* [PATCH 1/3] create-spdx: Remove ";name=..." for downloadLocation @ 2022-10-19 10:57 Keiya Nobuta 2022-10-19 10:57 ` [PATCH 2/3] create-spdx: Fix "licenseDeclared" shows weird value Keiya Nobuta 2022-10-19 10:57 ` [PATCH 3/3] gnutls: Unified pakcage names to lower-case Keiya Nobuta 0 siblings, 2 replies; 8+ messages in thread From: Keiya Nobuta @ 2022-10-19 10:57 UTC (permalink / raw) To: openembedded-core Signed-off-by: Keiya Nobuta <nobuta.keiya@fujitsu.com> --- meta/classes/create-spdx.bbclass | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass index 47dd12c383..c190ad3889 100644 --- a/meta/classes/create-spdx.bbclass +++ b/meta/classes/create-spdx.bbclass @@ -459,6 +459,7 @@ python do_create_spdx() { for s in d.getVar('SRC_URI').split(): if not s.startswith("file://"): + s = s.split(';')[0] recipe.downloadLocation = s break else: -- 2.25.1 ^ permalink raw reply related [flat|nested] 8+ messages in thread
* [PATCH 2/3] create-spdx: Fix "licenseDeclared" shows weird value 2022-10-19 10:57 [PATCH 1/3] create-spdx: Remove ";name=..." for downloadLocation Keiya Nobuta @ 2022-10-19 10:57 ` Keiya Nobuta 2022-10-19 21:17 ` [OE-core] " Joshua Watt 2022-10-19 10:57 ` [PATCH 3/3] gnutls: Unified pakcage names to lower-case Keiya Nobuta 1 sibling, 1 reply; 8+ messages in thread From: Keiya Nobuta @ 2022-10-19 10:57 UTC (permalink / raw) To: openembedded-core Fixed an issue that "licenseDeclared" shows weird value, for example `busybox.spdx.json` shows like: "GPL-2.0-only AND DocumentRef-recipe-busybox:LicenseRef-bzip2-1.0.4" ^^^^^^^^^^^^^^^^^^^^^^^^^^^ unwanted value Signed-off-by: Keiya Nobuta <nobuta.keiya@fujitsu.com> --- meta/classes/create-spdx.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass index c190ad3889..1661c7d2f0 100644 --- a/meta/classes/create-spdx.bbclass +++ b/meta/classes/create-spdx.bbclass @@ -534,7 +534,7 @@ python do_create_spdx() { recipe_ref.checksum.checksumValue = doc_sha1 sources = collect_dep_sources(d, dep_recipes) - found_licenses = {license.name:recipe_ref.externalDocumentId + ":" + license.licenseId for license in doc.hasExtractedLicensingInfos} + found_licenses = {license.name: license.licenseId for license in doc.hasExtractedLicensingInfos} if not recipe_spdx_is_native(d, recipe): bb.build.exec_func("read_subpackage_metadata", d) -- 2.25.1 ^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [OE-core] [PATCH 2/3] create-spdx: Fix "licenseDeclared" shows weird value 2022-10-19 10:57 ` [PATCH 2/3] create-spdx: Fix "licenseDeclared" shows weird value Keiya Nobuta @ 2022-10-19 21:17 ` Joshua Watt 2022-10-20 2:23 ` Keiya Nobuta 2022-10-20 17:36 ` [OE-core] " Alberto Pianon 0 siblings, 2 replies; 8+ messages in thread From: Joshua Watt @ 2022-10-19 21:17 UTC (permalink / raw) To: Keiya Nobuta; +Cc: openembedded-core On Wed, Oct 19, 2022 at 6:08 AM Keiya Nobuta <nobuta.keiya@fujitsu.com> wrote: > > Fixed an issue that "licenseDeclared" shows weird value, for example > `busybox.spdx.json` shows like: > > "GPL-2.0-only AND DocumentRef-recipe-busybox:LicenseRef-bzip2-1.0.4" > ^^^^^^^^^^^^^^^^^^^^^^^^^^^ > unwanted value I don't believe this is unwanted: the license text lives in another document (ecipe-busybox.spdx.json) so we need to indicate that here > > Signed-off-by: Keiya Nobuta <nobuta.keiya@fujitsu.com> > --- > meta/classes/create-spdx.bbclass | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass > index c190ad3889..1661c7d2f0 100644 > --- a/meta/classes/create-spdx.bbclass > +++ b/meta/classes/create-spdx.bbclass > @@ -534,7 +534,7 @@ python do_create_spdx() { > recipe_ref.checksum.checksumValue = doc_sha1 > > sources = collect_dep_sources(d, dep_recipes) > - found_licenses = {license.name:recipe_ref.externalDocumentId + ":" + license.licenseId for license in doc.hasExtractedLicensingInfos} > + found_licenses = {license.name: license.licenseId for license in doc.hasExtractedLicensingInfos} > > if not recipe_spdx_is_native(d, recipe): > bb.build.exec_func("read_subpackage_metadata", d) > -- > 2.25.1 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#171967): https://lists.openembedded.org/g/openembedded-core/message/171967 > Mute This Topic: