diff --git a/.gitignore b/.gitignore index 0b1b5d27857..7f655fde3f9 100644 --- a/.gitignore +++ b/.gitignore @@ -111,4 +111,7 @@ geckodriver.log var .metaflow selenium -/dist/ \ No newline at end of file +/dist/ + +# Ignore extra rpmdb sqlite stuff +rpmdb.sqlite-* diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 23be4861734..cf9daae9a42 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -49,6 +49,10 @@ v32.1.0 (next, roadmap) the SPDX list. And the rest have been added as new licenses. For more details see https://github.com/nexB/scancode-toolkit/pull/3554 +- Upgraded spdx-tools dependency to v0.8. + See https://github.com/nexB/scancode-toolkit/issues/3455 + + v32.0.8 - 2023-10-11 ------------------------ diff --git a/docs/Makefile b/docs/Makefile index 649b9e371a3..4eeef58cf35 100644 --- a/docs/Makefile +++ b/docs/Makefile @@ -5,6 +5,7 @@ # from the environment for the first two. SPHINXOPTS ?= SPHINXBUILD ?= sphinx-build +SPHINXAUTOBUILD = sphinx-autobuild SOURCEDIR = source BUILDDIR = build @@ -14,6 +15,13 @@ help: .PHONY: help Makefile +# Run the development server using sphinx-autobuild +docs: + @echo + @echo "Starting up the docs server..." + @echo + $(SPHINXAUTOBUILD) --port 8000 --watch ${SOURCEDIR} $(SOURCEDIR) "$(BUILDDIR)/html" $(SPHINXOPTS) $(O) + # Catch-all target: route all unknown targets to Sphinx using the new # "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS). %: Makefile diff --git a/docs/make.bat b/docs/make.bat index 6247f7e2317..4a3c1a48527 100644 --- a/docs/make.bat +++ b/docs/make.bat @@ -7,11 +7,16 @@ REM Command file for Sphinx documentation if "%SPHINXBUILD%" == "" ( set SPHINXBUILD=sphinx-build ) +if "%SPHINXAUTOBUILD%" == "" ( + set SPHINXAUTOBUILD=sphinx-autobuild +) set SOURCEDIR=source set BUILDDIR=build if "%1" == "" goto help +if "%1" == "docs" goto docs + %SPHINXBUILD% >NUL 2>NUL if errorlevel 9009 ( echo. @@ -28,6 +33,13 @@ if errorlevel 9009 ( %SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% %O% goto end +:docs +@echo +@echo Starting up the docs server... +@echo +%SPHINXAUTOBUILD% --port 8000 --watch %SOURCEDIR% %SOURCEDIR% %BUILDDIR%\html %SPHINXOPTS% %O% +goto end + :help %SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS% %O% diff --git a/docs/source/conf.py b/docs/source/conf.py index 069309ad7ac..f4e4527eb99 100644 --- a/docs/source/conf.py +++ b/docs/source/conf.py @@ -29,8 +29,13 @@ extensions = [ "sphinx.ext.intersphinx", "sphinx_reredirects", + 'sphinx_rtd_theme', + "sphinx_rtd_dark_mode", + "sphinx.ext.extlinks", + "sphinx_copybutton", ] +default_dark_mode = False # Redirects for olds pages # See https://documatt.gitlab.io/sphinx-reredirects/usage.html @@ -46,7 +51,7 @@ intersphinx_mapping = { "aboutcode": ("https://aboutcode.readthedocs.io/en/latest/", None), - "scancode-workbench": ("https://scancode-workbench.readthedocs.io/en/develop/", None), + "scancode-workbench": ("https://scancode-workbench.readthedocs.io/en/latest/", None), } diff --git a/docs/source/reference/license-detection-reference.rst b/docs/source/reference/license-detection-reference.rst index a0c1e3025fa..62bbbe65ec3 100644 --- a/docs/source/reference/license-detection-reference.rst +++ b/docs/source/reference/license-detection-reference.rst @@ -30,6 +30,8 @@ implemented: Some other elements are still WIP, see `issue #3300 `_ for more details on this. +.. _what-is-a-licensedetection: + What is a LicenseDetection? --------------------------- diff --git a/docs/source/tutorials/how_to_visualize_scan_results.rst b/docs/source/tutorials/how_to_visualize_scan_results.rst index ef26041e302..f88b5b108ab 100644 --- a/docs/source/tutorials/how_to_visualize_scan_results.rst +++ b/docs/source/tutorials/how_to_visualize_scan_results.rst @@ -3,109 +3,14 @@ How to Visualize Scan results ============================= -In this simple tutorial example, we import results from a basic scan performed on the ``samples`` -directory distributed by default with Scancode, and visualize the outputs through -Scancode Workbench. +To help visualize the scans, we have a dedicated tool `Scancode workbench `_ which is a desktop application that allows you to visualize and explore the results of one or more scans. It is a cross-platform application that runs on Windows, Mac OS X and Linux. It is built using the Electron framework and is built using Electron, Typescript & React + +Detailed Installation and Usage guide can be found here - :ref:`scancode-workbench:getting-started` .. WARNING:: - This tutorial uses the 3.1.1 version of Scancode Toolkit, and Scancode Workbench 3.1.0 (This - beta version of ScanCode Workbench is compatible with scans from any ScanCode Toolkit develop - version/branch at or after v3.0.2). If you are using an older version of Scancode Toolkit, check + This tutorial uses the 32.x version of Scancode Toolkit, and Scancode Workbench 4.0.x (This version of ScanCode Workbench is compatible with scans from any ScanCode Toolkit develop + version/branch at or after v32.x). If you are using an older version of Scancode Toolkit, check respective versions of this documentation. Also refer the Scancode Workbench `release highlights `_. - .. - [ToDo] - Add Windows/MacOS Support and remove this WARNING. - -.. WARNING:: - - This tutorial is for Linux based systems presently. Additional Help for Windows/MacOS will be - added. - -Setting up Scancode Workbench ------------------------------ - -According to the Installation instructions for the Workbench, we have to install Node.js 6.x or later. -Refer to Node.js install `instructions `_ here. - -You can also run the following commands:: - - sudo apt-get install -y nodejs - sudo npm install npm@5.2.0 -g - -After ``Node.js`` and ``npm`` is installed and get the Scancode Workbench 3.1.0 tarball from the -`Workbench Release Page `_. Extract -the package and then launch Scancode Workbench:: - - ./ScanCode-Workbench - -This opens the Workbench. - -.. note:: - - You can also build Scancode Toolkit and Scancode Workbench from source. Clone the repository, - don't forget to checkout to the specific release using ``git checkout ``, and follow - the build instructions. You will ll also have to create a Python virtual environment. - - - -Importing Data into Scancode Workbench --------------------------------------- - -#. Click on the ``File -> Import JSON File`` or Press ``Ctrl + I``. - -#. Select the file from the pop-up window. - -#. Select a Name and Location (where you want it later) for the .sqlite output file. - -.. note:: - - You can also import a .sqlite file you've saved in the past to load scan results. As it is much - faster, once you've imported the JSON file and a corresponding SQLite file has been created, - you shouldn't repeat this. Instead, import the SQLite file next time you want to visualize the - same scan result. - -Visualization -------------- - -Views -^^^^^ - -Refer to the workbench documentation for more information on Visualization. - -The dashboard has a general overview. - -.. image:: /tutorials/data/workbench_dashboard.png - -There are three main views (They appear in the same order in the GIFs): - -- Chart Summary View, -- Table View, -- Components Summary View. - -.. image:: /tutorials/data/views_sample.gif - -Filters -^^^^^^^ - -You can also click any file/directory on the file list located on the right, to filter the results -such that it only contains results from that File/Directory. - -.. image:: /tutorials/data/filter_sample.gif - -Components -^^^^^^^^^^ - -Refer :ref:`workbench_components` for more information on Components. - -In the table view, - -#. Apply filters by selecting Files/Directories -#. Right Click on the Left Panel -#. Select ``Edit Component`` -#. A pop-up opens with fields, make necessary edits and Save. -#. Go to the Component Summary View to see the Component. - -.. image:: /tutorials/data/components_sample.gif diff --git a/requirements.txt b/requirements.txt index c0be0ce3d44..439a6966aad 100644 --- a/requirements.txt +++ b/requirements.txt @@ -64,7 +64,7 @@ requests==2.28.1 saneyaml==0.6.0 six==1.16.0 soupsieve==2.3.2.post1 -spdx-tools==0.7.0rc0 +spdx-tools==0.8.1 text-unidecode==1.3 toml==0.10.2 typecode==30.0.1 diff --git a/setup-mini.cfg b/setup-mini.cfg index a6639bf05c7..fd465ecbf76 100644 --- a/setup-mini.cfg +++ b/setup-mini.cfg @@ -105,7 +105,7 @@ install_requires = pymaven_patch >= 0.2.8 requests >= 2.7.0 saneyaml >= 0.6.0 - spdx_tools == 0.7.0rc0 + spdx_tools == 0.8.1 text_unidecode >= 1.0 toml >= 0.10.0 urlpy @@ -141,6 +141,9 @@ docs = sphinx_rtd_theme >= 0.5.1 sphinx-reredirects >= 0.1.2 doc8 >= 0.8.1 + sphinx-autobuild + sphinx-rtd-dark-mode>=1.3.0 + sphinx-copybutton # linux-only package handling packages = diff --git a/setup.cfg b/setup.cfg index bfc590461e2..7fc938a2e32 100644 --- a/setup.cfg +++ b/setup.cfg @@ -105,7 +105,7 @@ install_requires = pymaven_patch >= 0.2.8 requests >= 2.7.0 saneyaml >= 0.6.0 - spdx_tools == 0.7.0rc0 + spdx_tools == 0.8.1 text_unidecode >= 1.0 toml >= 0.10.0 urlpy @@ -141,6 +141,9 @@ docs = sphinx_rtd_theme >= 0.5.1 sphinx-reredirects >= 0.1.2 doc8 >= 0.8.1 + sphinx-autobuild + sphinx-rtd-dark-mode>=1.3.0 + sphinx-copybutton # linux-only package handling packages = diff --git a/src/formattedcode/output_spdx.py b/src/formattedcode/output_spdx.py index e904c173f02..2b12ff2f083 100644 --- a/src/formattedcode/output_spdx.py +++ b/src/formattedcode/output_spdx.py @@ -9,22 +9,10 @@ import os import sys import uuid +from datetime import datetime from io import BytesIO from io import StringIO -from spdx.checksum import Checksum -from spdx.checksum import ChecksumAlgorithm -from spdx.creationinfo import Tool -from spdx.document import ExtractedLicense -from spdx.document import Document -from spdx.license import License -from spdx.file import File -from spdx.package import Package -from spdx.relationship import Relationship -from spdx.utils import calc_verif_code -from spdx.utils import NoAssert -from spdx.utils import SPDXNone -from spdx.version import Version from license_expression import Licensing from commoncode.cliutils import OUTPUT_GROUP @@ -32,6 +20,22 @@ from commoncode.fileutils import file_name from commoncode.fileutils import parent_directory from commoncode.text import python_safe_name +from spdx_tools.spdx.model import SpdxNoAssertion +from spdx_tools.spdx.model import Version +from spdx_tools.spdx.model import CreationInfo +from spdx_tools.spdx.model import Actor +from spdx_tools.spdx.model import ActorType +from spdx_tools.spdx.model import Document +from spdx_tools.spdx.model import Package +from spdx_tools.spdx.model import File +from spdx_tools.spdx.model import Checksum +from spdx_tools.spdx.model import ChecksumAlgorithm +from spdx_tools.spdx.model import ExtractedLicensingInfo +from spdx_tools.spdx.model import SpdxNone +from spdx_tools.spdx.model import Relationship +from spdx_tools.spdx.model import RelationshipType +from spdx_tools.spdx.spdx_element_utils import calculate_package_verification_code + from formattedcode import FileOptionType from licensedcode.detection import get_matches_from_detection_mappings from plugincode.output import output_impl @@ -63,50 +67,6 @@ def logger_debug(*args): Output plugins to write scan results in SPDX format. """ -_spdx_list_is_patched = False - - -def _patch_license_list(): - """ - Patch the SPDX Python library license list to match the list of ScanCode - known SPDX licenses. - """ - global _spdx_list_is_patched - if not _spdx_list_is_patched: - from spdx.config import LICENSE_MAP - from licensedcode.models import load_licenses - licenses = load_licenses(with_deprecated=True) - spdx_licenses = get_licenses_by_spdx_key(licenses.values()) - LICENSE_MAP.update(spdx_licenses) - _spdx_list_is_patched = True - - -def get_licenses_by_spdx_key(licenses): - """ - Return a mapping of {spdx_key: license object} given a ``license`` sequence - of License objects. - """ - spdx_licenses = {} - for lic in licenses: - if not (lic.spdx_license_key or lic.other_spdx_license_keys): - continue - - if lic.spdx_license_key: - name = lic.name - slk = lic.spdx_license_key - spdx_licenses[slk] = name - spdx_licenses[name] = slk - - for other_spdx in lic.other_spdx_license_keys: - if not (other_spdx and other_spdx.strip()): - continue - slk = other_spdx - spdx_licenses[slk] = name - spdx_licenses[name] = slk - - return spdx_licenses - - @output_impl class SpdxTvOutput(OutputPlugin): @@ -220,7 +180,7 @@ def write_spdx( tool_version, notice, package_name='', - download_location=NoAssert(), + download_location=SpdxNoAssertion(), as_tagvalue=True, spdx_version = (2, 2), with_notice_text=False, @@ -240,7 +200,6 @@ def write_spdx( licensing = Licensing() as_rdf = not as_tagvalue - _patch_license_list() ns_prefix = '_'.join(package_name.lower().split()) comment = notice + f'\nSPDX License List: {scancode_config.spdx_license_list_version}' @@ -248,29 +207,36 @@ def write_spdx( version_major, version_minor = scancode_config.spdx_license_list_version.split(".") spdx_license_list_version = Version(major=version_major, minor=version_minor) - doc = Document( - version=Version(*spdx_version), - data_license=License.from_identifier('CC0-1.0'), - comment=notice, - namespace=f'http://spdx.org/spdxdocs/{ns_prefix}-{uuid.uuid4()}', - license_list_version=scancode_config.spdx_license_list_version, - name='SPDX Document created by ScanCode Toolkit' + tool_name = tool_name or 'ScanCode' + creator = Actor(ActorType.TOOL, f'{tool_name} {tool_version}') + + creation_info = CreationInfo( + spdx_id="SPDXRef-DOCUMENT", + spdx_version=f"SPDX-{spdx_version[0]}.