Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support "\" in license file paths #33

Merged
merged 3 commits into from
Aug 1, 2024
Merged

Support "\" in license file paths #33

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
81d5da3
Support "\" in license file paths
Inok Aug 1, 2024
0034ec3
bump deps
Inok Aug 1, 2024
96ee9ee
Fix for unix
Inok Aug 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 27 additions & 27 deletions Directory.Packages.props
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,29 +1,29 @@
<Project>
<PropertyGroup>
<ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
</PropertyGroup>
<ItemGroup>
<PackageVersion Include="coverlet.collector" Version="6.0.2"/>
<PackageVersion Include="CSharpFunctionalExtensions" Version="2.42.0"/>
<PackageVersion Include="FluentAssertions" Version="6.12.0"/>
<PackageVersion Include="FluentValidation" Version="11.9.2"/>
<PackageVersion Include="Humanizer.Core" Version="2.14.1"/>
<PackageVersion Include="JetBrains.Annotations" Version="2023.3.0"/>
<PackageVersion Include="Microsoft.NET.Test.Sdk" Version="17.10.0"/>
<PackageVersion Include="NSubstitute" Version="5.1.0"/>
<PackageVersion Include="NSubstitute.Analyzers.CSharp" Version="1.0.17"/>
<PackageVersion Include="NUnit" Version="4.1.0"/>
<PackageVersion Include="NUnit.Analyzers" Version="4.2.0"/>
<PackageVersion Include="NUnit3TestAdapter" Version="4.5.0"/>
<PackageVersion Include="NuGet.Protocol" Version="6.10.0"/>
<PackageVersion Include="Nuke.Common" Version="8.0.0"/>
<PackageVersion Include="Spectre.Console" Version="0.49.1"/>
<PackageVersion Include="Spectre.Console.Analyzer" Version="0.49.1"/>
<PackageVersion Include="Spectre.Console.Cli" Version="0.49.1"/>
<PackageVersion Include="Testcontainers" Version="3.8.0"/>
<PackageVersion Include="YamlDotNet" Version="15.1.6"/>
</ItemGroup>
<ItemGroup>
<GlobalPackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="8.0.0"/>
</ItemGroup>
<PropertyGroup>
<ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
</PropertyGroup>
<ItemGroup>
<PackageVersion Include="coverlet.collector" Version="6.0.2"/>
<PackageVersion Include="CSharpFunctionalExtensions" Version="2.42.0"/>
<PackageVersion Include="FluentAssertions" Version="6.12.0"/>
<PackageVersion Include="FluentValidation" Version="11.9.2"/>
<PackageVersion Include="Humanizer.Core" Version="2.14.1"/>
<PackageVersion Include="JetBrains.Annotations" Version="2024.2.0"/>
<PackageVersion Include="Microsoft.NET.Test.Sdk" Version="17.10.0"/>
<PackageVersion Include="NSubstitute" Version="5.1.0"/>
<PackageVersion Include="NSubstitute.Analyzers.CSharp" Version="1.0.17"/>
<PackageVersion Include="NUnit" Version="4.1.0"/>
<PackageVersion Include="NUnit.Analyzers" Version="4.2.0"/>
<PackageVersion Include="NUnit3TestAdapter" Version="4.6.0"/>
<PackageVersion Include="NuGet.Protocol" Version="6.10.1"/>
<PackageVersion Include="Nuke.Common" Version="8.0.0"/>
<PackageVersion Include="Spectre.Console" Version="0.49.1"/>
<PackageVersion Include="Spectre.Console.Analyzer" Version="0.49.1"/>
<PackageVersion Include="Spectre.Console.Cli" Version="0.49.1"/>
<PackageVersion Include="Testcontainers" Version="3.9.0"/>
<PackageVersion Include="YamlDotNet" Version="15.1.6"/>
</ItemGroup>
<ItemGroup>
<GlobalPackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="8.0.0"/>
</ItemGroup>
</Project>
34 changes: 23 additions & 11 deletions src/Promote.NuGet.Commands/Licensing/LicenseComplianceValidator.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -166,24 +166,22 @@
PackageReaderBase packageReader,
CancellationToken cancellationToken)
{
var filesInPackage = await packageReader.GetFilesAsync(cancellationToken);
if (!filesInPackage.Contains(license))
{
return new LicenseComplianceViolation(packageId, PackageLicenseType.File, license, "There is no such file in the package.");
}

string actualLicenseText;
string? actualLicenseText;
try
{
await using var stream = await packageReader.GetStreamAsync(license, cancellationToken);
using var reader = new StreamReader(stream);
actualLicenseText = await reader.ReadToEndAsync();
actualLicenseText = await TryGetFileContent(packageReader, license, cancellationToken)
?? await TryGetFileContent(packageReader, license.Replace('\\', '/'), cancellationToken);
}
catch (Exception ex)
{
return new LicenseComplianceViolation(packageId, PackageLicenseType.File, license, $"Failed to open the license file: {ex.Message}");
}

if (actualLicenseText == null)
{
return new LicenseComplianceViolation(packageId, PackageLicenseType.File, license, "There is no such file in the package.");

Check warning on line 182 in src/Promote.NuGet.Commands/Licensing/LicenseComplianceValidator.cs