https://lists.openembedded.org/mt/94428131/3616693 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [JPEWhacker@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH 2/3] create-spdx: Fix "licenseDeclared" shows weird value 2022-10-19 21:17 ` [OE-core] " Joshua Watt @ 2022-10-20 2:23 ` Keiya Nobuta 2022-10-20 17:36 ` [OE-core] " Alberto Pianon 1 sibling, 0 replies; 8+ messages in thread From: Keiya Nobuta @ 2022-10-20 2:23 UTC (permalink / raw) To: openembedded-core [-- Attachment #1: Type: text/plain, Size: 2122 bytes --] On Thu, Oct 20, 2022 at 06:17 AM, Joshua Watt wrote: > > On Wed, Oct 19, 2022 at 6:08 AM Keiya Nobuta <nobuta.keiya@fujitsu.com> > wrote: > >> Fixed an issue that "licenseDeclared" shows weird value, for example >> `busybox.spdx.json` shows like: >> >> "GPL-2.0-only AND DocumentRef-recipe-busybox:LicenseRef-bzip2-1.0.4" >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> unwanted value > > I don't believe this is unwanted: the license text lives in another > document (ecipe-busybox.spdx.json) so we need to indicate that here Thanks for your comment. I was misunderstanding, so I'm withdrawing this patch. The reason I got it wrong was because the SPDX validation tool[1] gave me the following message: ``` The following warning(s) were raised: [Invalid package declared license:Incompatible type for property member: class org.spdx.library.model.license.AnyLicenseInfo] ``` But this is probably due to a flaw in the validation tool. So I checked the SPDX specification[2], and understood that it complies with the user defined license reference. [1] https://tools.spdx.org/app/validate/ [2] https://spdx.github.io/spdx-spec/SPDX-license-expressions/ > > >> Signed-off-by: Keiya Nobuta <nobuta.keiya@fujitsu.com> >> --- >> meta/classes/create-spdx.bbclass | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/meta/classes/create-spdx.bbclass >> b/meta/classes/create-spdx.bbclass >> index c190ad3889..1661c7d2f0 100644 >> --- a/meta/classes/create-spdx.bbclass >> +++ b/meta/classes/create-spdx.bbclass >> @@ -534,7 +534,7 @@ python do_create_spdx() { >> recipe_ref.checksum.checksumValue = doc_sha1 >> >> sources = collect_dep_sources(d, dep_recipes) >> - found_licenses = {license.name:recipe_ref.externalDocumentId + ":" + >> license.licenseId for license in doc.hasExtractedLicensingInfos} >> + found_licenses = {license.name: license.licenseId for license in >> doc.hasExtractedLicensingInfos} >> >> if not recipe_spdx_is_native(d, recipe): >> bb.build.exec_func("read_subpackage_metadata", d) >> -- >> 2.25.1 >> >> >> > > [-- Attachment #2: Type: text/html, Size: 2497 bytes --] ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [OE-core] [PATCH 2/3] create-spdx: Fix "licenseDeclared" shows weird value 2022-10-19 21:17 ` [OE-core] " Joshua Watt 2022-10-20 2:23 ` Keiya Nobuta @ 2022-10-20 17:36 ` Alberto Pianon 1 sibling, 0 replies; 8+ messages in thread From: Alberto Pianon @ 2022-10-20 17:36 UTC (permalink / raw) To: Joshua Watt; +Cc: Keiya Nobuta, openembedded-core Il 2022-10-19 23:17 Joshua Watt ha scritto: > On Wed, Oct 19, 2022 at 6:08 AM Keiya Nobuta <nobuta.keiya@fujitsu.com> > wrote: >> >> Fixed an issue that "licenseDeclared" shows weird value, for example >> `busybox.spdx.json` shows like: >> >> "GPL-2.0-only AND DocumentRef-recipe-busybox:LicenseRef-bzip2-1.0.4" >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> unwanted value > > I don't believe this is unwanted: the license text lives in another > document (ecipe-busybox.spdx.json) so we need to indicate that here > That is correct, according to the specs: https://spdx.github.io/spdx-spec/SPDX-license-expressions/#d3-simple-license-expressions Cheers, Alberto ^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH 3/3] gnutls: Unified pakcage names to lower-case 2022-10-19 10:57 [PATCH 1/3] create-spdx: Remove ";name=..." for downloadLocation Keiya Nobuta 2022-10-19 10:57 ` [PATCH 2/3] create-spdx: Fix "licenseDeclared" shows weird value Keiya Nobuta @ 2022-10-19 10:57 ` Keiya Nobuta 2022-10-19 14:57 ` [OE-core] " Khem Raj 2022-10-19 15:30 ` Ross Burton 1 sibling, 2 replies; 8+ messages in thread From: Keiya Nobuta @ 2022-10-19 10:57 UTC (permalink / raw) To: openembedded-core create-spdx can't detect the license properly if the case doesn't match, so fix it. Signed-off-by: Keiya Nobuta <nobuta.keiya@fujitsu.com> --- meta/recipes-support/gnutls/gnutls_3.7.7.