{spdx_version[1]}", + data_license='CC0-1.0', + document_comment=comment, + document_namespace=f'http://spdx.org/spdxdocs/{ns_prefix}-{uuid.uuid4()}', + license_list_version=spdx_license_list_version, + name='SPDX Document created by ScanCode Toolkit', + creators=[creator], + created=datetime.now(), ) - tool_name = tool_name or 'ScanCode' - doc.creation_info.add_creator(Tool(f'{tool_name} {tool_version}')) - doc.creation_info.set_created_now() - doc.creation_info.license_list_version = spdx_license_list_version package_id = '001' - package = doc.package = Package( + package = Package( name=package_name, download_location=download_location, spdx_id=f'SPDXRef-{package_id}', ) + doc = Document( + creation_info=creation_info, + packages=[package], + ) + # Use a set of unique copyrights for the package. - package.cr_text = set() + package_copyright_texts = set() all_files_have_no_license = True all_files_have_no_copyright = True @@ -285,13 +251,18 @@ def write_spdx( # Set a relative file name as that is what we want in # SPDX output (with explicit leading './'). name = './' + file_data.get('path') - file_entry = File( - spdx_id=f'SPDXRef-{sid}', - name=name) + if file_data.get('file_type') == 'empty': - file_entry.set_checksum(Checksum(ChecksumAlgorithm.SHA1, "da39a3ee5e6b4b0d3255bfef95601890afd80709")) + checksum = Checksum(ChecksumAlgorithm.SHA1, "da39a3ee5e6b4b0d3255bfef95601890afd80709") else: - file_entry.set_checksum(Checksum(ChecksumAlgorithm.SHA1, file_data.get('sha1') or '')) + # FIXME: this sets the checksum of a file to the empty string hash if unknown; tracked in https://github.com/nexB/scancode-toolkit/issues/3453 + checksum = Checksum(ChecksumAlgorithm.SHA1, file_data.get('sha1') or 'da39a3ee5e6b4b0d3255bfef95601890afd80709') + + file_entry = File( + spdx_id=f'SPDXRef-{sid}', + name=name, + checksums=[checksum] + ) file_license_detections = file_data.get('license_detections') license_matches = get_matches_from_detection_mappings(file_license_detections) @@ -312,63 +283,63 @@ def write_spdx( spdx_id = f'LicenseRef-scancode-{license_key}' is_license_ref = spdx_id.lower().startswith('licenseref-') - if not is_license_ref: - spdx_license = License.from_identifier(spdx_id) - else: - spdx_license = ExtractedLicense(spdx_id) - spdx_license.name = file_license.short_name + spdx_license = licensing.parse(spdx_id) + + if is_license_ref: + text = match.get('matched_text') # FIXME: replace this with the licensedb URL comment = ( f'See details at https://github.com/nexB/scancode-toolkit' - f'/blob/develop/src/licensedcode/data/licenses/{license_key}.yml\n' + f'/blob/develop/src/licensedcode/data/licenses/{license_key}.LICENSE\n' ) - spdx_license.comment = comment - text = match.get('matched_text') - # always set some text, even if we did not extract the - # matched text - if not text: - text = comment - spdx_license.text = text - doc.add_extr_lic(spdx_license) + extracted_license = ExtractedLicensingInfo( + license_id=spdx_id, + # always set some text, even if we did not extract the + # matched text + extracted_text=text if text else comment, + license_name=file_license.short_name, + comment=comment, + ) + doc.extracted_licensing_info.append(extracted_license) # Add licenses in the order they appear in the file. Maintaining # the order might be useful for provenance purposes. - file_entry.add_lics(spdx_license) - package.add_lics_from_file(spdx_license) + file_entry.license_info_in_file.append(spdx_license) + package.license_info_from_files.append(spdx_license) elif license_matches is None: all_files_have_no_license = False - file_entry.add_lics(NoAssert()) + file_entry.license_info_in_file.append(SpdxNoAssertion()) else: - file_entry.add_lics(SPDXNone()) + file_entry.license_info_in_file.append(SpdxNone()) - file_entry.conc_lics = NoAssert() + file_entry.license_concluded = SpdxNoAssertion() file_copyrights = file_data.get('copyrights') if file_copyrights: all_files_have_no_copyright = False - file_entry.copyright = [] + copyrights = [] for file_copyright in file_copyrights: - file_entry.copyright.append(file_copyright.get('copyright')) + copyrights.append(file_copyright.get('copyright')) - package.cr_text.update(file_entry.copyright) + package_copyright_texts.update(copyrights) # Create a text of copyright statements in the order they appear in # the file. Maintaining the order might be useful for provenance # purposes. - file_entry.copyright = '\n'.join(file_entry.copyright) + '\n' + file_entry.copyright_text = '\n'.join(copyrights) + '\n' elif file_copyrights is None: all_files_have_no_copyright = False - file_entry.copyright = NoAssert() + file_entry.copyright_text = SpdxNoAssertion() else: - file_entry.copyright = SPDXNone() + file_entry.copyright_text = SpdxNone() - doc.add_file(file_entry) - relationship = Relationship(f'{package.spdx_id} CONTAINS {file_entry.spdx_id}') - doc.add_relationship(relationship) + doc.files.append(file_entry) + relationship = Relationship(package.spdx_id, RelationshipType.CONTAINS, file_entry.spdx_id) + doc.relationships.append(relationship) if not doc.files: if as_tagvalue: @@ -379,33 +350,29 @@ def write_spdx( output_file.write(msg) # Remove duplicate licenses from the list for the package. - unique_licenses = {l.identifier: l for l in package.licenses_from_files} - unique_licenses = list(unique_licenses.values()) - if not len(package.licenses_from_files): + package.license_info_from_files = list(set(package.license_info_from_files)) + if not package.license_info_from_files: if all_files_have_no_license: - package.licenses_from_files = [SPDXNone()] + package.license_info_from_files = [SpdxNone()] else: - package.licenses_from_files = [NoAssert()] + package.license_info_from_files = [SpdxNoAssertion()] else: # List license identifiers alphabetically for the package. - package.licenses_from_files = sorted( - unique_licenses, - key=lambda x: x.identifier, - ) + package.license_info_from_files = sorted(package.license_info_from_files) - if len(package.cr_text) == 0: + if not package_copyright_texts: if all_files_have_no_copyright: - package.cr_text = SPDXNone() + package.copyright_text = SpdxNone() else: - package.cr_text = NoAssert() + package.copyright_text = SpdxNoAssertion() else: # Create a text of alphabetically sorted copyright # statements for the package. - package.cr_text = '\n'.join(sorted(package.cr_text)) + '\n' + package.copyright_text = '\n'.join(sorted(package_copyright_texts)) + '\n' - package.verif_code = calc_verif_code(doc.files) - package.license_declared = NoAssert() - package.conc_lics = NoAssert() + package.verification_code = calculate_package_verification_code(doc.files) + package.license_declared = SpdxNoAssertion() + package.license_concluded = SpdxNoAssertion() # The spdx-tools write_document returns either: # - unicode for tag values @@ -416,19 +383,15 @@ def write_spdx( # in the other case we deal with text all the way. if doc.files: - - if as_tagvalue: - from spdx.writers.tagvalue import write_document # NOQA - elif as_rdf: - from spdx.writers.rdf import write_document # NOQA - if as_tagvalue: + from spdx_tools.spdx.writer.tagvalue.tagvalue_writer import write_document_to_stream # NOQA spdx_output = StringIO() elif as_rdf: + from spdx_tools.spdx.writer.rdf.rdf_writer import write_document_to_stream # NOQA # rdf is utf-encoded bytes spdx_output = BytesIO() - write_document(doc, spdx_output, validate=False) + write_document_to_stream(doc, spdx_output, validate=False) result = spdx_output.getvalue() if as_rdf: diff --git a/src/packagedcode/npm.py b/src/packagedcode/npm.py index 6059850448e..c831aa8e855 100644 --- a/src/packagedcode/npm.py +++ b/src/packagedcode/npm.py @@ -623,15 +623,21 @@ def parse(cls, location): elif not line.startswith(' ') and stripped.endswith(':'): # the first line of a dependency has the name and requirements # "@babel/core@^7.1.0", "@babel/core@^7.3.4": + # For aliases: "@alias@npm:@package@^12": requirements = stripped.strip(':').split(', ') requirements = [r.strip().strip("\"'") for r in requirements] for req in requirements: if req.startswith('@'): - assert req.count('@') == 2 + # 2 = package, 4 = alias + assert req.count('@') in [2, 4] ns_name, _, constraint = req.rpartition('@') ns, _ , name = ns_name.rpartition('/') constraint = constraint.strip("\"'") + # If we have an alias, just keep the package part: + # @npm: + if "@npm:" in ns: + ns = ns.split(':')[1] top_requirements.append((ns, name, constraint,)) else: diff --git a/src/packagedcode/rpm.py b/src/packagedcode/rpm.py index 7fb1d95763c..bcbe8294070 100644 --- a/src/packagedcode/rpm.py +++ b/src/packagedcode/rpm.py @@ -232,10 +232,9 @@ class RpmInstalledNdbDatabaseHandler(BaseRpmInstalledDatabaseHandler): # TODO: add dependencies!!! class RpmInstalledSqliteDatabaseHandler(BaseRpmInstalledDatabaseHandler): - # used by newer RHEL/CentOS/Fedora + # used by newer RHEL/CentOS/Fedora/CoreOS datasource_id = 'rpm_installed_database_sqlite' - path_patterns = ('*var/lib/rpm/rpmdb.sqlite',) - filetypes = ('berkeley',) + path_patterns = ('*rpm/rpmdb.sqlite',) default_package_type = 'rpm' default_package_namespace = 'TBD' description = 'RPM installed package SQLite database' diff --git a/tests/formattedcode/data/spdx/license_known/expected.rdf b/tests/formattedcode/data/spdx/license_known/expected.rdf index 085fefa63de..9bb9ac120d6 100644 --- a/tests/formattedcode/data/spdx/license_known/expected.rdf +++ b/tests/formattedcode/data/spdx/license_known/expected.rdf @@ -1,117 +1,105 @@ { "rdf:RDF": { - "ns1:SpdxDocument": { - "ns1:name": { - "@rdf:resource": "SPDX Document created by ScanCode Toolkit" + "spdx:Package": { + "spdx:filesAnalyzed": { + "#text": "true", + "@rdf:datatype": "http://www.w3.org/2001/XMLSchema#boolean" }, - "ns1:dataLicense": { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + "spdx:downloadLocation": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:describesPackage": { - "ns1:Package": { - "ns1:Package": { - "@rdf:resource": "SPDXRef-001" - }, - "ns1:downloadLocation": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseDeclared": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:copyrightText": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:licenseInfoFromFiles": [ - { - "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" - }, - { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" - } - ], - "ns1:hasFile": [ - { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-2" - }, - { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-3" - } - ], - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-Package", - "ns1:name": "scan" - } + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseDeclared": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:referencesFile": [ + "@rdf:about": "#SPDXRef-001", + "spdx:licenseInfoFromFiles": [ { - "ns1:File": { - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:copyrightText": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "2b8b815229aa8a61e483fb4ba0588b8b6c491890", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/apache-2.0.LICENSE", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-2" - } + "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" }, { - "ns1:File": { - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:copyrightText": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "172444e7c137eb5cd3cae530aca0879c90f7fada", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/cc0-1.0.LICENSE", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-3" - } + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" } ], - "ns1:relationship": [ + "spdx:packageVerificationCode": { + "spdx:PackageVerificationCode": { + "spdx:packageVerificationCodeValue": "517c26f04b5a3edaaa0c17bf1a6571953209e209" + } + }, + "spdx:relationship": [ { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-2" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" + }, + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "@rdf:about": "#SPDXRef-2", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "2b8b815229aa8a61e483fb4ba0588b8b6c491890" + } + }, + "spdx:fileName": "./scan/apache-2.0.LICENSE", + "spdx:copyrightText": "NONE" + } + } } }, { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-3" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "@rdf:about": "#SPDXRef-3", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "172444e7c137eb5cd3cae530aca0879c90f7fada" + } + }, + "spdx:fileName": "./scan/cc0-1.0.LICENSE", + "spdx:copyrightText": "NONE" + } + } } } ], - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-DOCUMENT", - "ns1:specVersion": "SPDX-2.2" + "spdx:copyrightText": "NONE", + "spdx:name": "scan" + }, + "spdx:SpdxDocument": { + "spdx:dataLicense": { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + "@rdf:about": "#SPDXRef-DOCUMENT", + "rdfs:comment": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.