Merge latest develop #295

Signed-off-by: Philippe Ombredanne <[email protected]>
aboutcode-org · Dec 4, 2020 · 901e2ef · 901e2ef
2 parents d1fae02 + b14ca7b
commit 901e2ef
Show file tree

Hide file tree

Showing 4,215 changed files with 96,984 additions and 291,786 deletions.
diff --git a/.bumpversion.cfg b/.bumpversion.cfg
@@ -1,5 +1,5 @@
 [bumpversion]
-current_version = 3.1.2
+current_version = 3.2.3
 files = setup.py src/scancode_config.py
 commit = False
 tag = False

diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,14 @@
+# Ignore the Docker files themselves to avoid that all layers are invalidated if the Docker files are changed during development.
+.dockerignore
+Dockerfile
+
+# Ignore the Git directory and files and github directory.
+.git/
+.github/
+.gitattributes
+.gitignore 
+
+# Ignore other directories that are not required in the image
+tests/
+docs/
+samples/
diff --git a/.github/ISSUE_TEMPLATE/--lic-det-bug-report.md b/.github/ISSUE_TEMPLATE/--lic-det-bug-report.md
@@ -0,0 +1,94 @@
+---
+name: "\U0001F41B License Detection Bug report"
+about: Create a Report for a License Detection Bug
+title: ''
+labels: 'bug', 'license scan', 'new and improved data'
+assignees: ''
+
+---
+
+<!-- 
+Please fill out as much of the below template and delete unnecessary text.
+Sample License Detection Bug Reports 
+	- https://github.com/nexB/scancode-toolkit/issues/2126 
+	- https://github.com/nexB/scancode-toolkit/issues/2266
+Markdown Styling - https://commonmark.org/help/
+-->
+
+### Description
+
+> Please leave a brief description of the License Detection Bug:
+
+
+### Where to get the File/Package
+
+> Link to Public Repository/Package Index, if there are multiple files that has license detection errors
+> Also list some example files. If the bug is in a single file then link to the file. 
+
+
+
+## Scan Reports 
+
+> What scancode command was used?
+
+
+> Scan Outputs (Preferably of a whole file in [json-pretty-print](https://scancode-toolkit.readthedocs.io/en/latest/cli-reference/output-format.html#json-pp-file))
+> Note:- 
+> If possible please use the `--license-text` and `--license-text-diagonostics` [command line options](https://scancode-toolkit.readthedocs.io/en/latest/cli-reference/basic-options.html#license-text-diagnostics-options) 
+> as it helps understand which parts were wrongly matched and gives us more insight into the bug
+> Upload your results.json file on this issue [like this](https://docs.github.com/en/enterprise/2.16/user/github/managing-your-work-on-github/file-attachments-on-issues-and-pull-requests)
+
+
+
+### System/Scancode Configuration
+
+> For bug reports, it really helps us to know:
+
+* What OS are you running on? 
+> (Windows/MacOS/Linux)
+
+
+* What version of scancode-toolkit was used to generate the scan file?
+> `./scancode --version` 
+
+
+* What installation method was used to install/run scancode? 
+> (pip/source download/other)
+
+
+## Links to Rule or excerpts of Rule Texts (If Possible)
+
+> Which Licenses/Rules were wrongly matched (if Applicable)
+> 
+> [Rule Directory](https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/rules) and [License Directory](https://github.com/nexB/scancode-toolkit/tree/develop/src/licensedcode/data/licenses)
+
+
+
+## Select the Relevant Issue Category(s)
+
+> [ ] - Unselected, [x] - Selected
+
+-  [ ] Unknown License 
+-  [ ] False Positive
+-  [ ] Multiple Detections, Some Wrong
+-  [ ] License Version Mismatch
+-  [ ] New License
+-  [ ] Change in License/Rule Attributes
+-  [ ] Edit existing Rule
+-  [ ] From [`scancode-results-analyzer`](https://github.com/nexB/scancode-results-analyzer) 
+
+
+## Comments on the License Detection Bug
+
+> What should have been detected instead, why is it a bug.
+
+
+
+## Comments (if any) on How to Add a New Rule/Modify an existing Rule for solving this Bug
+
+> Refer the documentation page at [Add new license](https://scancode-toolkit.readthedocs.io/en/latest/how-to-guides/add_new_license.html) and [Add new rule](https://scancode-toolkit.readthedocs.io/en/latest/how-to-guides/add_new_license_detection_rule.html) 
+
+
+<!-- 
+Your help makes ScanCode Toolkit better! We *deeply* appreciate your help in improving ScanCode Toolkit.
+-->
diff --git a/.gitignore b/.gitignore
@@ -79,3 +79,5 @@ pyvenv.cfg
 lib64
 tcl
 /.env
+
+*.orig
diff --git a/AUTHORS.rst b/AUTHORS.rst
@@ -20,3 +20,5 @@ The following organizations or individuals have contributed to ScanCode:
 - Ravi Jain @JRavi2
 - Gaurang Rao @Gaupeng
 - Tushar Goel @TG1999
+- Richard Menzies @WizardOhio24
+- Daniel Eder @daniel-eder
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -1,11 +1,159 @@
 Changelog
 =========
+vNext
+-----
+ - Updated scancode.bat to handle % signs in the arguments #1876
 
