in SPDX doc
SamuraiAku Sep 10, 2021
58efbd0
Merge remote-tracking branch 'origin/master' into add_SPDX
SamuraiAku Sep 15, 2021
f776fa8
Merge remote-tracking branch 'origin/master' into add_SPDX
SamuraiAku Sep 15, 2021
4b6b2a4
Add Statistics stdlib to SPDX file
SamuraiAku Sep 15, 2021
47c2f77
Add LibCURL.jl stdlib to the SPDX file
SamuraiAku Sep 15, 2021
c33e315
Minor update to names of a few stdlib packages
SamuraiAku Sep 15, 2021
6a70bdd
Add Downloads stlib to SPDX
SamuraiAku Sep 16, 2021
1bb78cb
Add ArgTools stdlib to SPDX document
SamuraiAku Sep 17, 2021
3a7844d
Add stdlib Tar to the SPDX file
SamuraiAku Sep 17, 2021
db11989
Added stdlib NetworkOptions to the SPDX document
SamuraiAku Sep 17, 2021
e19d580
Add SuiteSparse.jl to SPDX file
SamuraiAku Sep 20, 2021
06a8325
Add SHA.jl to the SPDX document
SamuraiAku Sep 20, 2021
608e1cd
Add libunwind to the SPDX doc
SamuraiAku Sep 21, 2021
39d2ff1
Add LLVM to SPDX file. In the course of adding this item, discovered …
SamuraiAku Sep 25, 2021
a6cc2d3
Add utf8proc to the SPDX document
SamuraiAku Sep 25, 2021
858bda1
Add dSFMT to the SPDX file
SamuraiAku Oct 1, 2021
d6b1586
Add openlibm to the SPDX file
SamuraiAku Oct 1, 2021
40a9c6e
Add GMP to SPDX document
SamuraiAku Oct 1, 2021
9909120
Add libgit2 to the SPDX document
SamuraiAku Oct 4, 2021
8f08c1c
Merge remote-tracking branch 'origin/master' into add_SPDX
SamuraiAku Oct 6, 2021
f064cfd
Add curl to SPDX file
SamuraiAku Oct 6, 2021
cd36d62
Updates to LLVM in SPDX. Julia has forked LLVM and maintains their ow…
SamuraiAku Oct 6, 2021
9cc709a
Change the libgit2 extracted license info to encompass GPLv2 AND the …
SamuraiAku Oct 10, 2021
b293e1d
Add libssh2 to SPDX document
SamuraiAku Oct 10, 2021
561acb7
Add mbedtls to SPDX document
SamuraiAku Oct 11, 2021
3e88b23
Add mpfr to SPDX document
SamuraiAku Oct 15, 2021
56fb0ea
Add LAPACK to the SPDX document
SamuraiAku Oct 15, 2021
cd3664b
Add PCRE to the SPDX document
SamuraiAku Oct 19, 2021
7aaa9b0
Add SuiteSparse library to SPDX Document
SamuraiAku Oct 25, 2021
f10fbf8
Merge remote-tracking branch 'origin/master' into add_SPDX
SamuraiAku Oct 25, 2021
1c14924
In SPDX, break LibSuiteSparse into the individual modules used by Jul…
SamuraiAku Oct 29, 2021
a333607
Add SPQR module of LibSuiteSparse to SPDX Document
SamuraiAku Oct 29, 2021
4738c35
Add UMFPACK module of SuiteSparse to the SPDX document. Add copyright…
SamuraiAku Oct 31, 2021
ea9fd96
Add BlasTrampoline to the SPDX document
SamuraiAku Oct 31, 2021
644333e
Taking back the idea of listing all the SuiteSparse modules individua…
SamuraiAku Nov 11, 2021
14664b0
Add NGHTTP2 to the SPDX document
SamuraiAku Nov 11, 2021
6ebd574
Merge remote-tracking branch 'origin/master' into add_SPDX
SamuraiAku Nov 13, 2021
48e7898
Add objconv to the SPDX file
SamuraiAku Nov 25, 2021
c5556db
Add libwhich to the SPDX doc
SamuraiAku Nov 26, 2021
e07cd46
Add 7zip to SPDX doc, plus cleanup in a few spots
SamuraiAku Nov 26, 2021
dab807d
A few corrections to the SPDX doc
SamuraiAku Nov 28, 2021
0e06a72
Fix zlib relationship in SPDX doc
SamuraiAku Dec 6, 2021
7d7ec12
New script contrib/updateSPDX.jl . Ran the script to update the SPDX…
SamuraiAku Dec 21, 2021
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion THIRDPARTY.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ own licenses:

- [LIBUNWIND](https://github.com/libunwind/libunwind/blob/master/LICENSE) [MIT]
- [LIBUV](https://github.com/JuliaLang/libuv/blob/julia-uv2-1.39.0/LICENSE) [MIT]
- [LLVM](https://releases.llvm.org/6.0.0/LICENSE.TXT) [UIUC]
- [LLVM](https://releases.llvm.org/12.0.1/LICENSE.TXT) [APACHE 2.0 with LLVM Exception]
- [UTF8PROC](https://github.com/JuliaStrings/utf8proc) [MIT]

Julia's `stdlib` uses the following external libraries, which have their own licenses:
Expand Down
31 changes: 31 additions & 0 deletions contrib/updateSPDX.jl
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
# SPDX-License-Identifier: MIT
# This file is a part of Julia. License is MIT: https://julialang.org/license
#
# Run this script with each new Julia release to update "../julia.spdx.json"

using UUIDs
using Dates
using JSON
using TimeZones
using DataStructures

spdxDocument= "../julia.spdx.json"
spdxData= JSON.parsefile(spdxDocument; dicttype=OrderedDict{String, Any})

# At the moment we can only update a few items automatically with each release.
# These are the crucial elements to make a new version of the SPDX file.
# Any other changes (ex. Adding or removing of external dependencies, updating copyright text, etc.) must be performed manually
spdxData["documentNamespace"]= "https://julialang.org/spdxdocs/julia-spdx-" * string(uuid4())
spdxData["creationInfo"]["created"]= Dates.format(now(tz"UTC"), "yyyy-mm-ddTHH:MM:SS") * "Z"

for pkg in spdxData["packages"]
if pkg["SPDXID"] == "SPDXRef-JuliaMain"
pkg["versionInfo"]= readline("../VERSION")
pkg["downloadLocation"]= "git+https://github.com/JuliaLang/julia.git@v" * pkg["versionInfo"]
break
end
end

open(spdxDocument, "w") do f
JSON.print(f, spdxData, 4)
end
Loading