\nSPDX License List: 3.21", + "spdx:name": "SPDX Document created by ScanCode Toolkit", + "spdx:specVersion": "SPDX-2.2" }, - "@xmlns:ns1": "http://spdx.org/rdf/terms#", - "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#" + "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#", + "@xmlns:rdfs": "http://www.w3.org/2000/01/rdf-schema#", + "@xmlns:spdx": "http://spdx.org/rdf/terms#" } } \ No newline at end of file diff --git a/tests/formattedcode/data/spdx/license_known/expected.tv b/tests/formattedcode/data/spdx/license_known/expected.tv index 89243ce54ac..794e54b535f 100644 --- a/tests/formattedcode/data/spdx/license_known/expected.tv +++ b/tests/formattedcode/data/spdx/license_known/expected.tv @@ -1,35 +1,36 @@ -# Document Information +## Document Information SPDXVersion: SPDX-2.2 DataLicense: CC0-1.0 -DocumentNamespace: http://spdx.org/spdxdocs/scan -DocumentName: SPDX Document created by ScanCode Toolkit -LicenseListVersion: 3.20 SPDXID: SPDXRef-DOCUMENT +DocumentName: SPDX Document created by ScanCode Toolkit +DocumentNamespace: http://spdx.org/spdxdocs/scan DocumentComment: Generated with ScanCode and provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. No content created from ScanCode should be considered or used as legal advice. Consult an Attorney for any legal advice. ScanCode is a free software code scanning tool from nexB Inc. and others. -Visit https://github.com/nexB/scancode-toolkit/ for support and download. -# Creation Info -# Package +Visit https://github.com/nexB/scancode-toolkit/ for support and download. +SPDX License List: 3.21 +## Creation Information +## Package Information PackageName: scan SPDXID: SPDXRef-001 PackageDownloadLocation: NOASSERTION +FilesAnalyzed: True PackageVerificationCode: 517c26f04b5a3edaaa0c17bf1a6571953209e209 -PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageLicenseInfoFromFiles: Apache-2.0 PackageLicenseInfoFromFiles: CC0-1.0 +PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NONE -# File +## File Information FileName: ./scan/apache-2.0.LICENSE SPDXID: SPDXRef-2 FileChecksum: SHA1: 2b8b815229aa8a61e483fb4ba0588b8b6c491890 LicenseConcluded: NOASSERTION LicenseInfoInFile: Apache-2.0 FileCopyrightText: NONE -# File +## File Information FileName: ./scan/cc0-1.0.LICENSE SPDXID: SPDXRef-3 FileChecksum: SHA1: 172444e7c137eb5cd3cae530aca0879c90f7fada diff --git a/tests/formattedcode/data/spdx/license_known/expected_with_text.rdf b/tests/formattedcode/data/spdx/license_known/expected_with_text.rdf index 085fefa63de..9bb9ac120d6 100644 --- a/tests/formattedcode/data/spdx/license_known/expected_with_text.rdf +++ b/tests/formattedcode/data/spdx/license_known/expected_with_text.rdf @@ -1,117 +1,105 @@ { "rdf:RDF": { - "ns1:SpdxDocument": { - "ns1:name": { - "@rdf:resource": "SPDX Document created by ScanCode Toolkit" + "spdx:Package": { + "spdx:filesAnalyzed": { + "#text": "true", + "@rdf:datatype": "http://www.w3.org/2001/XMLSchema#boolean" }, - "ns1:dataLicense": { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + "spdx:downloadLocation": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:describesPackage": { - "ns1:Package": { - "ns1:Package": { - "@rdf:resource": "SPDXRef-001" - }, - "ns1:downloadLocation": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseDeclared": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:copyrightText": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:licenseInfoFromFiles": [ - { - "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" - }, - { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" - } - ], - "ns1:hasFile": [ - { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-2" - }, - { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-3" - } - ], - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-Package", - "ns1:name": "scan" - } + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseDeclared": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:referencesFile": [ + "@rdf:about": "#SPDXRef-001", + "spdx:licenseInfoFromFiles": [ { - "ns1:File": { - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:copyrightText": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "2b8b815229aa8a61e483fb4ba0588b8b6c491890", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/apache-2.0.LICENSE", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-2" - } + "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" }, { - "ns1:File": { - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:copyrightText": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "172444e7c137eb5cd3cae530aca0879c90f7fada", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/cc0-1.0.LICENSE", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-3" - } + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" } ], - "ns1:relationship": [ + "spdx:packageVerificationCode": { + "spdx:PackageVerificationCode": { + "spdx:packageVerificationCodeValue": "517c26f04b5a3edaaa0c17bf1a6571953209e209" + } + }, + "spdx:relationship": [ { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-2" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" + }, + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "@rdf:about": "#SPDXRef-2", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "2b8b815229aa8a61e483fb4ba0588b8b6c491890" + } + }, + "spdx:fileName": "./scan/apache-2.0.LICENSE", + "spdx:copyrightText": "NONE" + } + } } }, { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-3" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "@rdf:about": "#SPDXRef-3", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "172444e7c137eb5cd3cae530aca0879c90f7fada" + } + }, + "spdx:fileName": "./scan/cc0-1.0.LICENSE", + "spdx:copyrightText": "NONE" + } + } } } ], - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-DOCUMENT", - "ns1:specVersion": "SPDX-2.2" + "spdx:copyrightText": "NONE", + "spdx:name": "scan" + }, + "spdx:SpdxDocument": { + "spdx:dataLicense": { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + "@rdf:about": "#SPDXRef-DOCUMENT", + "rdfs:comment": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.\nSPDX License List: 3.21", + "spdx:name": "SPDX Document created by ScanCode Toolkit", + "spdx:specVersion": "SPDX-2.2" }, - "@xmlns:ns1": "http://spdx.org/rdf/terms#", - "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#" + "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#", + "@xmlns:rdfs": "http://www.w3.org/2000/01/rdf-schema#", + "@xmlns:spdx": "http://spdx.org/rdf/terms#" } } \ No newline at end of file diff --git a/tests/formattedcode/data/spdx/license_known/expected_with_text.tv b/tests/formattedcode/data/spdx/license_known/expected_with_text.tv index 89243ce54ac..794e54b535f 100644 --- a/tests/formattedcode/data/spdx/license_known/expected_with_text.tv +++ b/tests/formattedcode/data/spdx/license_known/expected_with_text.tv @@ -1,35 +1,36 @@ -# Document Information +## Document Information SPDXVersion: SPDX-2.2 DataLicense: CC0-1.0 -DocumentNamespace: http://spdx.org/spdxdocs/scan -DocumentName: SPDX Document created by ScanCode Toolkit -LicenseListVersion: 3.20 SPDXID: SPDXRef-DOCUMENT +DocumentName: SPDX Document created by ScanCode Toolkit +DocumentNamespace: http://spdx.org/spdxdocs/scan DocumentComment: Generated with ScanCode and provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. No content created from ScanCode should be considered or used as legal advice. Consult an Attorney for any legal advice. ScanCode is a free software code scanning tool from nexB Inc. and others. -Visit https://github.com/nexB/scancode-toolkit/ for support and download. -# Creation Info -# Package +Visit https://github.com/nexB/scancode-toolkit/ for support and download. +SPDX License List: 3.21 +## Creation Information +## Package Information PackageName: scan SPDXID: SPDXRef-001 PackageDownloadLocation: NOASSERTION +FilesAnalyzed: True PackageVerificationCode: 517c26f04b5a3edaaa0c17bf1a6571953209e209 -PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageLicenseInfoFromFiles: Apache-2.0 PackageLicenseInfoFromFiles: CC0-1.0 +PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NONE -# File +## File Information FileName: ./scan/apache-2.0.LICENSE SPDXID: SPDXRef-2 FileChecksum: SHA1: 2b8b815229aa8a61e483fb4ba0588b8b6c491890 LicenseConcluded: NOASSERTION LicenseInfoInFile: Apache-2.0 FileCopyrightText: NONE -# File +## File Information FileName: ./scan/cc0-1.0.LICENSE SPDXID: SPDXRef-3 FileChecksum: SHA1: 172444e7c137eb5cd3cae530aca0879c90f7fada diff --git a/tests/formattedcode/data/spdx/license_ref/expected.rdf b/tests/formattedcode/data/spdx/license_ref/expected.rdf index 1d18dff8684..349076a8a7a 100644 --- a/tests/formattedcode/data/spdx/license_ref/expected.rdf +++ b/tests/formattedcode/data/spdx/license_ref/expected.rdf @@ -1,154 +1,127 @@ { "rdf:RDF": { - "ns1:SpdxDocument": { - "ns1:name": { - "@rdf:resource": "SPDX Document created by ScanCode Toolkit" + "spdx:Package": { + "spdx:filesAnalyzed": { + "#text": "true", + "@rdf:datatype": "http://www.w3.org/2001/XMLSchema#boolean" }, - "ns1:dataLicense": { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + "spdx:downloadLocation": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:referencesFile": { - "ns1:File": { - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseInfoInFile": [ - { - "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" - }, - { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" - }, - { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-other-copyleft", - "ns1:licenseName": "Other Copyleft Licenses", - "ns1:extractedText": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.yml", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.yml" - } - }, - { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-other-permissive", - "ns1:licenseName": "Other Permissive Licenses", - "ns1:extractedText": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.yml", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.yml" - } - }, - { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-scancode-acknowledgment", - "ns1:licenseName": "ScanCode generated data acknowledgment", - "ns1:extractedText": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.yml", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.yml" - } - } - ], - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "f9c28fa2714ad0c2e36d3e5561afb0031fa76831", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/NOTICE", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-2", - "ns1:copyrightText": "Copyright (c) 2017 nexB Inc. and others" - } + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:describesPackage": { - "ns1:Package": { - "ns1:Package": { - "@rdf:resource": "SPDXRef-001" - }, - "ns1:downloadLocation": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseDeclared": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:hasFile": { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-2" - }, - "ns1:licenseInfoFromFiles": [ - { - "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" - }, - { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" - }, - { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-other-copyleft", - "ns1:licenseName": "Other Copyleft Licenses", - "ns1:extractedText": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.yml", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.yml" - } - }, - { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-other-permissive", - "ns1:licenseName": "Other Permissive Licenses", - "ns1:extractedText": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.yml", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.yml" - } - }, - { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-scancode-acknowledgment", - "ns1:licenseName": "ScanCode generated data acknowledgment", - "ns1:extractedText": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.yml", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.yml" - } - } - ], - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-Package", - "ns1:copyrightText": "Copyright (c) 2017 nexB Inc. and others", - "ns1:name": "scan" + "spdx:licenseDeclared": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "@rdf:about": "#SPDXRef-001", + "spdx:licenseInfoFromFiles": [ + { + "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" + }, + { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-other-copyleft" + }, + { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-other-permissive" + }, + { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-scancode-acknowledgment" + } + ], + "spdx:packageVerificationCode": { + "spdx:PackageVerificationCode": { + "spdx:packageVerificationCodeValue": "b49eeefd776fb76555378d07fd05d986a249a2b3" } }, - "ns1:relationship": { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:relationship": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-2" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "@rdf:about": "#SPDXRef-2", + "spdx:licenseInfoInFile": [ + { + "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" + }, + { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-other-copyleft" + }, + { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-other-permissive" + }, + { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-scancode-acknowledgment" + } + ], + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "f9c28fa2714ad0c2e36d3e5561afb0031fa76831" + } + }, + "spdx:fileName": "./scan/NOTICE", + "spdx:copyrightText": "Copyright (c) 2017 nexB Inc. and others" + } + } } }, - "ns1:hasExtractedLicensingInfo": [ + "spdx:copyrightText": "Copyright (c) 2017 nexB Inc. and others", + "spdx:name": "scan" + }, + "spdx:SpdxDocument": { + "spdx:dataLicense": { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + "@rdf:about": "#SPDXRef-DOCUMENT", + "spdx:hasExtractedLicensingInfo": [ { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-other-copyleft", - "ns1:licenseName": "Other Copyleft Licenses", - "ns1:extractedText": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.yml", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.yml" + "spdx:ExtractedLicensingInfo": { + "@rdf:about": "#LicenseRef-scancode-other-copyleft", + "spdx:licenseId": "LicenseRef-scancode-other-copyleft", + "spdx:name": "Other Copyleft Licenses", + "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.LICENSE", + "spdx:extractedText": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.LICENSE" } }, { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-other-permissive", - "ns1:licenseName": "Other Permissive Licenses", - "ns1:extractedText": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.yml", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.yml" + "spdx:ExtractedLicensingInfo": { + "@rdf:about": "#LicenseRef-scancode-other-permissive", + "spdx:licenseId": "LicenseRef-scancode-other-permissive", + "spdx:name": "Other Permissive Licenses", + "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.LICENSE", + "spdx:extractedText": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.LICENSE" } }, { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-scancode-acknowledgment", - "ns1:licenseName": "ScanCode generated data acknowledgment", - "ns1:extractedText": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.yml", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.yml" + "spdx:ExtractedLicensingInfo": { + "@rdf:about": "#LicenseRef-scancode-scancode-acknowledgment", + "spdx:licenseId": "LicenseRef-scancode-scancode-acknowledgment", + "spdx:name": "ScanCode acknowledgment", + "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.LICENSE", + "spdx:extractedText": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.LICENSE" } } ], - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-DOCUMENT", - "ns1:specVersion": "SPDX-2.2" + "rdfs:comment": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.\nSPDX License List: 3.21", + "spdx:name": "SPDX Document created by ScanCode Toolkit", + "spdx:specVersion": "SPDX-2.2" }, - "@xmlns:ns1": "http://spdx.org/rdf/terms#", "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#", - "@xmlns:rdfs": "http://www.w3.org/2000/01/rdf-schema#" + "@xmlns:rdfs": "http://www.w3.org/2000/01/rdf-schema#", + "@xmlns:spdx": "http://spdx.org/rdf/terms#" } } \ No newline at end of file diff --git a/tests/formattedcode/data/spdx/license_ref/expected.tv b/tests/formattedcode/data/spdx/license_ref/expected.tv index bff117893bc..491c4103955 100644 --- a/tests/formattedcode/data/spdx/license_ref/expected.tv +++ b/tests/formattedcode/data/spdx/license_ref/expected.tv @@ -1,59 +1,60 @@ -# Document Information +## Document Information SPDXVersion: SPDX-2.2 DataLicense: CC0-1.0 -DocumentNamespace: http://spdx.org/spdxdocs/scan -DocumentName: SPDX Document created by ScanCode Toolkit -LicenseListVersion: 3.20 SPDXID: SPDXRef-DOCUMENT +DocumentName: SPDX Document created by ScanCode Toolkit +DocumentNamespace: http://spdx.org/spdxdocs/scan DocumentComment: Generated with ScanCode and provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. No content created from ScanCode should be considered or used as legal advice. Consult an Attorney for any legal advice. ScanCode is a free software code scanning tool from nexB Inc. and others. -Visit https://github.com/nexB/scancode-toolkit/ for support and download. -# Creation Info -# Package +Visit https://github.com/nexB/scancode-toolkit/ for support and download. +SPDX License List: 3.21 +## Creation Information +## Package Information PackageName: scan SPDXID: SPDXRef-001 PackageDownloadLocation: NOASSERTION +FilesAnalyzed: True PackageVerificationCode: b49eeefd776fb76555378d07fd05d986a249a2b3 -PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageLicenseInfoFromFiles: Apache-2.0 PackageLicenseInfoFromFiles: CC0-1.0 PackageLicenseInfoFromFiles: LicenseRef-scancode-other-copyleft PackageLicenseInfoFromFiles: LicenseRef-scancode-other-permissive PackageLicenseInfoFromFiles: LicenseRef-scancode-scancode-acknowledgment +PackageLicenseDeclared: NOASSERTION PackageCopyrightText: Copyright (c) 2017 nexB Inc. and others -# File +## File Information FileName: ./scan/NOTICE SPDXID: SPDXRef-2 FileChecksum: SHA1: f9c28fa2714ad0c2e36d3e5561afb0031fa76831 LicenseConcluded: NOASSERTION LicenseInfoInFile: Apache-2.0 +LicenseInfoInFile: LicenseRef-scancode-scancode-acknowledgment LicenseInfoInFile: CC0-1.0 -LicenseInfoInFile: LicenseRef-scancode-other-copyleft LicenseInfoInFile: LicenseRef-scancode-other-permissive -LicenseInfoInFile: LicenseRef-scancode-scancode-acknowledgment +LicenseInfoInFile: LicenseRef-scancode-other-copyleft FileCopyrightText: Copyright (c) 2017 nexB Inc. and others -# Extracted Licenses -LicenseID: LicenseRef-scancode-other-copyleft -LicenseName: Other Copyleft Licenses -LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.yml +## License Information +LicenseID: LicenseRef-scancode-scancode-acknowledgment +ExtractedText: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.LICENSE -ExtractedText: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.yml +LicenseName: ScanCode acknowledgment +LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.LICENSE LicenseID: LicenseRef-scancode-other-permissive -LicenseName: Other Permissive Licenses -LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.yml +ExtractedText: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.LICENSE -ExtractedText: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.yml +LicenseName: Other Permissive Licenses +LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.LICENSE -LicenseID: LicenseRef-scancode-scancode-acknowledgment -LicenseName: ScanCode generated data acknowledgment -LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.yml +LicenseID: LicenseRef-scancode-other-copyleft +ExtractedText: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.LICENSE -ExtractedText: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.yml +LicenseName: Other Copyleft Licenses +LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.LICENSE \ No newline at end of file diff --git a/tests/formattedcode/data/spdx/license_ref/expected_with_text.rdf b/tests/formattedcode/data/spdx/license_ref/expected_with_text.rdf index 5f82f5fba81..a03483b114b 100644 --- a/tests/formattedcode/data/spdx/license_ref/expected_with_text.rdf +++ b/tests/formattedcode/data/spdx/license_ref/expected_with_text.rdf @@ -1,154 +1,127 @@ { "rdf:RDF": { - "ns1:SpdxDocument": { - "ns1:name": { - "@rdf:resource": "SPDX Document created by ScanCode Toolkit" + "spdx:Package": { + "spdx:filesAnalyzed": { + "#text": "true", + "@rdf:datatype": "http://www.w3.org/2001/XMLSchema#boolean" }, - "ns1:dataLicense": { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + "spdx:downloadLocation": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:referencesFile": { - "ns1:File": { - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseInfoInFile": [ - { - "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" - }, - { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" - }, - { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-other-copyleft", - "ns1:licenseName": "Other Copyleft Licenses", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.yml", - "ns1:extractedText": "Software license\n================\n\nCopyright (c) 2017 nexB Inc. and others. All rights reserved.\nhttp://nexb.com and https://github.com/nexB/scancode-toolkit/\nThe ScanCode software is licensed under the Apache License version 2.0.\nData generated with ScanCode require an acknowledgment.\nScanCode is a trademark of nexB Inc.\n\nYou may not use this software except in compliance with the License.\nYou may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\nWhen you publish or redistribute any data created with ScanCode or any ScanCode\nderivative work, you must accompany this data with the following acknowledgment:\n\n Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\n OR CONDITIONS OF ANY KIND, either express or implied. No content created from\n ScanCode should be considered or used as legal advice. Consult an Attorney\n for any legal advice.\n ScanCode is a free software code scanning tool from nexB Inc. and others.\n Visit https://github.com/nexB/scancode-toolkit/ for support and download.\n\n\nThird-party software licenses\n=============================\n\nScanCode embeds third-party free and open source software packages under various\nlicenses including copyleft licenses. Some of the third-party software packages\nare delivered as pre-built binaries. The origin and license of these packages is\ndocumented by .ABOUT files.\n\nThe corresponding source code for pre-compiled third-party software is available\nfor immediate download from the same release page where you obtained ScanCode at:\nhttps://github.com/nexB/scancode-toolkit/\nor https://github.com/nexB/scancode-thirdparty-src/\n\nYou may also contact us to request the source code by email at info@nexb.com or\nby postal mail at:\n\n nexB Inc., ScanCode open source code request\n 735 Industrial Road, Suite #101, 94070 San Carlos, CA, USA\n\nPlease indicate in your communication the ScanCode version for which you are\nrequesting source code.\n\n\nLicense for ScanCode datasets\n=============================\n\nScanCode includes datasets (e.g. for license detection) that are dedicated\nto the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0)\nPublic Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/" - } - }, - { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-other-permissive", - "ns1:licenseName": "Other Permissive Licenses", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.yml", - "ns1:extractedText": "Software license\n================\n\nCopyright (c) 2017 nexB Inc. and others. All rights reserved.\nhttp://nexb.com and https://github.com/nexB/scancode-toolkit/\nThe ScanCode software is licensed under the Apache License version 2.0.\nData generated with ScanCode require an acknowledgment.\nScanCode is a trademark of nexB Inc.\n\nYou may not use this software except in compliance with the License.\nYou may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\nWhen you publish or redistribute any data created with ScanCode or any ScanCode\nderivative work, you must accompany this data with the following acknowledgment:\n\n Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\n OR CONDITIONS OF ANY KIND, either express or implied. No content created from\n ScanCode should be considered or used as legal advice. Consult an Attorney\n for any legal advice.\n ScanCode is a free software code scanning tool from nexB Inc. and others.\n Visit https://github.com/nexB/scancode-toolkit/ for support and download.\n\n\nThird-party software licenses\n=============================\n\nScanCode embeds third-party free and open source software packages under various\nlicenses including copyleft licenses. Some of the third-party software packages\nare delivered as pre-built binaries. The origin and license of these packages is\ndocumented by .ABOUT files.