-Outputs:
+v20.11 (next)
+-------------
+
+Notable changes:
+
+ - support officially Python 64 bits on Windows 64 bits #335
+
+
+
+v3.2.3 (2020-10-27)
+-------------------
+
+Notable changes:
+
+ - Collect Windows executable metadata #652
+ - Fix minor bugs
+ - Add Dockerfile to build docker image from ScanCode sources #2265
+
+
+v3.2.2rc3 (2020-09-21)
+----------------------
+
+Notable changes:
+
+ - Use commoncode, typecode and extractcode as external standalone packages #2233
+
+
+v3.2.1rc2 (2020-09-11)
+----------------------
+
+Minor bug fixes:
+
+ - Do not fail if Debian status is missing #2224
+ - Report correct detected license text in binary #2226 #2227
+
+
+v3.2.0rc1 (2020-09-08)
+----------------------
+
+ - Improve copyright detection #2140
+ - Add new license rules for "bad" licenses #1899 @viragumathe5
+ - Improve copyright detection @WizardOhio24
+ - Improve tests @hanif-ali
+ - Add and improve support for package manifest for #2080 Go, Ruby gem gemspec, Cocoapod podspec, opam, Python PKG-INFO - Rohit Potter @rpotter12
+ - Add and improve support for package lockfiles for Pipfile.lock, requirements.tx, Cargo.lock - Rohit Potter @rpotter12
+ - Add new --max-depth option to limit sca depth - Hanif Ali @hanif-ali
+ - Add initial Debian packaging - @aj4ayushjain
+ - Add new documentation web site and documentation generation system 
  - The "headers" attribute in JSON outputs now contains a 'duration' field. #1942
+ - Rework packaging and third-party support handling: Create new scripts and
+   process to provision, install and manage third-party dependencies - Abhishek Kumar @Abhishek-Dev09
+ - Improve CSV output and fix manifest path bug #1718 Aditya Viki8 
+ - Add new documentation, as well as tools and process. Ayan Sinha Mahapatra
+ - Add new license detection rules - Ayan Sinha Mahapatra
+ - Improve license detection #1999 - Bryan Sutula
+ - Correct CC0 license #1984 - Carmen Bianca Bakker
+ - Add documentation for the usage of `cpp_includes` plugin - Chin Yeung Li
+ - Improve andling of npm package-lock.json #1993 - Chin Yeung Li
+ - Add new license detection rules - Gaupeng
+ - Improve documentation - Issei Horie
+ - Improve consolidation plugin - Jono Yang @JonoYang
+ - Improve Python wheels detection #1749 - Jono Yang @JonoYang
+ - Add support for BUCK and Bazel build scripts #1678 - Jono Yang @JonoYang
+ - Improve handing of ignores #1748 - Jono Yang @JonoYang
+ - Improved package models #1773 #1532 #1678 #1771 #1791 #1220 - Jono Yang @JonoYang
+ - Parse package lock files for Composer #1850, Yarn #1220, Gemfile.lock #1885 - Jono Yang @JonoYang
+ - Add parser for Alpine 'installed' file #2061 - Jono Yang @JonoYang
+ - Add support for Debian packagesinstalled files  #2058 - Jono Yang @JonoYang
+ - Add new licenses -@Pratikrocks
+ - Improve support for DWARF, ELF and C++ include plugins #1712 #1752#1762 - Li Ha @licodeli
+ - Add support for parsing java class files #1712 #1726- Li Ha @licodeli
+ - Add new license detection rules - @MankaranSingh
+ - Add new duration field to JSON output #1937 - @MankaranSingh
+ - Add new rule for GPL historical note #1794 - Martin Petkov
+ - Add --replace-originals flag to extractcode -Maximilian Huber
+ - Improve Documentation - Michael Herzog
+ - Add new checksum type for sha256 - Nitish @nitish81299
+ - Improve documentation - Philippe Ombredanne
