search

scanoss / scanoss.py

The SCANOSS python package providing a simple, easy to consume library for interacting with SCANOSS APIs/Engine.
MIT License
25 stars 18 forks source link

Invalid SPDX licenses in SPDX output #14

Closed vargenau closed 1 year ago

vargenau commented 1 year ago 
git clone https://scm.fusionforge.org/anonscm/git/fusionforge/fusionforge.git

scanoss-py version
Version: 1.0.6

scanoss-py scan --format spdxlite --output fusionforge.spdx.json fusionforge

Writing results to fusionforge.spdx.json...
Searching fusionforge for files to fingerprint...
Fingerprinting -ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 2932)
Ignoring result. Please look in "bad_json-140489655318080-1664287829.txt" for more details.
Fingerprinting |ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 7600)
Ignoring result. Please look in "bad_json-140489621747264-1664287842.txt" for more details.
Fingerprinting -ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 2120)
Ignoring result. Please look in "bad_json-140489621747264-1664287845.txt" for more details.
Fingerprinting /ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 58536)
Ignoring result. Please look in "bad_json-140489613354560-1664287846.txt" for more details.
Fingerprinting |ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 9546)
Ignoring result. Please look in "bad_json-140489621747264-1664287852.txt" for more details.
Fingerprinting /ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 36380)
Ignoring result. Please look in "bad_json-140489613354560-1664287860.txt" for more details.
Fingerprinting |ERROR: The SCANOSS API returned an invalid JSON: Invalid control character at: line 1 column 1023 (char 1022)
Ignoring result. Please look in "bad_json-140490003514944-1664287860.txt" for more details.
Fingerprinting -ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 8792)
Ignoring result. Please look in "bad_json-140489604961856-1664287898.txt" for more details.
Fingerprinting -ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 1880)
Ignoring result. Please look in "bad_json-140490003514944-1664287910.txt" for more details.
Fingerprinting |ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 3593)
Ignoring result. Please look in "bad_json-140489655318080-1664287911.txt" for more details.
Fingerprinting -ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 17473)
Ignoring result. Please look in "bad_json-140489604961856-1664287915.txt" for more details.
ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 25463)
Ignoring result. Please look in "bad_json-140490003514944-1664287918.txt" for more details.
Fingerprinting -ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 90727)
Ignoring result. Please look in "bad_json-140489638532672-1664287923.txt" for more details.
Fingerprinting /ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 56183)
Ignoring result. Please look in "bad_json-140489621747264-1664287927.txt" for more details.
Fingerprinting /ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 5943)
Ignoring result. Please look in "bad_json-140489646925376-1664287952.txt" for more details.
Fingerprinting |ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 65995)
Ignoring result. Please look in "bad_json-140489655318080-1664287955.txt" for more details.
Fingerprinting /ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 49690)
Ignoring result. Please look in "bad_json-140489378489920-1664287957.txt" for more details.
Fingerprinting \ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 84432)
Ignoring result. Please look in "bad_json-140489621747264-1664287973.txt" for more details.
Fingerprinting |ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 4831)
Ignoring result. Please look in "bad_json-140489613354560-1664287997.txt" for more details.
Fingerprinting /ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 4719)
Ignoring result. Please look in "bad_json-140489655318080-1664288000.txt" for more details.
Fingerprinting /
Scanning |#############################   | 3386/3731ERROR: The SCANOSS API returned an invalid JSON: Expecting ',' delimiter: line 2 column 1 (char 44125)
Ignoring result. Please look in "bad_json-140489655318080-1664288011.txt" for more details.
Scanning |################################| 3731/3731
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-other-copyleft
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-public-domain
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-warranty-disclaimer
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-other-copyleft
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-public-domain
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-public-domain
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-public-domain
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-public-domain
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-public-domain
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-public-domain
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-json-pd
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scanoss-json-4982
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-free-unknown
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-mit-old-style
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-unknown-license-reference
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-warranty-disclaimer
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-other-copyleft
Warning: Failed to find valid SPDX license identifier for: GPL-2.0-only/GPL-3.0-only
Warning: Failed to find valid SPDX license identifier for: GPL-2.0-onlyGPL-3.0-only
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-unknown-license-reference
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-unknown-license-reference
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-unknown-license-reference
Warning: Failed to find valid SPDX license identifier for: LicenseRef-scancode-unknown-license-reference
Warning: Failed to find valid SPDX license identifier for: GPL-2.0-only/GPL-3.0-only
Warning: Failed to find valid SPDX license identifier for: GPL-2.0-onlyGPL-3.0-only

We have "Many warnings during fingerprinting" reported in #12

We have also " Missing custom licences in SPDX output (again)" reported in #13

But we have also invalid SPDX licenses in SPDX output:

Warning: Failed to find valid SPDX license identifier for: GPL-2.0-only/GPL-3.0-only
Warning: Failed to find valid SPDX license identifier for: GPL-2.0-onlyGPL-3.0-only

It seems two valid license identifiers have been glued together.

mscasso-scanoss commented 1 year ago

Dear @vargenau , The problem you were experiencing was related with bug in our scanning engine. It was solved and updated today. I have scanned successfully the repository you mentioned. Sorry for the inconvenience, please give a new try.

vargenau commented 1 year ago

I confirm the issue with warnings is solved.

The issue about invalid license identifiers like GPL-2.0-onlyGPL-3.0-only is still pending.

vargenau commented 1 year ago

Can you please re-open this ticket?

Again, the issue with warnings is solved.

The issue about invalid license identifiers like GPL-2.0-onlyGPL-3.0-only is still pending.

eeisegn commented 1 year ago

Hi,

We are tracking this as part of issue 12, if that's ok?

Thanks!

vargenau commented 1 year ago

It would be more logical to close #12 "Many warnings during fingerprinting" and have this one "Invalid SPDX licenses in SPDX output" open, but the important thing is to solve the issue.