Make license package more resilient to unexpected output #189
Conversation
When classifying a file, the list of secondary licenses was nil. We now return the rest of the licenses detected by the classifier. Signed-off-by: Adolfo García Veytia (Puerco) <[email protected]>
If the license classifier returned unknown licenses, the license module returned an error. We now simply ignore them as we pull the official SPDX licenses and we know which ones are correct. Signed-off-by: Adolfo García Veytia (Puerco) <[email protected]>
As of v2.0.0, the license classifier returns "Copyright" as one of the license tags. If we let it go the license module will ignore it but it will write it to the debug output. So we simply skip it. Signed-off-by: Adolfo García Veytia (Puerco) <[email protected]>
This commit reduces the verbosity of the licensing code. Messages are still available when running with --log-level=debug. Signed-off-by: Adolfo García Veytia (Puerco) <[email protected]>
k8s-ci-robot
added
the
kind/cleanup
k8s-ci-robot
added
cncf-cla: yes
puerco
changed the title
| // as one of the license tags. If we let it go the license module | ||
| // will ignore it but it will write it to the debug output. | ||
| // So we simply skip it. | ||
| if match.Name == "Copyright" { |
There was a problem hiding this comment.
I was not sure if that was correct, i see now
k8s-ci-robot
added
do-not-merge/hold
|
The CLI runs. It should run in |
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cpanato, jeremyrickard, puerco, xmudrii The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@cpanato let me know when we can lift the hold to test krel 🚀 |
2 similar comments
|
@cpanato let me know when we can lift the hold to test krel 🚀 |
|
@cpanato let me know when we can lift the hold to test krel 🚀 |
|
/unhold |
k8s-ci-robot
removed
the
do-not-merge/hold
|
doing the update in krel and testing |
What type of PR is this?
/kind bug
/kind cleanup
What this PR does / why we need it:
This PR improves the licensing code to be more resilient when encountering unexpected license tags in the
classifier output. Since v2.0.0, [the classifier will now return a pseudo license tag when finding copyright information] in files. This caused our libraries to return an error when scanning files.
It also fixes another bug where the secondary license list was lost after scanning and classifying a file.
The verbosity of the licensing code has now been reduced to make it more understandable.
Which issue(s) this PR fixes:
Part of kubernetes/release#2729
Special notes for your reviewer:
/assign @jeremyrickard @xmudrii @cpanato
Does this PR introduce a user-facing change?