\n\nThe corresponding source code for pre-compiled third-party software is available\nfor immediate download from the same release page where you obtained ScanCode at:\nhttps://github.com/nexB/scancode-toolkit/\nor https://github.com/nexB/scancode-thirdparty-src/\n\nYou may also contact us to request the source code by email at info@nexb.com or\nby postal mail at:\n\n nexB Inc., ScanCode open source code request\n 735 Industrial Road, Suite #101, 94070 San Carlos, CA, USA\n\nPlease indicate in your communication the ScanCode version for which you are\nrequesting source code.\n\n\nLicense for ScanCode datasets\n=============================\n\nScanCode includes datasets (e.g. for license detection) that are dedicated\nto the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0)\nPublic Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/" - } - }, - { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-scancode-acknowledgment", - "ns1:licenseName": "ScanCode generated data acknowledgment", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.yml", - "ns1:extractedText": "Software license\n================\n\nCopyright (c) 2017 nexB Inc. and others. All rights reserved.\nhttp://nexb.com and https://github.com/nexB/scancode-toolkit/\nThe ScanCode software is licensed under the Apache License version 2.0.\nData generated with ScanCode require an acknowledgment.\nScanCode is a trademark of nexB Inc.\n\nYou may not use this software except in compliance with the License.\nYou may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\nWhen you publish or redistribute any data created with ScanCode or any ScanCode\nderivative work, you must accompany this data with the following acknowledgment:\n\n Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\n OR CONDITIONS OF ANY KIND, either express or implied. No content created from\n ScanCode should be considered or used as legal advice. Consult an Attorney\n for any legal advice.\n ScanCode is a free software code scanning tool from nexB Inc. and others.\n Visit https://github.com/nexB/scancode-toolkit/ for support and download.\n\n\nThird-party software licenses\n=============================\n\nScanCode embeds third-party free and open source software packages under various\nlicenses including copyleft licenses. Some of the third-party software packages\nare delivered as pre-built binaries. The origin and license of these packages is\ndocumented by .ABOUT files.\n\nThe corresponding source code for pre-compiled third-party software is available\nfor immediate download from the same release page where you obtained ScanCode at:\nhttps://github.com/nexB/scancode-toolkit/\nor https://github.com/nexB/scancode-thirdparty-src/\n\nYou may also contact us to request the source code by email at info@nexb.com or\nby postal mail at:\n\n nexB Inc., ScanCode open source code request\n 735 Industrial Road, Suite #101, 94070 San Carlos, CA, USA\n\nPlease indicate in your communication the ScanCode version for which you are\nrequesting source code.\n\n\nLicense for ScanCode datasets\n=============================\n\nScanCode includes datasets (e.g. for license detection) that are dedicated\nto the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0)\nPublic Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/" - } - } - ], - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "f9c28fa2714ad0c2e36d3e5561afb0031fa76831", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/NOTICE", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-2", - "ns1:copyrightText": "Copyright (c) 2017 nexB Inc. and others" - } + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:describesPackage": { - "ns1:Package": { - "ns1:Package": { - "@rdf:resource": "SPDXRef-001" - }, - "ns1:downloadLocation": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseDeclared": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:hasFile": { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-2" - }, - "ns1:licenseInfoFromFiles": [ - { - "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" - }, - { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" - }, - { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-other-copyleft", - "ns1:licenseName": "Other Copyleft Licenses", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.yml", - "ns1:extractedText": "Software license\n================\n\nCopyright (c) 2017 nexB Inc. and others. All rights reserved.\nhttp://nexb.com and https://github.com/nexB/scancode-toolkit/\nThe ScanCode software is licensed under the Apache License version 2.0.\nData generated with ScanCode require an acknowledgment.\nScanCode is a trademark of nexB Inc.\n\nYou may not use this software except in compliance with the License.\nYou may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\nWhen you publish or redistribute any data created with ScanCode or any ScanCode\nderivative work, you must accompany this data with the following acknowledgment:\n\n Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\n OR CONDITIONS OF ANY KIND, either express or implied. No content created from\n ScanCode should be considered or used as legal advice. Consult an Attorney\n for any legal advice.\n ScanCode is a free software code scanning tool from nexB Inc. and others.\n Visit https://github.com/nexB/scancode-toolkit/ for support and download.\n\n\nThird-party software licenses\n=============================\n\nScanCode embeds third-party free and open source software packages under various\nlicenses including copyleft licenses. Some of the third-party software packages\nare delivered as pre-built binaries. The origin and license of these packages is\ndocumented by .ABOUT files.\n\nThe corresponding source code for pre-compiled third-party software is available\nfor immediate download from the same release page where you obtained ScanCode at:\nhttps://github.com/nexB/scancode-toolkit/\nor https://github.com/nexB/scancode-thirdparty-src/\n\nYou may also contact us to request the source code by email at info@nexb.com or\nby postal mail at:\n\n nexB Inc., ScanCode open source code request\n 735 Industrial Road, Suite #101, 94070 San Carlos, CA, USA\n\nPlease indicate in your communication the ScanCode version for which you are\nrequesting source code.\n\n\nLicense for ScanCode datasets\n=============================\n\nScanCode includes datasets (e.g. for license detection) that are dedicated\nto the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0)\nPublic Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/" - } - }, - { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-other-permissive", - "ns1:licenseName": "Other Permissive Licenses", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.yml", - "ns1:extractedText": "Software license\n================\n\nCopyright (c) 2017 nexB Inc. and others. All rights reserved.\nhttp://nexb.com and https://github.com/nexB/scancode-toolkit/\nThe ScanCode software is licensed under the Apache License version 2.0.\nData generated with ScanCode require an acknowledgment.\nScanCode is a trademark of nexB Inc.\n\nYou may not use this software except in compliance with the License.\nYou may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\nWhen you publish or redistribute any data created with ScanCode or any ScanCode\nderivative work, you must accompany this data with the following acknowledgment:\n\n Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\n OR CONDITIONS OF ANY KIND, either express or implied. No content created from\n ScanCode should be considered or used as legal advice. Consult an Attorney\n for any legal advice.\n ScanCode is a free software code scanning tool from nexB Inc. and others.\n Visit https://github.com/nexB/scancode-toolkit/ for support and download.\n\n\nThird-party software licenses\n=============================\n\nScanCode embeds third-party free and open source software packages under various\nlicenses including copyleft licenses. Some of the third-party software packages\nare delivered as pre-built binaries. The origin and license of these packages is\ndocumented by .ABOUT files.\n\nThe corresponding source code for pre-compiled third-party software is available\nfor immediate download from the same release page where you obtained ScanCode at:\nhttps://github.com/nexB/scancode-toolkit/\nor https://github.com/nexB/scancode-thirdparty-src/\n\nYou may also contact us to request the source code by email at info@nexb.com or\nby postal mail at:\n\n nexB Inc., ScanCode open source code request\n 735 Industrial Road, Suite #101, 94070 San Carlos, CA, USA\n\nPlease indicate in your communication the ScanCode version for which you are\nrequesting source code.\n\n\nLicense for ScanCode datasets\n=============================\n\nScanCode includes datasets (e.g. for license detection) that are dedicated\nto the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0)\nPublic Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/" - } - }, - { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-scancode-acknowledgment", - "ns1:licenseName": "ScanCode generated data acknowledgment", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.yml", - "ns1:extractedText": "Software license\n================\n\nCopyright (c) 2017 nexB Inc. and others. All rights reserved.\nhttp://nexb.com and https://github.com/nexB/scancode-toolkit/\nThe ScanCode software is licensed under the Apache License version 2.0.\nData generated with ScanCode require an acknowledgment.\nScanCode is a trademark of nexB Inc.\n\nYou may not use this software except in compliance with the License.\nYou may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\nWhen you publish or redistribute any data created with ScanCode or any ScanCode\nderivative work, you must accompany this data with the following acknowledgment:\n\n Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\n OR CONDITIONS OF ANY KIND, either express or implied. No content created from\n ScanCode should be considered or used as legal advice. Consult an Attorney\n for any legal advice.\n ScanCode is a free software code scanning tool from nexB Inc. and others.\n Visit https://github.com/nexB/scancode-toolkit/ for support and download.\n\n\nThird-party software licenses\n=============================\n\nScanCode embeds third-party free and open source software packages under various\nlicenses including copyleft licenses. Some of the third-party software packages\nare delivered as pre-built binaries. The origin and license of these packages is\ndocumented by .ABOUT files.\n\nThe corresponding source code for pre-compiled third-party software is available\nfor immediate download from the same release page where you obtained ScanCode at:\nhttps://github.com/nexB/scancode-toolkit/\nor https://github.com/nexB/scancode-thirdparty-src/\n\nYou may also contact us to request the source code by email at info@nexb.com or\nby postal mail at:\n\n nexB Inc., ScanCode open source code request\n 735 Industrial Road, Suite #101, 94070 San Carlos, CA, USA\n\nPlease indicate in your communication the ScanCode version for which you are\nrequesting source code.\n\n\nLicense for ScanCode datasets\n=============================\n\nScanCode includes datasets (e.g. for license detection) that are dedicated\nto the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0)\nPublic Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/" - } - } - ], - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-Package", - "ns1:copyrightText": "Copyright (c) 2017 nexB Inc. and others", - "ns1:name": "scan" + "spdx:licenseDeclared": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "@rdf:about": "#SPDXRef-001", + "spdx:licenseInfoFromFiles": [ + { + "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" + }, + { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-other-copyleft" + }, + { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-other-permissive" + }, + { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-scancode-acknowledgment" + } + ], + "spdx:packageVerificationCode": { + "spdx:PackageVerificationCode": { + "spdx:packageVerificationCodeValue": "b49eeefd776fb76555378d07fd05d986a249a2b3" } }, - "ns1:relationship": { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:relationship": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-2" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "@rdf:about": "#SPDXRef-2", + "spdx:licenseInfoInFile": [ + { + "@rdf:resource": "http://spdx.org/licenses/Apache-2.0" + }, + { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-other-copyleft" + }, + { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-other-permissive" + }, + { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-scancode-acknowledgment" + } + ], + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "f9c28fa2714ad0c2e36d3e5561afb0031fa76831" + } + }, + "spdx:fileName": "./scan/NOTICE", + "spdx:copyrightText": "Copyright (c) 2017 nexB Inc. and others" + } + } } }, - "ns1:hasExtractedLicensingInfo": [ + "spdx:copyrightText": "Copyright (c) 2017 nexB Inc. and others", + "spdx:name": "scan" + }, + "spdx:SpdxDocument": { + "spdx:dataLicense": { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + "@rdf:about": "#SPDXRef-DOCUMENT", + "spdx:hasExtractedLicensingInfo": [ { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-other-copyleft", - "ns1:licenseName": "Other Copyleft Licenses", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.yml", - "ns1:extractedText": "Software license\n================\n\nCopyright (c) 2017 nexB Inc. and others. All rights reserved.\nhttp://nexb.com and https://github.com/nexB/scancode-toolkit/\nThe ScanCode software is licensed under the Apache License version 2.0.\nData generated with ScanCode require an acknowledgment.\nScanCode is a trademark of nexB Inc.\n\nYou may not use this software except in compliance with the License.\nYou may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\nWhen you publish or redistribute any data created with ScanCode or any ScanCode\nderivative work, you must accompany this data with the following acknowledgment:\n\n Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\n OR CONDITIONS OF ANY KIND, either express or implied. No content created from\n ScanCode should be considered or used as legal advice. Consult an Attorney\n for any legal advice.\n ScanCode is a free software code scanning tool from nexB Inc. and others.\n Visit https://github.com/nexB/scancode-toolkit/ for support and download.\n\n\nThird-party software licenses\n=============================\n\nScanCode embeds third-party free and open source software packages under various\nlicenses including copyleft licenses. Some of the third-party software packages\nare delivered as pre-built binaries. The origin and license of these packages is\ndocumented by .ABOUT files.\n\nThe corresponding source code for pre-compiled third-party software is available\nfor immediate download from the same release page where you obtained ScanCode at:\nhttps://github.com/nexB/scancode-toolkit/\nor https://github.com/nexB/scancode-thirdparty-src/\n\nYou may also contact us to request the source code by email at info@nexb.com or\nby postal mail at:\n\n nexB Inc., ScanCode open source code request\n 735 Industrial Road, Suite #101, 94070 San Carlos, CA, USA\n\nPlease indicate in your communication the ScanCode version for which you are\nrequesting source code.\n\n\nLicense for ScanCode datasets\n=============================\n\nScanCode includes datasets (e.g. for license detection) that are dedicated\nto the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0)\nPublic Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/" + "spdx:ExtractedLicensingInfo": { + "@rdf:about": "#LicenseRef-scancode-other-copyleft", + "spdx:licenseId": "LicenseRef-scancode-other-copyleft", + "spdx:name": "Other Copyleft Licenses", + "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.LICENSE", + "spdx:extractedText": "Software license\n================\n\nCopyright (c) 2017 nexB Inc. and others. All rights reserved.\nhttp://nexb.com and https://github.com/nexB/scancode-toolkit/\nThe ScanCode software is licensed under the Apache License version 2.0.\nData generated with ScanCode require an acknowledgment.\nScanCode is a trademark of nexB Inc.\n\nYou may not use this software except in compliance with the License.\nYou may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\nWhen you publish or redistribute any data created with ScanCode or any ScanCode\nderivative work, you must accompany this data with the following acknowledgment:\n\n Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\n OR CONDITIONS OF ANY KIND, either express or implied. No content created from\n ScanCode should be considered or used as legal advice. Consult an Attorney\n for any legal advice.\n ScanCode is a free software code scanning tool from nexB Inc. and others.\n Visit https://github.com/nexB/scancode-toolkit/ for support and download.\n\n\nThird-party software licenses\n=============================\n\nScanCode embeds third-party free and open source software packages under various\nlicenses including copyleft licenses. Some of the third-party software packages\nare delivered as pre-built binaries. The origin and license of these packages is\ndocumented by .ABOUT files.\n\nThe corresponding source code for pre-compiled third-party software is available\nfor immediate download from the same release page where you obtained ScanCode at:\nhttps://github.com/nexB/scancode-toolkit/\nor https://github.com/nexB/scancode-thirdparty-src/\n\nYou may also contact us to request the source code by email at info@nexb.com or\nby postal mail at:\n\n nexB Inc., ScanCode open source code request\n 735 Industrial Road, Suite #101, 94070 San Carlos, CA, USA\n\nPlease indicate in your communication the ScanCode version for which you are\nrequesting source code.\n\n\nLicense for ScanCode datasets\n=============================\n\nScanCode includes datasets (e.g. for license detection) that are dedicated\nto the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0)\nPublic Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/" } }, { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-other-permissive", - "ns1:licenseName": "Other Permissive Licenses", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.yml", - "ns1:extractedText": "Software license\n================\n\nCopyright (c) 2017 nexB Inc. and others. All rights reserved.\nhttp://nexb.com and https://github.com/nexB/scancode-toolkit/\nThe ScanCode software is licensed under the Apache License version 2.0.\nData generated with ScanCode require an acknowledgment.\nScanCode is a trademark of nexB Inc.\n\nYou may not use this software except in compliance with the License.\nYou may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\nWhen you publish or redistribute any data created with ScanCode or any ScanCode\nderivative work, you must accompany this data with the following acknowledgment:\n\n Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\n OR CONDITIONS OF ANY KIND, either express or implied. No content created from\n ScanCode should be considered or used as legal advice. Consult an Attorney\n for any legal advice.\n ScanCode is a free software code scanning tool from nexB Inc. and others.\n Visit https://github.com/nexB/scancode-toolkit/ for support and download.\n\n\nThird-party software licenses\n=============================\n\nScanCode embeds third-party free and open source software packages under various\nlicenses including copyleft licenses. Some of the third-party software packages\nare delivered as pre-built binaries. The origin and license of these packages is\ndocumented by .ABOUT files.\n\nThe corresponding source code for pre-compiled third-party software is available\nfor immediate download from the same release page where you obtained ScanCode at:\nhttps://github.com/nexB/scancode-toolkit/\nor https://github.com/nexB/scancode-thirdparty-src/\n\nYou may also contact us to request the source code by email at info@nexb.com or\nby postal mail at:\n\n nexB Inc., ScanCode open source code request\n 735 Industrial Road, Suite #101, 94070 San Carlos, CA, USA\n\nPlease indicate in your communication the ScanCode version for which you are\nrequesting source code.\n\n\nLicense for ScanCode datasets\n=============================\n\nScanCode includes datasets (e.g. for license detection) that are dedicated\nto the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0)\nPublic Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/" + "spdx:ExtractedLicensingInfo": { + "@rdf:about": "#LicenseRef-scancode-other-permissive", + "spdx:licenseId": "LicenseRef-scancode-other-permissive", + "spdx:name": "Other Permissive Licenses", + "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.LICENSE", + "spdx:extractedText": "Software license\n================\n\nCopyright (c) 2017 nexB Inc. and others. All rights reserved.\nhttp://nexb.com and https://github.com/nexB/scancode-toolkit/\nThe ScanCode software is licensed under the Apache License version 2.0.\nData generated with ScanCode require an acknowledgment.\nScanCode is a trademark of nexB Inc.\n\nYou may not use this software except in compliance with the License.\nYou may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\nWhen you publish or redistribute any data created with ScanCode or any ScanCode\nderivative work, you must accompany this data with the following acknowledgment:\n\n Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\n OR CONDITIONS OF ANY KIND, either express or implied. No content created from\n ScanCode should be considered or used as legal advice. Consult an Attorney\n for any legal advice.\n ScanCode is a free software code scanning tool from nexB Inc. and others.\n Visit https://github.com/nexB/scancode-toolkit/ for support and download.\n\n\nThird-party software licenses\n=============================\n\nScanCode embeds third-party free and open source software packages under various\nlicenses including copyleft licenses. Some of the third-party software packages\nare delivered as pre-built binaries. The origin and license of these packages is\ndocumented by .ABOUT files.\n\nThe corresponding source code for pre-compiled third-party software is available\nfor immediate download from the same release page where you obtained ScanCode at:\nhttps://github.com/nexB/scancode-toolkit/\nor https://github.com/nexB/scancode-thirdparty-src/\n\nYou may also contact us to request the source code by email at info@nexb.com or\nby postal mail at:\n\n nexB Inc., ScanCode open source code request\n 735 Industrial Road, Suite #101, 94070 San Carlos, CA, USA\n\nPlease indicate in your communication the ScanCode version for which you are\nrequesting source code.\n\n\nLicense for ScanCode datasets\n=============================\n\nScanCode includes datasets (e.g. for license detection) that are dedicated\nto the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0)\nPublic Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/" } }, { - "ns1:ExtractedLicensingInfo": { - "ns1:licenseId": "LicenseRef-scancode-scancode-acknowledgment", - "ns1:licenseName": "ScanCode generated data acknowledgment", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.yml", - "ns1:extractedText": "Software license\n================\n\nCopyright (c) 2017 nexB Inc. and others. All rights reserved.\nhttp://nexb.com and https://github.com/nexB/scancode-toolkit/\nThe ScanCode software is licensed under the Apache License version 2.0.\nData generated with ScanCode require an acknowledgment.\nScanCode is a trademark of nexB Inc.\n\nYou may not use this software except in compliance with the License.\nYou may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\nWhen you publish or redistribute any data created with ScanCode or any ScanCode\nderivative work, you must accompany this data with the following acknowledgment:\n\n Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\n OR CONDITIONS OF ANY KIND, either express or implied. No content created from\n ScanCode should be considered or used as legal advice. Consult an Attorney\n for any legal advice.\n ScanCode is a free software code scanning tool from nexB Inc. and others.\n Visit https://github.com/nexB/scancode-toolkit/ for support and download.\n\n\nThird-party software licenses\n=============================\n\nScanCode embeds third-party free and open source software packages under various\nlicenses including copyleft licenses. Some of the third-party software packages\nare delivered as pre-built binaries. The origin and license of these packages is\ndocumented by .ABOUT files.\n\nThe corresponding source code for pre-compiled third-party software is available\nfor immediate download from the same release page where you obtained ScanCode at:\nhttps://github.com/nexB/scancode-toolkit/\nor https://github.com/nexB/scancode-thirdparty-src/\n\nYou may also contact us to request the source code by email at info@nexb.com or\nby postal mail at:\n\n nexB Inc., ScanCode open source code request\n 735 Industrial Road, Suite #101, 94070 San Carlos, CA, USA\n\nPlease indicate in your communication the ScanCode version for which you are\nrequesting source code.\n\n\nLicense for ScanCode datasets\n=============================\n\nScanCode includes datasets (e.g. for license detection) that are dedicated\nto the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0)\nPublic Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/" + "spdx:ExtractedLicensingInfo": { + "@rdf:about": "#LicenseRef-scancode-scancode-acknowledgment", + "spdx:licenseId": "LicenseRef-scancode-scancode-acknowledgment", + "spdx:name": "ScanCode acknowledgment", + "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.LICENSE", + "spdx:extractedText": "Software license\n================\n\nCopyright (c) 2017 nexB Inc. and others. All rights reserved.