Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

🐛 Licenses: Get License SPDXId from GitLab API #3413

Merged
merged 4 commits into from
Aug 23, 2023

Conversation

raghavkaul
Copy link
Contributor

What kind of change does this PR introduce?

Updates the GitLab client so that we can get SPDXId from the GitLab API. A software license's SPDXId allows us to determine whether a GitLab repo's License is FSF/OSI-recognized, and get the last 1/10 points on the License check, which was previously impossible for GitLab repos.

Fixes #3333.

* Update repoclient
* Get SPDXId from `key` field in GitLab Projects API
* Update e2etest repos

Signed-off-by: Raghav Kaul <raghavkaul@google.com>
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
@raghavkaul raghavkaul temporarily deployed to gitlab August 22, 2023 20:00 — with GitHub Actions Inactive
@raghavkaul raghavkaul temporarily deployed to integration-test August 22, 2023 20:00 — with GitHub Actions Inactive
@codecov
Copy link

codecov bot commented Aug 22, 2023

Codecov Report

Merging #3413 (0ab39b2) into main (44bed38) will decrease coverage by 8.91%.
Report is 1 commits behind head on main.
The diff coverage is 0.00%.

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #3413      +/-   ##
==========================================
- Coverage   72.63%   63.73%   -8.91%     
==========================================
  Files         183      183              
  Lines       12930    12932       +2     
==========================================
- Hits         9392     8242    -1150     
- Misses       3019     4232    +1213     
+ Partials      519      458      -61     

clients/gitlabrepo/licenses.go Outdated Show resolved Hide resolved
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
@raghavkaul raghavkaul temporarily deployed to gitlab August 23, 2023 16:49 — with GitHub Actions Inactive
@raghavkaul raghavkaul temporarily deployed to integration-test August 23, 2023 16:49 — with GitHub Actions Inactive
@raghavkaul raghavkaul enabled auto-merge (squash) August 23, 2023 16:55
@raghavkaul raghavkaul temporarily deployed to gitlab August 23, 2023 16:55 — with GitHub Actions Inactive
@raghavkaul raghavkaul temporarily deployed to integration-test August 23, 2023 16:55 — with GitHub Actions Inactive
@raghavkaul raghavkaul merged commit 475d975 into ossf:main Aug 23, 2023
36 checks passed
ashearin pushed a commit to kgangerlm/scorecard-gitlab that referenced this pull request Nov 13, 2023
* Fix licenses check

* Update repoclient
* Get SPDXId from `key` field in GitLab Projects API
* Update e2etest repos

Signed-off-by: Raghav Kaul <raghavkaul@google.com>

* add test

Signed-off-by: Raghav Kaul <raghavkaul@google.com>

* stricter regex

Signed-off-by: Raghav Kaul <raghavkaul@google.com>

---------

Signed-off-by: Raghav Kaul <raghavkaul@google.com>
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

BUG: Apache 2.0 license not recognized
2 participants