Open Vampire opened 5 months ago
This of course also means that the checkLicense
task is operating on different information than is shown in the HTML reports and might accept a library like the shown for having ASLv2 while the HTML report only shows it in the EPLv2 category.
I have a PR open: #297 which should fix the issue. I think it was not the problem, that the License came from a license file, but that the plugin currently isn't handling multiple licenses so well (checkLicense, and printing reports)
That does not really fix the issue, as this issue is about missing the information in the report. Multiple licenses handling is sub-optimal yes, but also your PR only partly fixes it. Mutliple licenses can for example mean that a consumer can choose which license to use, or that some parts are under one license and some parts under another license and this can be different from dependency to dependency.
Here a consumer-side work-around that "fixes" the inventory HTML report in Kotlin:
class EnhancedInventoryHtmlReportRenderer : InventoryHtmlReportRenderer() {
override fun buildLicenseInventory(data: ProjectData): Map<String, List<ModuleData>> {
val inventory = super.buildLicenseInventory(data)
inventory
.values
.flatten()
.distinct()
.forEach { moduleData ->
moduleData
.licenseFiles
.flatMap { it.fileDetails }
.filter { it.license != null }
.forEach {
val moduleDatas = inventory.computeIfAbsent(it.license) {
mutableListOf()
}
if (!moduleDatas.contains(moduleData)) {
moduleDatas.add(moduleData)
}
}
}
return inventory
}
override fun printDependencyLicenseFiles(licenseFiles: TreeSet<LicenseFileData>) {
licenseFiles
.flatMap { it.fileDetails }
.groupBy { it.file }
.forEach { (file, details) ->
val embeddedLicenses = details.joinToString(separator = "<br>") {
when {
it.license == null -> "No license recognized"
it.licenseUrl == null -> it.license
maybeLicenseUrl(it.licenseUrl) -> "${it.license} - ${link(it.licenseUrl, it.licenseUrl)}"
else -> "${it.license} - ${section("License", it.licenseUrl)}"
}
}
output.appendText(section("Embedded license file ${link(file, file)}", embeddedLicenses))
}
}
fun section(label: String, value: String) = """
<label>$label</label>
<div class='dependency-value'>$value</div>
""".trimIndent()
fun link(name: String, url: String) = "<a href='$url'>$name</a>"
}
Neither the simple nor the inventory html report renderer print out the licenses found in a license file. If you for example have in the
project-licenses-for-check-license-task.json
filewhere the EPL was found in the POM and the ASLv2 was found in
about.html
license file,The simple HTML report just shows:
The inventory HTML report also just shows:
The ASLv2 is nowhere mentioned in those reports for this dependency.