\nhttp://nexb.com and https://github.com/nexB/scancode-toolkit/\nThe ScanCode software is licensed under the Apache License version 2.0.\nData generated with ScanCode require an acknowledgment.\nScanCode is a trademark of nexB Inc.\n\nYou may not use this software except in compliance with the License.\nYou may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0\nUnless required by applicable law or agreed to in writing, software distributed\nunder the License is distributed on an \"AS IS\" BASIS, WITHOUT WARRANTIES OR\nCONDITIONS OF ANY KIND, either express or implied. See the License for the\nspecific language governing permissions and limitations under the License.\n\nWhen you publish or redistribute any data created with ScanCode or any ScanCode\nderivative work, you must accompany this data with the following acknowledgment:\n\n Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\n OR CONDITIONS OF ANY KIND, either express or implied. No content created from\n ScanCode should be considered or used as legal advice. Consult an Attorney\n for any legal advice.\n ScanCode is a free software code scanning tool from nexB Inc. and others.\n Visit https://github.com/nexB/scancode-toolkit/ for support and download.\n\n\nThird-party software licenses\n=============================\n\nScanCode embeds third-party free and open source software packages under various\nlicenses including copyleft licenses. Some of the third-party software packages\nare delivered as pre-built binaries. The origin and license of these packages is\ndocumented by .ABOUT files.\n\nThe corresponding source code for pre-compiled third-party software is available\nfor immediate download from the same release page where you obtained ScanCode at:\nhttps://github.com/nexB/scancode-toolkit/\nor https://github.com/nexB/scancode-thirdparty-src/\n\nYou may also contact us to request the source code by email at info@nexb.com or\nby postal mail at:\n\n nexB Inc., ScanCode open source code request\n 735 Industrial Road, Suite #101, 94070 San Carlos, CA, USA\n\nPlease indicate in your communication the ScanCode version for which you are\nrequesting source code.\n\n\nLicense for ScanCode datasets\n=============================\n\nScanCode includes datasets (e.g. for license detection) that are dedicated\nto the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0)\nPublic Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/" } } ], - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-DOCUMENT", - "ns1:specVersion": "SPDX-2.2" + "rdfs:comment": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.\nSPDX License List: 3.21", + "spdx:name": "SPDX Document created by ScanCode Toolkit", + "spdx:specVersion": "SPDX-2.2" }, - "@xmlns:ns1": "http://spdx.org/rdf/terms#", "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#", - "@xmlns:rdfs": "http://www.w3.org/2000/01/rdf-schema#" + "@xmlns:rdfs": "http://www.w3.org/2000/01/rdf-schema#", + "@xmlns:spdx": "http://spdx.org/rdf/terms#" } } \ No newline at end of file diff --git a/tests/formattedcode/data/spdx/license_ref/expected_with_text.tv b/tests/formattedcode/data/spdx/license_ref/expected_with_text.tv index a44ce8cf8bc..997ee4bc7f4 100644 --- a/tests/formattedcode/data/spdx/license_ref/expected_with_text.tv +++ b/tests/formattedcode/data/spdx/license_ref/expected_with_text.tv @@ -1,48 +1,46 @@ -# Document Information +## Document Information SPDXVersion: SPDX-2.2 DataLicense: CC0-1.0 -DocumentNamespace: http://spdx.org/spdxdocs/scan -DocumentName: SPDX Document created by ScanCode Toolkit -LicenseListVersion: 3.20 SPDXID: SPDXRef-DOCUMENT +DocumentName: SPDX Document created by ScanCode Toolkit +DocumentNamespace: http://spdx.org/spdxdocs/scan DocumentComment: Generated with ScanCode and provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. No content created from ScanCode should be considered or used as legal advice. Consult an Attorney for any legal advice. ScanCode is a free software code scanning tool from nexB Inc. and others. -Visit https://github.com/nexB/scancode-toolkit/ for support and download. -# Creation Info -# Package +Visit https://github.com/nexB/scancode-toolkit/ for support and download. +SPDX License List: 3.21 +## Creation Information +## Package Information PackageName: scan SPDXID: SPDXRef-001 PackageDownloadLocation: NOASSERTION +FilesAnalyzed: True PackageVerificationCode: b49eeefd776fb76555378d07fd05d986a249a2b3 -PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageLicenseInfoFromFiles: Apache-2.0 PackageLicenseInfoFromFiles: CC0-1.0 PackageLicenseInfoFromFiles: LicenseRef-scancode-other-copyleft PackageLicenseInfoFromFiles: LicenseRef-scancode-other-permissive PackageLicenseInfoFromFiles: LicenseRef-scancode-scancode-acknowledgment +PackageLicenseDeclared: NOASSERTION PackageCopyrightText: Copyright (c) 2017 nexB Inc. and others -# File +## File Information FileName: ./scan/NOTICE SPDXID: SPDXRef-2 FileChecksum: SHA1: f9c28fa2714ad0c2e36d3e5561afb0031fa76831 LicenseConcluded: NOASSERTION LicenseInfoInFile: Apache-2.0 +LicenseInfoInFile: LicenseRef-scancode-scancode-acknowledgment LicenseInfoInFile: CC0-1.0 -LicenseInfoInFile: LicenseRef-scancode-other-copyleft LicenseInfoInFile: LicenseRef-scancode-other-permissive -LicenseInfoInFile: LicenseRef-scancode-scancode-acknowledgment +LicenseInfoInFile: LicenseRef-scancode-other-copyleft FileCopyrightText: Copyright (c) 2017 nexB Inc. and others -# Extracted Licenses -LicenseID: LicenseRef-scancode-other-copyleft -LicenseName: Other Copyleft Licenses -LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.yml - +## License Information +LicenseID: LicenseRef-scancode-scancode-acknowledgment ExtractedText: Software license ================ Copyright (c) 2017 nexB Inc. and others. All rights reserved. @@ -85,10 +83,10 @@ License for ScanCode datasets ScanCode includes datasets (e.g. for license detection) that are dedicated to the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0) Public Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/ -LicenseID: LicenseRef-scancode-other-permissive -LicenseName: Other Permissive Licenses -LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.yml +LicenseName: ScanCode acknowledgment +LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.LICENSE +LicenseID: LicenseRef-scancode-other-permissive ExtractedText: Software license ================ Copyright (c) 2017 nexB Inc. and others. All rights reserved. @@ -131,10 +129,10 @@ License for ScanCode datasets ScanCode includes datasets (e.g. for license detection) that are dedicated to the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0) Public Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/ -LicenseID: LicenseRef-scancode-scancode-acknowledgment -LicenseName: ScanCode generated data acknowledgment -LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/scancode-acknowledgment.yml +LicenseName: Other Permissive Licenses +LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-permissive.LICENSE +LicenseID: LicenseRef-scancode-other-copyleft ExtractedText: Software license ================ Copyright (c) 2017 nexB Inc. and others. All rights reserved. @@ -176,4 +174,7 @@ License for ScanCode datasets ============================= ScanCode includes datasets (e.g. for license detection) that are dedicated to the Public Domain using the Creative Commons CC0 1.0 Universal (CC0 1.0) -Public Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/ \ No newline at end of file +Public Domain Dedication: http://creativecommons.org/publicdomain/zero/1.0/ +LicenseName: Other Copyleft Licenses +LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/other-copyleft.LICENSE + \ No newline at end of file diff --git a/tests/formattedcode/data/spdx/or_later/expected.rdf b/tests/formattedcode/data/spdx/or_later/expected.rdf index ffcc65d831e..d1baeaa9859 100644 --- a/tests/formattedcode/data/spdx/or_later/expected.rdf +++ b/tests/formattedcode/data/spdx/or_later/expected.rdf @@ -1,69 +1,70 @@ { "rdf:RDF": { - "ns1:SpdxDocument": { - "ns1:name": { - "@rdf:resource": "SPDX Document created by ScanCode Toolkit" + "spdx:Package": { + "spdx:filesAnalyzed": { + "#text": "true", + "@rdf:datatype": "http://www.w3.org/2001/XMLSchema#boolean" }, - "ns1:dataLicense": { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + "spdx:licenseInfoFromFiles": { + "@rdf:resource": "http://spdx.org/licenses/LGPL-2.1-or-later" }, - "ns1:referencesFile": { - "ns1:File": { - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/licenses/LGPL-2.1-or-later" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "0c5bf934430394112921e7a1a8128176606d32ca", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./test.java", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-1", - "ns1:copyrightText": "Copyright 2010, Red Hat, Inc. and individual contributors" - } + "spdx:downloadLocation": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:describesPackage": { - "ns1:Package": { - "ns1:Package": { - "@rdf:resource": "SPDXRef-001" - }, - "ns1:licenseInfoFromFiles": { - "@rdf:resource": "http://spdx.org/licenses/LGPL-2.1-or-later" - }, - "ns1:downloadLocation": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseDeclared": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:hasFile": { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-1" - }, - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-Package", - "ns1:copyrightText": "Copyright 2010, Red Hat, Inc. and individual contributors", - "ns1:name": "or_later" + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseDeclared": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "@rdf:about": "#SPDXRef-001", + "spdx:packageVerificationCode": { + "spdx:PackageVerificationCode": { + "spdx:packageVerificationCodeValue": "3d10812af2cfe561f6de355e5176505123a0bf57" } }, - "ns1:relationship": { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:relationship": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-1" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/licenses/LGPL-2.1-or-later" + }, + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "@rdf:about": "#SPDXRef-1", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "0c5bf934430394112921e7a1a8128176606d32ca" + } + }, + "spdx:fileName": "./test.java", + "spdx:copyrightText": "Copyright 2010, Red Hat, Inc. and individual contributors" + } + } } }, - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-DOCUMENT", - "ns1:specVersion": "SPDX-2.2" + "spdx:copyrightText": "Copyright 2010, Red Hat, Inc. and individual contributors", + "spdx:name": "or_later" + }, + "spdx:SpdxDocument": { + "spdx:dataLicense": { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + "@rdf:about": "#SPDXRef-DOCUMENT", + "rdfs:comment": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.\nSPDX License List: 3.21", + "spdx:name": "SPDX Document created by ScanCode Toolkit", + "spdx:specVersion": "SPDX-2.2" }, - "@xmlns:ns1": "http://spdx.org/rdf/terms#", - "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#" + "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#", + "@xmlns:rdfs": "http://www.w3.org/2000/01/rdf-schema#", + "@xmlns:spdx": "http://spdx.org/rdf/terms#" } } \ No newline at end of file diff --git a/tests/formattedcode/data/spdx/simple/expected.rdf b/tests/formattedcode/data/spdx/simple/expected.rdf index 8f9fc111fd8..357c8a169a1 100644 --- a/tests/formattedcode/data/spdx/simple/expected.rdf +++ b/tests/formattedcode/data/spdx/simple/expected.rdf @@ -1,73 +1,70 @@ { "rdf:RDF": { - "ns1:SpdxDocument": { - "ns1:name": { - "@rdf:resource": "SPDX Document created by ScanCode Toolkit" + "spdx:Package": { + "spdx:filesAnalyzed": { + "#text": "true", + "@rdf:datatype": "http://www.w3.org/2001/XMLSchema#boolean" }, - "ns1:dataLicense": { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + "spdx:downloadLocation": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:referencesFile": { - "ns1:File": { - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:copyrightText": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "b8a793cce3c3a4cd3a4646ddbe86edd542ed0cd8", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./test.txt", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-1" - } + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:describesPackage": { - "ns1:Package": { - "ns1:Package": { - "@rdf:resource": "SPDXRef-001" - }, - "ns1:downloadLocation": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseDeclared": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:copyrightText": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:licenseInfoFromFiles": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:hasFile": { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-1" - }, - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-Package", - "ns1:name": "simple" + "spdx:licenseDeclared": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseInfoFromFiles": { + "@rdf:resource": "http://spdx.org/rdf/terms#none" + }, + "@rdf:about": "#SPDXRef-001", + "spdx:packageVerificationCode": { + "spdx:PackageVerificationCode": { + "spdx:packageVerificationCodeValue": "a83523bcfc10441aa94a575b88aa1d3269902485" } }, - "ns1:relationship": { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:relationship": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-1" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/rdf/terms#none" + }, + "@rdf:about": "#SPDXRef-1", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "b8a793cce3c3a4cd3a4646ddbe86edd542ed0cd8" + } + }, + "spdx:fileName": "./test.txt", + "spdx:copyrightText": "NONE" + } + } } }, - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-DOCUMENT", - "ns1:specVersion": "SPDX-2.2" + "spdx:copyrightText": "NONE", + "spdx:name": "simple" + }, + "spdx:SpdxDocument": { + "spdx:dataLicense": { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + "@rdf:about": "#SPDXRef-DOCUMENT", + "rdfs:comment": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.