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-support/gnutls/gnutls_3.7.7.bb b/meta/recipes-support/gnutls/gnutls_3.7.7.bb index 01fd4dba3d..c7d782e4eb 100644 --- a/meta/recipes-support/gnutls/gnutls_3.7.7.bb +++ b/meta/recipes-support/gnutls/gnutls_3.7.7.bb @@ -8,7 +8,7 @@ LICENSE = "GPL-3.0-or-later & LGPL-2.1-or-later" LICENSE:${PN} = "LGPL-2.1-or-later" LICENSE:${PN}-xx = "LGPL-2.1-or-later" LICENSE:${PN}-bin = "GPL-3.0-or-later" -LICENSE:${PN}-OpenSSL = "GPL-3.0-or-later" +LICENSE:${PN}-openssl = "GPL-3.0-or-later" LIC_FILES_CHKSUM = "file://LICENSE;md5=71391c8e0c1cfe68077e7fce3b586283 \ file://doc/COPYING;md5=c678957b0c8e964aa6c70fd77641a71e \ -- 2.25.1 ^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [OE-core] [PATCH 3/3] gnutls: Unified pakcage names to lower-case 2022-10-19 10:57 ` [PATCH 3/3] gnutls: Unified pakcage names to lower-case Keiya Nobuta @ 2022-10-19 14:57 ` Khem Raj 2022-10-19 15:30 ` Ross Burton 1 sibling, 0 replies; 8+ messages in thread From: Khem Raj @ 2022-10-19 14:57 UTC (permalink / raw) To: Keiya Nobuta; +Cc: openembedded-core On Wed, Oct 19, 2022 at 4:08 AM Keiya Nobuta <nobuta.keiya@fujitsu.com> wrote: > > create-spdx can't detect the license properly if the case doesn't > match, so fix it. I wonder if this could be some sort of QA warning that can flags such issues, I do see this might be a common error to make. > > Signed-off-by: Keiya Nobuta <nobuta.keiya@fujitsu.com> > --- > meta/recipes-support/gnutls/gnutls_3.7.7.bb | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/recipes-support/gnutls/gnutls_3.7.7.bb b/meta/recipes-support/gnutls/gnutls_3.7.7.bb > index 01fd4dba3d..c7d782e4eb 100644 > --- a/meta/recipes-support/gnutls/gnutls_3.7.7.bb > +++ b/meta/recipes-support/gnutls/gnutls_3.7.7.bb > @@ -8,7 +8,7 @@ LICENSE = "GPL-3.0-or-later & LGPL-2.1-or-later" > LICENSE:${PN} = "LGPL-2.1-or-later" > LICENSE:${PN}-xx = "LGPL-2.1-or-later" > LICENSE:${PN}-bin = "GPL-3.0-or-later" > -LICENSE:${PN}-OpenSSL = "GPL-3.0-or-later" > +LICENSE:${PN}-openssl = "GPL-3.0-or-later" > > LIC_FILES_CHKSUM = "file://LICENSE;md5=71391c8e0c1cfe68077e7fce3b586283 \ > file://doc/COPYING;md5=c678957b0c8e964aa6c70fd77641a71e \ > -- > 2.25.1 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#171966): https://lists.openembedded.org/g/openembedded-core/message/171966 > Mute This Topic: https://lists.openembedded.org/mt/94428130/1997914 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [raj.khem@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [OE-core] [PATCH 3/3] gnutls: Unified pakcage names to lower-case 2022-10-19 10:57 ` [PATCH 3/3] gnutls: Unified pakcage names to lower-case Keiya Nobuta 2022-10-19 14:57 ` [OE-core] " Khem Raj @ 2022-10-19 15:30 ` Ross Burton 1 sibling, 0 replies; 8+ messages in thread From: Ross Burton @ 2022-10-19 15:30 UTC (permalink / raw) To: nobuta.keiya@fujitsu.com; +Cc: openembedded-core@lists.openembedded.org On 19 Oct 2022, at 11:57, Keiya Nobuta via lists.openembedded.org <nobuta.keiya=fujitsu.com@lists.openembedded.org> wrote: > > create-spdx can't detect the license properly if the case doesn't > match, so fix it. This isn’t spdx-specific: nothing would have seen that package-specific license. Well spotted! Ross ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2022-10-20 17:36 UTC | newest] Thread overview: 8+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2022-10-19 10:57 [PATCH 1/3] create-spdx: Remove ";name=..." for downloadLocation Keiya Nobuta 2022-10-19 10:57 ` [PATCH 2/3] create-spdx: Fix "licenseDeclared" shows weird value Keiya Nobuta 2022-10-19 21:17 ` [OE-core] " Joshua Watt 2022-10-20 2:23 ` Keiya Nobuta 2022-10-20 17:36 ` [OE-core] " Alberto Pianon 2022-10-19 10:57 ` [PATCH 3/3] gnutls: Unified pakcage names to lower-case Keiya Nobuta 2022-10-19 14:57 ` [OE-core] " Khem Raj 2022-10-19 15:30 ` Ross Burton
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox