Spaces:
Configuration error
Configuration error
File size: 11,078 Bytes
447ebeb |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 |
#!/usr/bin/env python3
import sys
import pkg_resources
import requests
from pathlib import Path
import json
from typing import Dict, List, Optional, Set, Tuple
import configparser
import re
from dataclasses import dataclass
@dataclass
class PackageLicense:
name: str
version: Optional[str]
license_type: Optional[str]
is_authorized: bool
reason: str
class LicenseChecker:
def __init__(
self, config_file: Path = Path("./tests/code_coverage_tests/liccheck.ini")
):
if not config_file.exists():
print(f"Error: Config file {config_file} not found")
sys.exit(1)
self.config = configparser.ConfigParser(allow_no_value=True)
self.config.read(config_file)
# Initialize license sets
self.authorized_licenses = self._parse_license_list(
"Licenses", "authorized_licenses"
)
self.unauthorized_licenses = self._parse_license_list(
"Licenses", "unauthorized_licenses"
)
# Parse authorized packages
self.authorized_packages = self._parse_authorized_packages()
# Initialize cache
self.cache_file = Path("license_cache.json")
self.license_cache: Dict[str, str] = {}
if self.cache_file.exists():
with open(self.cache_file) as f:
self.license_cache = json.load(f)
# Track package results
self.package_results: List[PackageLicense] = []
def _parse_license_list(self, section: str, option: str) -> Set[str]:
"""Parse license list from config, handling comments and whitespace."""
if not self.config.has_option(section, option):
return set()
licenses = set()
for line in self.config.get(section, option).split("\n"):
line = line.strip().lower()
if line and not line.startswith("#"):
licenses.add(line)
return licenses
def _parse_authorized_packages(self) -> Dict[str, Dict[str, str]]:
"""Parse authorized packages with their version specs and comments."""
authorized = {}
if self.config.has_section("Authorized Packages"):
for package, spec in self.config.items("Authorized Packages"):
if not package.startswith("#"):
package = package.strip().lower()
parts = spec.split("#", 1)
version_spec = parts[0].strip()
comment = parts[1].strip() if len(parts) > 1 else ""
authorized[package] = {
"version_spec": version_spec,
"comment": comment,
}
return authorized
def get_package_license_from_pypi(
self, package_name: str, version: str
) -> Optional[str]:
"""Fetch license information for a package from PyPI."""
try:
url = f"https://pypi.org/pypi/{package_name}/{version}/json"
response = requests.get(url, timeout=10)
response.raise_for_status()
data = response.json()
return data.get("info", {}).get("license")
except Exception as e:
print(
f"Warning: Failed to fetch license for {package_name} {version}: {str(e)}"
)
return None
def is_license_acceptable(self, license_str: str) -> Tuple[bool, str]:
"""Check if a license is acceptable based on configured lists."""
if not license_str:
return False, "Unknown license"
# Normalize license string to handle common variations
normalized_license = license_str.lower()
normalized_license = normalized_license.replace("-", " ").replace("_", " ")
# Special case for BSD licenses
if "bsd" in normalized_license:
if any(
variation in normalized_license
for variation in ["3 clause", "3-clause", "new", "simplified"]
):
return True, "Matches authorized license: BSD 3-Clause"
# Check unauthorized licenses first
for unauth in self.unauthorized_licenses:
if unauth in normalized_license:
return False, f"Matches unauthorized license: {unauth}"
# Then check authorized licenses
for auth in self.authorized_licenses:
if auth in normalized_license:
return True, f"Matches authorized license: {auth}"
return False, "License not in authorized list"
def check_package(self, package_name: str, version: Optional[str] = None) -> bool:
"""Check if a specific package version is compliant."""
