Skip to content

Commit

Permalink
GH-40899: [CI][Java] Check dependency licenses
Browse files Browse the repository at this point in the history
  • Loading branch information
@lidavidm
lidavidm committed Mar 29, 2024
1 parent 96f686b commit b663c70
Showing 1 changed file with 39 additions and 0 deletions.
39 changes: 39 additions & 0 deletions ci/scripts/java_test.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,4 +58,43 @@ if [ "${ARROW_JAVA_CDATA}" = "ON" ]; then
${mvn} clean test -Parrow-c-data -pl c -Darrow.c.jni.dist.dir=${java_jni_dist_dir}
fi

echo "=== Checking third-party licenses ==="

${mvn} \
license:add-third-party \
-Dlicense.excludedScopes=provided,test \
-Dlicense.excludeTransitiveDependencies=true \
-Dlicense.failOnMissing=true \
-Dlicense.failIfWarning=true

set +x

# Ignore grep returning 1 on no match
function safegrep { grep "$@" || test $? = 1; }

fail=0
for report in $(find . -type f -name THIRD-PARTY.txt); do
echo "=== Checking ${report} ==="
# Include-list of safe licenses
bad_deps=$(cat "${report}" |
safegrep -v -e '^$' |
safegrep -v -E "Lists of.*dependencies" |
safegrep -v "The Apache Software License, Version 2.0" |
safegrep -v "Apache License, Version 2.0" |
safegrep -v "Apache License V2.0" |
safegrep -v "Apache 2.0" |
safegrep -v "Apache-2.0" |
safegrep -v --fixed-strings "BSD 2-Clause License" |
safegrep -v --fixed-strings "BSD-3-Clause" |
safegrep -v "Bouncy Castle Licence" |
safegrep -i -v "MIT license" |
safegrep -v "Public Domain")
if [ -n "${bad_deps}" ]; then
echo "Found bad dependencies in ${report}:"
echo "${bad_deps}"
fail=$((fail + 1))
fi
done
exit ${fail}

popd

0 comments on commit b663c70

Please sign in to comment.