| Message ID | 20221019105739.2279010-2-nobuta.keiya@fujitsu.com |
|---|---|
| State | New |
| Headers | show |
| Series | [1/3] create-spdx: Remove ";name=..." for downloadLocation | expand |
On Wed, Oct 19, 2022 at 6:08 AM Keiya Nobuta <nobuta.keiya@fujitsu.com> wrote: > > Fixed an issue that "licenseDeclared" shows weird value, for example > `busybox.spdx.json` shows like: > > "GPL-2.0-only AND DocumentRef-recipe-busybox:LicenseRef-bzip2-1.0.4" > ^^^^^^^^^^^^^^^^^^^^^^^^^^^ > unwanted value I don't believe this is unwanted: the license text lives in another document (ecipe-busybox.spdx.json) so we need to indicate that here > > Signed-off-by: Keiya Nobuta <nobuta.keiya@fujitsu.com> > --- > meta/classes/create-spdx.bbclass | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass > index c190ad3889..1661c7d2f0 100644 > --- a/meta/classes/create-spdx.bbclass > +++ b/meta/classes/create-spdx.bbclass > @@ -534,7 +534,7 @@ python do_create_spdx() { > recipe_ref.checksum.checksumValue = doc_sha1 > > sources = collect_dep_sources(d, dep_recipes) > - found_licenses = {license.name:recipe_ref.externalDocumentId + ":" + license.licenseId for license in doc.hasExtractedLicensingInfos} > + found_licenses = {license.name: license.licenseId for license in doc.hasExtractedLicensingInfos} > > if not recipe_spdx_is_native(d, recipe): > bb.build.exec_func("read_subpackage_metadata", d) > -- > 2.25.1 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#171967): https://lists.openembedded.org/g/openembedded-core/message/171967 > Mute This Topic: https://lists.openembedded.org/mt/94428131/3616693 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [JPEWhacker@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- >
On Thu, Oct 20, 2022 at 06:17 AM, Joshua Watt wrote: > > On Wed, Oct 19, 2022 at 6:08 AM Keiya Nobuta <nobuta.keiya@fujitsu.com> > wrote: > >> Fixed an issue that "licenseDeclared" shows weird value, for example >> `busybox.spdx.json` shows like: >> >> "GPL-2.0-only AND DocumentRef-recipe-busybox:LicenseRef-bzip2-1.0.4" >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> unwanted value > > I don't believe this is unwanted: the license text lives in another > document (ecipe-busybox.spdx.json) so we need to indicate that here Thanks for your comment. I was misunderstanding, so I'm withdrawing this patch. The reason I got it wrong was because the SPDX validation tool[1] gave me the following message: ``` The following warning(s) were raised: [Invalid package declared license:Incompatible type for property member: class org.spdx.library.model.license.AnyLicenseInfo] ``` But this is probably due to a flaw in the validation tool. So I checked the SPDX specification[2], and understood that it complies with the user defined license reference. [1] https://tools.spdx.org/app/validate/ [2] https://spdx.github.io/spdx-spec/SPDX-license-expressions/ > > >> Signed-off-by: Keiya Nobuta <nobuta.keiya@fujitsu.com> >> --- >> meta/classes/create-spdx.bbclass | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/meta/classes/create-spdx.bbclass >> b/meta/classes/create-spdx.bbclass >> index c190ad3889..1661c7d2f0 100644 >> --- a/meta/classes/create-spdx.bbclass >> +++ b/meta/classes/create-spdx.bbclass >> @@ -534,7 +534,7 @@ python do_create_spdx() { >> recipe_ref.checksum.checksumValue = doc_sha1 >> >> sources = collect_dep_sources(d, dep_recipes) >> - found_licenses = {license.name:recipe_ref.externalDocumentId + ":" + >> license.licenseId for license in doc.hasExtractedLicensingInfos} >> + found_licenses = {license.name: license.licenseId for license in >> doc.hasExtractedLicensingInfos} >> >> if not recipe_spdx_is_native(d, recipe): >> bb.build.exec_func("read_subpackage_metadata", d) >> -- >> 2.25.1 >> >> >> > >
Il 2022-10-19 23:17 Joshua Watt ha scritto: > On Wed, Oct 19, 2022 at 6:08 AM Keiya Nobuta <nobuta.keiya@fujitsu.com> > wrote: >> >> Fixed an issue that "licenseDeclared" shows weird value, for example >> `busybox.spdx.json` shows like: >> >> "GPL-2.0-only AND DocumentRef-recipe-busybox:LicenseRef-bzip2-1.0.4" >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> unwanted value > > I don't believe this is unwanted: the license text lives in another > document (ecipe-busybox.spdx.json) so we need to indicate that here > That is correct, according to the specs: https://spdx.github.io/spdx-spec/SPDX-license-expressions/#d3-simple-license-expressions Cheers, Alberto
diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass index c190ad3889..1661c7d2f0 100644 --- a/meta/classes/create-spdx.bbclass +++ b/meta/classes/create-spdx.bbclass @@ -534,7 +534,7 @@ python do_create_spdx() { recipe_ref.checksum.checksumValue = doc_sha1 sources = collect_dep_sources(d, dep_recipes) - found_licenses = {license.name:recipe_ref.externalDocumentId + ":" + license.licenseId for license in doc.hasExtractedLicensingInfos} + found_licenses = {license.name: license.licenseId for license in doc.hasExtractedLicensingInfos} if not recipe_spdx_is_native(d, recipe): bb.build.exec_func("read_subpackage_metadata", d)
Fixed an issue that "licenseDeclared" shows weird value, for example `busybox.spdx.json` shows like: "GPL-2.0-only AND DocumentRef-recipe-busybox:LicenseRef-bzip2-1.0.4" ^^^^^^^^^^^^^^^^^^^^^^^^^^^ unwanted value Signed-off-by: Keiya Nobuta <nobuta.keiya@fujitsu.com> --- meta/classes/create-spdx.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)