Skip to content

Commit

Permalink
fix(scancode): Filter out non-originary findings that are just refere…
Browse files Browse the repository at this point in the history
…nces

License findings that are references to license findings in other files
are now ignored, because they already appear as findings for those other
files.

Fixes #8190.

Signed-off-by: Sebastian Schuberth <sebastian@doubleopen.org>
  • Loading branch information
sschuberth committed Apr 2, 2024
1 parent 7df19c3 commit 8a19a58
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 7 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -157,7 +157,8 @@ sealed interface LicenseEntry {
override val score: Float,
override val startLine: Int,
override val endLine: Int,
override val licenseExpression: String
override val licenseExpression: String,
val fromFile: String? = null // This might be missing in JSON.
) : LicenseEntry
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,7 @@ fun ScanCodeResult.toScanSummary(preferFileLicense: Boolean = false): ScanSummar
val issues = mutableListOf<Issue>()

val header = headers.single()
val inputName = header.options.input.first().substringAfterLast('/')

val outputFormatVersion = header.outputFormatVersion?.let { Semver(it) }
if (outputFormatVersion != null && outputFormatVersion.major > MAX_SUPPORTED_OUTPUT_FORMAT_MAJOR_VERSION) {
Expand All @@ -82,9 +83,16 @@ fun ScanCodeResult.toScanSummary(preferFileLicense: Boolean = false): ScanSummar
?: files.flatMap { it.scanCodeKeyToSpdxIdMappings }.toMap()

filesOfTypeFile.forEach { file ->
val licensesWithoutReferences = file.licenses.filter {
// Note that "fromFile" contains the name of the input directory, see
// https://github.com/nexB/scancode-toolkit/issues/3712.
it !is LicenseEntry.Version3 || it.fromFile == null || it.fromFile == "$inputName/${file.path}"
|| it.fromFile == inputName // Input is a single file.
}

// ScanCode creates separate license entries for each license in an expression. Deduplicate these by grouping by
// the same expression.
val licenses = file.licenses.groupBy {
val licenses = licensesWithoutReferences.groupBy {
LicenseMatch(it.licenseExpression, it.startLine, it.endLine, it.score)
}.map {
// Arbitrarily take the first of the duplicate license entries.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -175,11 +175,6 @@ class ScanCodeResultParserTest : FreeSpec({
location = TextLocation("COPYING", 59),
score = 100.0f
),
LicenseFinding(
license = "LGPL-2.1-only",
location = TextLocation("COPYING", 1, 502),
score = 100.0f
),
LicenseFinding(
license = "LGPL-2.1-only",
location = TextLocation("COPYING.LGPLv2.1", 1, 502),
Expand Down

0 comments on commit 8a19a58

Please sign in to comment.