Skip to content

Upgrade dependencies including licenseclassifier/v2#203

Merged
Bobgy merged 5 commits intogoogle:masterfrom
inteon:upgrade
Apr 26, 2023
Merged

Upgrade dependencies including licenseclassifier/v2#203
Bobgy merged 5 commits intogoogle:masterfrom
inteon:upgrade

Conversation

@inteon
Copy link
Copy Markdown
Contributor

@inteon inteon commented Apr 9, 2023
edited
Loading

Upgraded all dependencies (go.mod, vendored and licenseclassifier/v2).

This PR includes added support for multiple licenses in one LICENSE file (prints all of the found licenses).

NOTE: this PR removes the confidenceThreshold parameter, as it is not directly supported upstream anymore

@inteon
update 3rd party
e6a7bee 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
inteon
inteon commented Apr 9, 2023
View reviewed changes
licenses/types.go
}
}

var typeMap = map[string]Type{
Copy link
Copy Markdown
Contributor Author

@inteon inteon Apr 9, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These license types are not available upstream anymore in v2 (I think).
The TestTypes test makes sure we provide a mapping for all license names that we can detect.

@inteon
upgrade dependencies, including licenseclassifier/v2
74b7c66 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
@inteon
upgrade GH actions go version
5486864 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
@inteon inteon mentioned this pull request Apr 10, 2023
Merged
Bobgy
Bobgy reviewed Apr 11, 2023
View reviewed changes
Copy link
Copy Markdown
Collaborator

@Bobgy Bobgy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for helping to upgrade so many dependencies!

It seems that there will be some unavoidable breaking changes introduced by licenseclassifier/v2:

  • Support multiple licenses in the same file
  • Removal of confidence threshold flag
  • Minimum golang version increase

I suggest we target creating a v2 of go-licenses. What do you think?

@inteon
Copy link
Copy Markdown
Contributor Author

inteon commented Apr 11, 2023

Thank you for helping to upgrade so many dependencies!

It seems that there will be some unavoidable breaking changes introduced by licenseclassifier/v2:

  • Support multiple licenses in the same file
  • Removal of confidence threshold flag
  • Minimum golang version increase

I suggest we target creating a v2 of go-licenses. What do you think?

I agree, the upstream licenseclassifier/v2 also changed quite a bit and might even classify some LICENSE files differently (even if there is only 1 license in it).

Bobgy
Bobgy reviewed Apr 11, 2023
View reviewed changes
Copy link
Copy Markdown
Collaborator

@Bobgy Bobgy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some early comments.

@inteon inteon mentioned this pull request Apr 11, 2023
Merged
Bobgy
Bobgy reviewed Apr 12, 2023
View reviewed changes
save.go Outdated
}
switch licenseType {

mostRestrictive := licenses.Unknown
Copy link
Copy Markdown
Collaborator

@Bobgy Bobgy Apr 12, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should unknown be the most restrictive? because it results in an error. No matter what you do, you cannot be sure you are conformant to the license.

Copy link
Copy Markdown
Collaborator

@Bobgy Bobgy Apr 12, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, the code here should better be extracted to the licenses folder.

Copy link
Copy Markdown
Contributor Author

@inteon inteon Apr 22, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Bobgy I fixed these issues in the latest commit.

@Bobgy
Copy link
Copy Markdown
Collaborator

Bobgy commented Apr 13, 2023

Incredible work! Thank you so much for improving go licenses!

If we resolve the open issues we can merge and bump to v2 in another PR.

@inteon
improve restrictiveness checker
5eaeb5c 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
Bobgy
Bobgy approved these changes Apr 25, 2023
View reviewed changes
Copy link
Copy Markdown
Collaborator

@Bobgy Bobgy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you! One last comment.

Purely a bonus -- if you want, it's also helpful to check if there are missing code coverage for those you touched, but do not expect to change the behavior.

@inteon
if no licenses are found, it means we have an Unknown license
f528a3f 
Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
Bobgy
Bobgy approved these changes Apr 26, 2023
View reviewed changes
Copy link
Copy Markdown
Collaborator

@Bobgy Bobgy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Absolutely amazing work!
Thank you so much for your contribution!

@Bobgy Bobgy merged commit e41525c into google:master Apr 26, 2023
This was referenced Apr 26, 2023
Closed
Open
@otiai10 otiai10 mentioned this pull request Aug 11, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Bobgy Bobgy Bobgy approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@inteon @Bobgy