+ - Add new license detection rules and improve detection #1777 #1720 #1734 #1486 #1757 #1749 #1283 #1795 #2214 #1978
+ - Add new license detection rules and improve detection #2187 #2188 #2189 #1904 #2207 #1905 #419 #2190 #1910 #1911 
+ - Add new license detection rules and improve detection #1841 #1913 #1795 #2124 #2145 #1800 #2200 #2206 #2186
+ - Allow to call "run_scan" as a function #1780 
+ - Update license data to SPDX 3.7 #1789
+ - Collect matched license text correctly including with Turkish diacritics #1872
+ - Detect SPDX license identifiers #2007
+ - Add Windows 64 as supported platform #616
+ - Add and improve support for archive with lzip, lz4 and zstd #245 #2044 #2045
+ - Detect licenses in debian copyright files #2058
+ - Improve copyright detections #2140
+ - Improve FSF, unicode and Perl license detection - Qingmin Duanmu
+ - Add COSLi and ethical licenses - Ravi @JRavi2
+ - Add tests for extract.py and extract_cli.py - Ravi @JRavi2
+ - Add a new copyright to grammar - Richard Menzies
+ - Fix external URLs in documentation - Ritiek Malhotra
+ - Improve doc - Rohit Potter
+ - Correct configure on Windows and improve doc - Sebastian Schuberth
+ - Improve license detection. Add tests for #1758 and #1691- Shankhadeep Dey
+ - Improve tests of utility code - Shivam Chauhan
+ - Improve tests and documentation - Shivam Sandbhor @sbs2001
+ - Add new hippocratic license #1739 - Shivam Sandbhor
+ - Add new and improved licenses - Steven Esser @majurg
+ - Improve test suite - Steven Esser @majurg
+ - Improve fingerprint plugin #1690 - Steven Esser @majurg
+ - Add support for Debian packages #2058  - Steven Esser @majurg
+ - Improve FreeBSD support - @aj4ayushjain
+ - Add new plugins to get native code from install packages - @aj4ayushjain
+ - Fix license name and data - Thomas Steenbergen
+ - Improve runtime support for FreeBSD #1695  @knobix
+ - Update macOS image on azure pipeline @TG1999
+ - Improve documentation - @Vinay0001     
+
+
+v3.1.1 (2019-09-04)
+-------------------
+
+Major new feature:
+
+ - Complete port to Python 3.6+ #295 @Abhishek-Dev09
+
+New features:
+
+ - Improve package manifest support for #1643 RPMs, #1628 Cran, Python #1600, Maven #1649 Chef #1600 @licodeli @JonoYang
+ - Add plugin to collect ELF and LKM clues #1685 @licodeli
+ - Add runtime support for FreeBSD #1695  @knobix
+ - Add support to extract lzip archives #245 #989
+ - Add new consolidation plugin #1686 @JonoYang
+
+Other features and fixes:
+
+ - Improve license detection #1700 #1704 #1701
+ - Improve copyright detection #1672
+ - Improve handling of plugins for native binaries @aj4ayushjain
+ - Add CODE OF CONDUCT @inishchith
+ - Fix extractcode error #749
+ - Add new version notification #111 #1688 @jdaguil 
+
+
+v3.1.0 (2019-08-12)
+-------------------
+
+ - Add partial suport for Python 3.6+ #295 @Abhishek-Dev09
+ - Add plugin to collect dwarf references #1167 @licodeli
+ - Add fingerprint plugin #1651 @arnav-mandal1234
+ - Add summary and consolidation plugin #1673
+ - Improve license detection #1606 #1659 #1675 
+ - Improve copyright detection #1672
+ - Add owned files to package manifests #1554 @JonoYang
+ - Improve package manifest support for Conda #1147, Bower and Python @licodeli
+ - Add an option to include the original matched license text #1668 #260 @LemoShi
 
