| Age | Commit message (Collapse) | Author |
|---|
|
spdxconv is a program to insert or convert existing licenses and copyrights
into SPDX formats.
This program works in tandem with [REUSE software](https://reuse.software).
Features:
- *REUSE Integration:* Detects annotations from `REUSE.toml`.
- *Customizable Defaults:* Set default license identifiers and copyright
holders.
- *Smart Comments:* Customizable patterns to set comment syntax based on
file names.
- *Regex Extraction:* Capture existing licenses, years, authors, and
contact info using regex.
- *Git Integration:* Automatically derives the copyright year from the
first commit in git history.
|
|
The Apply command does not require SCM, so no need to initialize it in
New.
|
|
Use case: on the first scan, the file result in group unknown.
User then modify the spdxconv.cfg to add or update the match-file-pattern.
The next scan should check again the files in unknown group, in case
its match with updated config.
|
|
The done group contain list of file that has been processed.
File from group regular and binary that has been modified or added with
SPDX format will be moved to here.
|
|
In the second or next scan, load the existing spdxconv.report and check
if the file is already scanned before.
If the file is in group regular or binary, skip the scan; otherwise
re-scan it again.
|
|
During scan, the program will read the REUSE.toml configuration.
File that is already annotated inside REUSE.toml will be ignored during
scan.
|
|
If the line that match with pattern on match-copyright does not contains
year, or there is no match, try to get the year from the first commit of
the file using "git log --follow ..." command.
If no commit history or its not using git, use default copyright year from
configuration.
|
|
This method has been replaced when we implement the new Apply function.
|
|
The first thing that the program do is to detect which comment string to
be used when inserting SPDX identifiers in the file.
For each pattern in the "match-file-comment" section, the program will
match it with file name to get the comment prefix and suffix to be used
later.
User can add their own "match-file-comment" section as they like or modify
the existing one.
The "match-file-comment" can have empty prefix and suffix.
That means, if the file name match, it will create new file with
".license" suffix that contains SPDX identifiers only, instead of
inserting to the file.
|
|
For symlink, we ignore for now.
COPYING, LICENSE, and LICENSES are common files part of SPDX/reuse
specifications.
While at it, fix checking if path is ignored by git by passing the
relative path instead of base name.
|
|
Using for-range and slices.Delete inside it will result an error
out-of-range if the slices deleted multiple times.
|
|
The apply command read the "spdxconv.report" and apply the license and
copyright as stated on each file in the report.
A file that has been successfully processed will be removed from the
report.
|
|
The scan command scan the files that need to be converted or inserted with
SPDX identifiers in the current directory.
The result of scan is stored inside a report file named "spdxconv.report".
There are no other files modified after scan completed.
User then can inspect and modify the report to exclude certain files or
changes the behaviour of apply command.
Deleting a line in the report means excluding the file from being
processed by "apply" command.
|
|
The init command create the spdxconv configuration file in the current
directory.
|
|
If the file contains "SPDX-License-Identifier", it will not modify it.
The program will move the identifier to the top of file after shebang.
If the spdxconv.cfg contains match-license, and the pattern match with
one of the line in the file, it will use the license_identifier instead
of default one and insert it at the top, after shebang.
If the files does not contains the identifier, it will insert new one
based on default value in spdxconv.cfg file.
|
|
If the file X has another file named "X.license" in the same directory,
exclude it for being processed.
The ".license" is SPDX specific file that contains only SPDX identifiers.
|
|
Previously, given the following command,
$ spdxconv $path
the loadConfig load the configuration from the path directory.
This changes it to load the configuration from the current working
directory where the tools run, not from $path directory.
While for scanForSCM, previously its detect SCM from $path up to "/", now
its scan from $path to current working directory only.
While at it, we rename the dummySCM type to noSCM.
|
|
This is the initial implementation, work in progress, with the following
functions,
* loading the spdxconv.cfg file
* scanning list of files to be converted
* detect .git repository and exclude files ignored by .gitignore
No conversion logic is implemented yet.
|