package_lower = package_name.lower()
# Check if package is in authorized packages list
if package_lower in self.authorized_packages:
pkg_info = self.authorized_packages[package_lower]
# If there's a comment, consider it manually verified
if pkg_info.get("comment"):
result = PackageLicense(
name=package_name,
version=version,
license_type=pkg_info["comment"],
is_authorized=True,
reason="Manually verified in config",
)
self.package_results.append(result)
print(f"✅ {package_name}: Manually verified - {pkg_info['comment']}")
return True
# If no comment, proceed with license check but package is considered authorized
license_type = self.get_package_license_from_pypi(
package_name, version or ""
)
if license_type:
is_acceptable, reason = self.is_license_acceptable(license_type)
result = PackageLicense(
name=package_name,
version=version,
license_type=license_type,
is_authorized=True, # Package is authorized even if license check fails
reason=f"Listed in authorized packages - {license_type}",
)
self.package_results.append(result)
print(
f"✅ {package_name}: {license_type} (Listed in authorized packages)"
)
return True
# If package is not authorized or authorization check failed, proceed with normal license check
cache_key = f"{package_name}:{version}" if version else package_name
if cache_key in self.license_cache:
license_type = self.license_cache[cache_key]
else:
license_type = self.get_package_license_from_pypi(
package_name, version or ""
)
if license_type:
self.license_cache[cache_key] = license_type
if not license_type:
result = PackageLicense(
name=package_name,
version=version,
license_type=None,
is_authorized=False,
reason="Could not determine license",
)
self.package_results.append(result)
print(f"⚠️ Warning: Could not determine license for {package_name}")
return False
is_acceptable, reason = self.is_license_acceptable(license_type)
result = PackageLicense(
name=package_name,
version=version,
license_type=license_type,
is_authorized=is_acceptable,
reason=reason,
)
self.package_results.append(result)
if is_acceptable:
print(f"✅ {package_name}: {license_type}")
else:
print(f"❌ {package_name}: {license_type} - {reason}")
return is_acceptable
def check_requirements(self, requirements_file: Path) -> bool:
"""Check all packages in a requirements file."""
print(f"\nChecking licenses for packages in {requirements_file}...")
try:
with open(requirements_file) as f:
requirements = [
pkg_resources.Requirement.parse(line)
for line in f
if line.strip() and not line.startswith("#")
]
except Exception as e:
print(f"Error parsing {requirements_file}: {str(e)}")
return False
all_compliant = True
for req in requirements:
try:
version = next(iter(req.specs))[1] if req.specs else None
except Exception:
version = None
if not self.check_package(req.name, version):
all_compliant = False
# Save updated cache
with open(self.cache_file, "w") as f:
json.dump(self.license_cache, f, indent=2)
return all_compliant
def main():
# req_file = "../../requirements.txt" ## LOCAL TESTING
req_file = "./requirements.txt"
checker = LicenseChecker()
# Check requirements
if not checker.check_requirements(Path(req_file)):
# Get lists of problematic packages
unverified = [p for p in checker.package_results if not p.license_type]
invalid = [
p for p in checker.package_results if p.license_type and not p.is_authorized
]
# Print detailed information about problematic packages
if unverified:
print("\n❌ Packages with unknown licenses:")
for pkg in unverified:
version_str = f" ({pkg.version})" if pkg.version else ""
print(f"- {pkg.name}{version_str}")
if invalid:
print("\n❌ Packages with unauthorized licenses:")
for pkg in invalid:
version_str = f" ({pkg.version})" if pkg.version else ""
print(f"- {pkg.name}{version_str}: {pkg.license_type}")
# Only error if there are packages that aren't explicitly authorized
unhandled_packages = [
p
for p in (unverified + invalid)
if p.name.lower() not in checker.authorized_packages
]
if unhandled_packages:
print("\n❌ Error: Found packages that need verification:")
for pkg in unhandled_packages:
version_str = f" ({pkg.version})" if pkg.version else ""
license_str = (
f" - {pkg.license_type}"
if pkg.license_type
else " - Unknown license"
)
print(f"- {pkg.name}{version_str}{license_str}")
print(
"\nAdd these packages to the [Authorized Packages] section in liccheck.ini with a comment about their license verification."
)
print("Example:")
print("package-name: >=1.0.0 # MIT license manually verified")
sys.exit(1)
else:
print("\n✅ All dependencies have acceptable licenses.")
sys.exit(0)
if __name__ == "__main__":
main()
|