-OS support:
- - Add 10.15 macOS tests to azure-pipelines
 
 v3.0.2 (2019-02-15)
 -------------------

diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,46 @@
+#
+# Copyright (c) 2018 nexB Inc. and others. All rights reserved.
+# http://nexb.com and https://github.com/nexB/scancode-toolkit/
+# The ScanCode software is licensed under the Apache License version 2.0.
+# Data generated with ScanCode require an acknowledgment.
+# ScanCode is a trademark of nexB Inc.
+#
+# You may not use this software except in compliance with the License.
+# You may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software distributed
+# under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+# CONDITIONS OF ANY KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations under the License.
+#
+# When you publish or redistribute any data created with ScanCode or any ScanCode
+# derivative work, you must accompany this data with the following acknowledgment:
+#
+#  Generated with ScanCode and provided on an "AS IS" BASIS, WITHOUT WARRANTIES
+#  OR CONDITIONS OF ANY KIND, either express or implied. No content created from
+#  ScanCode should be considered or used as legal advice. Consult an Attorney
+#  for any legal advice.
+#  ScanCode is a free software code scanning tool from nexB Inc. and others.
+#  Visit https://github.com/nexB/scancode-toolkit/ for support and download.
+
+FROM python:3.6 
+
+# Requirements as per https://scancode-toolkit.readthedocs.io/en/latest/getting-started/install.html
+RUN apt-get update && apt-get install bzip2 xz-utils zlib1g libxml2-dev libxslt1-dev
+
+# Create directory for scancode sources
+RUN mkdir scancode-toolkit
+
+# Copy sources into docker container
+COPY . scancode-toolkit
+
+# Set workdir
+WORKDIR scancode-toolkit
+
+# Run scancode once for initial configuration, with --reindex-licenses to create the base license index
+RUN ./scancode --reindex-licenses
+
+# Add scancode to path
+ENV PATH=$HOME/scancode-toolkit:$PATH
+
+# Set entrypoint to be the scancode command, allows to run the generated docker image directly with the scancode arguments: `docker run (...) <containername> <scancode arguments>`
+ENTRYPOINT ["./scancode"]
diff --git a/INSTALL.rst b/INSTALL.rst
@@ -2,9 +2,10 @@
 Installation
 ============
 
-There are 3 main ways you can `install ScanCode <https://scancode-toolkit.readthedocs.io/en/latest/getting-started/install.html>`_.
+There are 4 main ways you can `install ScanCode <https://scancode-toolkit.readthedocs.io/en/latest/getting-started/install.html>`_.
 
 - Installation as an Application: Downloading Releases (Recommended)
+- Docker Installation
 - Installation as a library: via pip
 - Installation from Source Code: Git Clone
 
@@ -32,14 +33,30 @@ Installation as an Application : Downloading Releases
     - Linux/Mac : ``./scancode --help``
     - Windows : ``scancode --help``
 
+Docker Installation
+-------------------
+
+#. Download the Source Code as an archive from the `GitHub releases <https://github.com/nexB/scancode-toolkit/releases>`_ and unzip it, or via `git clone`.
+
+#. Build the docker image from the `scancode-toolkit` directory.::
+
+	docker build -t scancode-toolkit .
+
+#. Mount current working directory and run scan on mounted folder::
+
+    docker run -v $PWD/:/project scancode-toolkit -clpeui --json-pp /project/result.json /project
+
+Note that the parameters *before* ``scancode-toolkit`` are used for docker,
+those after will be forwarded to scancode.
+
 Installation as a library: via pip
 ----------------------------------
 
 #. Create a Python 3.6 Virtual Environment and activate the same::
 
     virtualenv -p /usr/bin/python3.6 venv-scancode && source venv-scancode/bin/activate
 
-#. Run ``pip install scancode-toolkit`` 
+#. Run ``pip install scancode-toolkit[full]``
 
 Installation from Source Code: Git Clone
 ----------------------------------------

diff --git a/NOTICE b/NOTICE
@@ -19,7 +19,7 @@ derivative work, you must accompany this data with the following acknowledgment:
 
   Generated with ScanCode and provided on an "AS IS" BASIS, WITHOUT WARRANTIES
   OR CONDITIONS OF ANY KIND, either express or implied. No content created from
-  ScanCode should be considered or used as legal advice. Consult an Attorney
+  ScanCode should be considered or used as legal advice. Consult an attorney
   for any legal advice.
   ScanCode is a free software code scanning tool from nexB Inc. and others.
   Visit https://github.com/nexB/scancode-toolkit/ for support and download.
-Original file line number
+Diff line change
@@ Expand Up / @@ -79,3 +79,5 @@ pyvenv.cfg @@
     lib64
     tcl
     /.env
+    *.orig