Closed pmonks closed 1 year ago
Some of the Lift findings in this PR can be automatically fixed. You can download and apply these changes in your local project directory of your branch to review the suggestions before committing.[^1]
# Download the patch
curl https://lift.sonatype.com/api/patch/github.com/spdx/Spdx-Java-Library/145.diff -o lift-autofixes.diff
# Apply the patch with git
git apply lift-autofixes.diff
# Review the changes
git diff
Want it all in a single command? Open a terminal in your project's directory and copy and paste the following command:
curl https://lift.sonatype.com/api/patch/github.com/spdx/Spdx-Java-Library/145.diff | git apply
Once you're satisfied commit and push your changes in your project. [^1]: You can preview the patch by opening the patch URL in the browser.
Thanks @pmonks - Could you sign-off your commits - or you could also just add add a comment to this PR that you agree to the licensing section of the CONTRIBUTING.md file: https://github.com/spdx/Spdx-Java-Library/blob/master/CONTRIBUTING.md#licensing
Also - one of the checks in the CI is complaining about a possible null pointer exception - on line https://github.com/spdx/Spdx-Java-Library/blob/180f4a5ac83614f30a7a11f4dd22251aa9c78f76/src/main/java/org/spdx/utility/compare/LicenseCompareHelper.java#L858
An easy fix would be to add a check at the beginning of the method - something like:
public static boolean isStandardLicenseWithinText(String text, SpdxListedLicense license) {
if (license == null || if text == null) {
return false;
}
// Get match status
boolean result = false;
int startIndex = -1;
If you want to add that to the PR, that would be great.
@goneall I fixed the linter issue, and signed that final commit as well. I held off on rebasing all of my earlier commits to sign them, as I've been merging from master
as you worked there in parallel, and didn't want to accidentally sign your interleaved commits (git makes this kind of thing way too difficult / error-prone, but I digress...).
Regardless, I assert here that all of my earlier commits were developed personally by me, and that they meet the requirements of CONTRIBUTING.md#licensing.
Thanks @pmonks - I'll go ahead and merge this in.
BTW - I run into similar false positives on the linter from time to time.
This is an initial implementation of issue #141 (add support for multi-license texts to license comparison logic).