View check run for this annotation

Codecov / codecov/patch

src/Promote.NuGet.Commands/Licensing/LicenseComplianceValidator.cs#L182 

Added line #L182 was not covered by tests
}

var normalizedActualLicense = NormalizeLicenseText(actualLicenseText);

foreach (var acceptFile in acceptedFiles)
Expand All @@ -210,7 +208,21 @@
return new LicenseComplianceViolation(packageId, PackageLicenseType.File, license, "No matching license files found in the whitelist.");
}

private string NormalizeLicenseText(string license)
private static async Task<string?> TryGetFileContent(PackageReaderBase packageReader, string path, CancellationToken cancellationToken)
{
try
{
await using var stream = await packageReader.GetStreamAsync(path, cancellationToken);
using var reader = new StreamReader(stream);
return await reader.ReadToEndAsync(cancellationToken);
}

Check warning on line 218 in src/Promote.NuGet.Commands/Licensing/LicenseComplianceValidator.cs

View check run for this annotation

Codecov / codecov/patch

src/Promote.NuGet.Commands/Licensing/LicenseComplianceValidator.cs#L218 

Added line #L218 was not covered by tests
catch (FileNotFoundException)
{
return null;
}
}

private static string NormalizeLicenseText(string license)
{
var normalized = new StringBuilder(license);

Expand Down
34 changes: 31 additions & 3 deletions ....NuGet.Tests/Promote/FromConfiguration/PromoteFromConfigurationCommandIntegrationTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -583,6 +583,9 @@ public async Task Checks_license_compliance_when_no_licenses_are_accepted()
- id: System.Runtime.CompilerServices.Unsafe
versions:
- 6.0.0
- id: LibGit2Sharp.NativeBinaries
versions:
- 2.0.322
"""
);

Expand Down Expand Up @@ -611,7 +614,10 @@ Resolving Microsoft.Data.SqlClient.SNI.runtime 5.2.0
Resolving System.Runtime.CompilerServices.Unsafe 6.0.0
Found 1 matching package:
└── 6.0.0
Resolving 3 packages to promote...
Resolving LibGit2Sharp.NativeBinaries 2.0.322
Found 1 matching package:
└── 2.0.322
Resolving 4 packages to promote...
Processing System.Runtime 4.3.1
Package license: MICROSOFT .NET LIBRARY
(http://go.microsoft.com/fwlink/?LinkId=329770)
Expand Down Expand Up @@ -639,6 +645,13 @@ System.Runtime.CompilerServices.Unsafe 6.0.0 is not in the
destination.
System.Runtime.CompilerServices.Unsafe 6.0.0 has no
dependencies.
Processing LibGit2Sharp.NativeBinaries 2.0.322
Package license:
https://www.nuget.org/packages/LibGit2Sharp.NativeBinaries
/2.0.322/license
LibGit2Sharp.NativeBinaries 2.0.322 is not in the
destination.
LibGit2Sharp.NativeBinaries 2.0.322 has no dependencies.
Processing Microsoft.NETCore.Platforms 1.1.1
Package license: MICROSOFT .NET LIBRARY
(http://go.microsoft.com/fwlink/?LinkId=329770)
Expand All @@ -651,12 +664,17 @@ Processing Microsoft.NETCore.Targets 1.1.3
Microsoft.NETCore.Targets 1.1.3 is not in the destination.
Microsoft.NETCore.Targets 1.1.3 has no dependencies.
Resolved package tree:
├── LibGit2Sharp.NativeBinaries 2.0.322
├── Microsoft.Data.SqlClient.SNI.runtime 5.2.0
├── System.Runtime 4.3.1
│ ├── Microsoft.NETCore.Platforms 1.1.1
│ └── Microsoft.NETCore.Targets 1.1.3
└── System.Runtime.CompilerServices.Unsafe 6.0.0
Found 5 packages to promote:
Found 6 packages to promote:
├── LibGit2Sharp.NativeBinaries 2.0.322
│ └── License:
│ https://www.nuget.org/packages/LibGit2Sharp.NativeBi
│ naries/2.0.322/license
├── Microsoft.Data.SqlClient.SNI.runtime 5.2.0
│ └── License:
│ https://www.nuget.org/packages/Microsoft.Data.SqlCli
Expand All @@ -676,10 +694,16 @@ Microsoft.NETCore.Targets 1.1.3 has no dependencies.
├── 3x: MICROSOFT .NET LIBRARY
│ (http://go.microsoft.com/fwlink/?LinkId=329770)
├── 1x:
│ https://www.nuget.org/packages/LibGit2Sharp.NativeBinari
│ es/2.0.322/license
├── 1x:
│ https://www.nuget.org/packages/Microsoft.Data.SqlClient.
│ SNI.runtime/5.2.0/license
└── 1x: MIT (https://licenses.nuget.org/MIT)
Checking license compliance...
Checking LibGit2Sharp.NativeBinaries 2.0.322
License (file): libgit2\libgit2.license.txt
[x] No matching license files found in the whitelist.
Checking Microsoft.Data.SqlClient.SNI.runtime 5.2.0
License (file): LICENSE.txt
[x] No matching license files found in the whitelist.
Expand All @@ -698,7 +722,11 @@ [x] The license url is not whitelisted.
Checking System.Runtime.CompilerServices.Unsafe 6.0.0
License (expression): MIT
[x] The license expression is not whitelisted.
5 license violations found:
6 license violations found:
├── LibGit2Sharp.NativeBinaries.2.0.322
│ ├── License (file): libgit2\libgit2.license.txt
│ └── Reason: No matching license files found in the
│ whitelist.
├── Microsoft.Data.SqlClient.SNI.runtime.5.2.0
│ ├── License (file): LICENSE.txt
│ └── Reason: No matching license files found in the
Expand Down