Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add check for SPDX license identifier #144

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add check for SPDX license identifier #144

wants to merge 1 commit into from

Conversation

mzfr
Copy link
Contributor

@mzfr mzfr commented Nov 14, 2018

Fixes #126
Should this be reported as a WARNING or just INFORMATION?

@razzeee
Copy link
Member

razzeee commented Nov 14, 2018

Not too excited about this, as it will generate a flood of messages either way.

@mzfr
Copy link
Contributor Author

mzfr commented Nov 14, 2018

Yes this will but another option is just say something like SPDX IDENTIFIER MISSING or one another thing I can think of, combine all the name of the files and print it like

SPDX Identifier missing from addon.py,addon1.py,addon2.py

@mzfr
Copy link
Contributor Author

mzfr commented Nov 15, 2018

@razzeee I'll add a check for license tag in addon.xml file but that would still generate lots of warning.

Should we ignore files if the tag is present in the addon.xml assuming developer knows about the identifier thing?

@MartijnKaijser
Copy link
Member

License tag should already be mandatory. What this should do is see if doesn't match the SPDX format and suggest it. Same for the python files.

@mzfr mzfr closed this Nov 20, 2018
@mzfr mzfr reopened this Nov 20, 2018
@mzfr
Copy link
Contributor Author

mzfr commented Dec 10, 2018

@razzeee Is there any other changes required in this PR?

Rechi
Rechi reviewed Dec 10, 2018
View reviewed changes
kodi_addon_checker/check_files.py
"""

license_text = parsed_xml.find("extension/license").text
spdx_string = "GNU General Public License v2.0 or later"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This forces every add-on to be GPLv2+.
I don't think that was your intention.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oh Yeah, I think I just did what was given to me as an example. Without keeping in mind that XBMC also have MIT, LPGL, BSD etc.
I'll fix this

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Rechi There's a problem with the identification of Licenses, lot's of addon have GNU GENERAL PUBLIC LICENSE Version 3, 29 June 2007 this type of text in their license tag. Now should I follow the identifiers in https://spdx.org/licenses/, doing that will generate an error on the type I mentioned above or should I just check that the license tag is non-empty, but doing this will pass all types of Licenses including any random string in the license tag.

One solution could be that we create a dictionary of all the license that we need and then use it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As I already mentioned at another PR, first require the licence tag to be listed exactly once and have a non empty string as value.
Also there is no reason to disallow non standard licences.

@Rechi Rechi force-pushed the License-identifier branch 2 times, most recently from 2d2fb6b to e0224aa Compare September 28, 2020 17:01
@razzeee
Copy link
Member

razzeee commented Sep 28, 2020

Do we really want these two checks?

a) Not looking forward to having to have a license string in every file
b) Shouldn't be forcing a GNU license, like rechi correctly mentioned

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Rechi Rechi Rechi left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Use SPDX-License-Identifier for add-ons as well
4 participants
@mzfr @razzeee @MartijnKaijser @Rechi