\nSPDX License List: 3.21", + "spdx:name": "SPDX Document created by ScanCode Toolkit", + "spdx:specVersion": "SPDX-2.2" }, - "@xmlns:ns1": "http://spdx.org/rdf/terms#", - "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#" + "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#", + "@xmlns:rdfs": "http://www.w3.org/2000/01/rdf-schema#", + "@xmlns:spdx": "http://spdx.org/rdf/terms#" } } \ No newline at end of file diff --git a/tests/formattedcode/data/spdx/simple/expected.tv b/tests/formattedcode/data/spdx/simple/expected.tv index 49275a7f643..964482c3e02 100644 --- a/tests/formattedcode/data/spdx/simple/expected.tv +++ b/tests/formattedcode/data/spdx/simple/expected.tv @@ -1,26 +1,28 @@ -# Document Information +## Document Information SPDXVersion: SPDX-2.2 DataLicense: CC0-1.0 -DocumentNamespace: http://spdx.org/spdxdocs/simple -DocumentName: SPDX Document created by ScanCode Toolkit SPDXID: SPDXRef-DOCUMENT +DocumentName: SPDX Document created by ScanCode Toolkit +DocumentNamespace: http://spdx.org/spdxdocs/simple DocumentComment: Generated with ScanCode and provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. No content created from ScanCode should be considered or used as legal advice. Consult an Attorney for any legal advice. ScanCode is a free software code scanning tool from nexB Inc. and others. -Visit https://github.com/nexB/scancode-toolkit/ for support and download. -# Creation Info -# Package +Visit https://github.com/nexB/scancode-toolkit/ for support and download. +SPDX License List: 3.21 +## Creation Information +## Package Information PackageName: simple SPDXID: SPDXRef-001 PackageDownloadLocation: NOASSERTION +FilesAnalyzed: True PackageVerificationCode: a83523bcfc10441aa94a575b88aa1d3269902485 -PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageLicenseInfoFromFiles: NONE +PackageLicenseDeclared: NOASSERTION PackageCopyrightText: NONE -# File +## File Information FileName: ./test.txt SPDXID: SPDXRef-1 FileChecksum: SHA1: b8a793cce3c3a4cd3a4646ddbe86edd542ed0cd8 diff --git a/tests/formattedcode/data/spdx/tree/expected.rdf b/tests/formattedcode/data/spdx/tree/expected.rdf index decaeaffb73..8404243c01c 100644 --- a/tests/formattedcode/data/spdx/tree/expected.rdf +++ b/tests/formattedcode/data/spdx/tree/expected.rdf @@ -1,261 +1,240 @@ { "rdf:RDF": { - "ns1:SpdxDocument": { - "ns1:name": { - "@rdf:resource": "SPDX Document created by ScanCode Toolkit" + "spdx:Package": { + "spdx:filesAnalyzed": { + "#text": "true", + "@rdf:datatype": "http://www.w3.org/2001/XMLSchema#boolean" }, - "ns1:dataLicense": { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + "spdx:downloadLocation": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:describesPackage": { - "ns1:Package": { - "ns1:Package": { - "@rdf:resource": "SPDXRef-001" - }, - "ns1:downloadLocation": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseDeclared": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseInfoFromFiles": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:hasFile": [ - { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-2" - }, - { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-3" - }, - { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-4" - }, - { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-6" - }, - { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-7" - }, - { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-8" - }, - { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-9" - } - ], - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-Package", - "ns1:copyrightText": "Copyright (c) 2000 ACME, Inc.", - "ns1:name": "scan" - } + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:referencesFile": [ - { - "ns1:File": { - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "3922760d8492eb8f853c10a627f5a73f9eaec6ff", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/copy1.c", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-2", - "ns1:copyrightText": "Copyright (c) 2000 ACME, Inc." - } - }, - { - "ns1:File": { - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "3922760d8492eb8f853c10a627f5a73f9eaec6ff", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/copy2.c", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-3", - "ns1:copyrightText": "Copyright (c) 2000 ACME, Inc." - } - }, - { - "ns1:File": { - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "c91811eb5fdc7ab440355f9f8d1580e1518b0c2f", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/copy3.c", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-4", - "ns1:copyrightText": "Copyright (c) 2000 ACME, Inc." - } - }, - { - "ns1:File": { - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "3922760d8492eb8f853c10a627f5a73f9eaec6ff", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/subdir/copy1.c", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-6", - "ns1:copyrightText": "Copyright (c) 2000 ACME, Inc." - } - }, - { - "ns1:File": { - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "3922760d8492eb8f853c10a627f5a73f9eaec6ff", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/subdir/copy2.c", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-7", - "ns1:copyrightText": "Copyright (c) 2000 ACME, Inc." - } - }, - { - "ns1:File": { - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "389af7e629a9853056e42b262d5e30bf4579a74f", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/subdir/copy3.c", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-8", - "ns1:copyrightText": "Copyright (c) 2000 ACME, Inc." - } - }, - { - "ns1:File": { - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseInfoInFile": { - "@rdf:resource": "http://spdx.org/rdf/terms#none" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "58748872d25374160692f1ed7075d0fe80a544b1", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:fileName": "./scan/subdir/copy4.c", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-9", - "ns1:copyrightText": "Copyright (c) 2000 ACME, Inc." - } + "spdx:licenseDeclared": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseInfoFromFiles": { + "@rdf:resource": "http://spdx.org/rdf/terms#none" + }, + "@rdf:about": "#SPDXRef-001", + "spdx:packageVerificationCode": { + "spdx:PackageVerificationCode": { + "spdx:packageVerificationCodeValue": "ed7a0c42e0411fe584d7c6d04105416593624be3" } - ], - "ns1:relationship": [ + }, + "spdx:relationship": [ { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-2" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/rdf/terms#none" + }, + "@rdf:about": "#SPDXRef-2", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "3922760d8492eb8f853c10a627f5a73f9eaec6ff" + } + }, + "spdx:fileName": "./scan/copy1.c", + "spdx:copyrightText": "Copyright (c) 2000 ACME, Inc." + } + } } }, { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-3" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/rdf/terms#none" + }, + "@rdf:about": "#SPDXRef-3", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "3922760d8492eb8f853c10a627f5a73f9eaec6ff" + } + }, + "spdx:fileName": "./scan/copy2.c", + "spdx:copyrightText": "Copyright (c) 2000 ACME, Inc." + } + } } }, { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-4" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/rdf/terms#none" + }, + "@rdf:about": "#SPDXRef-4", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "c91811eb5fdc7ab440355f9f8d1580e1518b0c2f" + } + }, + "spdx:fileName": "./scan/copy3.c", + "spdx:copyrightText": "Copyright (c) 2000 ACME, Inc." + } + } } }, { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-6" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/rdf/terms#none" + }, + "@rdf:about": "#SPDXRef-6", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "3922760d8492eb8f853c10a627f5a73f9eaec6ff" + } + }, + "spdx:fileName": "./scan/subdir/copy1.c", + "spdx:copyrightText": "Copyright (c) 2000 ACME, Inc." + } + } } }, { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-7" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/rdf/terms#none" + }, + "@rdf:about": "#SPDXRef-7", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "3922760d8492eb8f853c10a627f5a73f9eaec6ff" + } + }, + "spdx:fileName": "./scan/subdir/copy2.c", + "spdx:copyrightText": "Copyright (c) 2000 ACME, Inc." + } + } } }, { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-8" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/rdf/terms#none" + }, + "@rdf:about": "#SPDXRef-8", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "389af7e629a9853056e42b262d5e30bf4579a74f" + } + }, + "spdx:fileName": "./scan/subdir/copy3.c", + "spdx:copyrightText": "Copyright (c) 2000 ACME, Inc." + } + } } }, { - "ns1:Relationship": { - "ns1:relationshipType": { + "spdx:Relationship": { + "spdx:relationshipType": { "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-9" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/rdf/terms#none" + }, + "@rdf:about": "#SPDXRef-9", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "58748872d25374160692f1ed7075d0fe80a544b1" + } + }, + "spdx:fileName": "./scan/subdir/copy4.c", + "spdx:copyrightText": "Copyright (c) 2000 ACME, Inc." + } + } } } ], - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-DOCUMENT", - "ns1:specVersion": "SPDX-2.2" + "spdx:copyrightText": "Copyright (c) 2000 ACME, Inc.", + "spdx:name": "scan" + }, + "spdx:SpdxDocument": { + "spdx:dataLicense": { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + "@rdf:about": "#SPDXRef-DOCUMENT", + "rdfs:comment": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.\nSPDX License List: 3.21", + "spdx:name": "SPDX Document created by ScanCode Toolkit", + "spdx:specVersion": "SPDX-2.2" }, - "@xmlns:ns1": "http://spdx.org/rdf/terms#", - "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#" + "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#", + "@xmlns:rdfs": "http://www.w3.org/2000/01/rdf-schema#", + "@xmlns:spdx": "http://spdx.org/rdf/terms#" } } \ No newline at end of file diff --git a/tests/formattedcode/data/spdx/tree/expected.tv b/tests/formattedcode/data/spdx/tree/expected.tv index c7734ae7818..1ff190884ce 100644 --- a/tests/formattedcode/data/spdx/tree/expected.tv +++ b/tests/formattedcode/data/spdx/tree/expected.tv @@ -1,28 +1,29 @@ -# Document Information +## Document Information SPDXVersion: SPDX-2.2 DataLicense: CC0-1.0 -DocumentNamespace: http://spdx.org/spdxdocs/scan -DocumentName: SPDX Document created by ScanCode Toolkit -LicenseListVersion: 3.20 SPDXID: SPDXRef-DOCUMENT +DocumentName: SPDX Document created by ScanCode Toolkit +DocumentNamespace: http://spdx.org/spdxdocs/scan DocumentComment: Generated with ScanCode and provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. No content created from ScanCode should be considered or used as legal advice. Consult an Attorney for any legal advice. ScanCode is a free software code scanning tool from nexB Inc. and others. -Visit https://github.com/nexB/scancode-toolkit/ for support and download. -# Creation Info -# Package +Visit https://github.com/nexB/scancode-toolkit/ for support and download. +SPDX License List: 3.21 +## Creation Information +## Package Information PackageName: scan SPDXID: SPDXRef-001 PackageDownloadLocation: NOASSERTION +FilesAnalyzed: True PackageVerificationCode: ed7a0c42e0411fe584d7c6d04105416593624be3 -PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageLicenseInfoFromFiles: NONE +PackageLicenseDeclared: NOASSERTION PackageCopyrightText: Copyright (c) 2000 ACME, Inc. -# File +## File Information FileName: ./scan/copy1.c SPDXID: SPDXRef-2 FileChecksum: SHA1: 3922760d8492eb8f853c10a627f5a73f9eaec6ff @@ -30,7 +31,7 @@ LicenseConcluded: NOASSERTION LicenseInfoInFile: NONE FileCopyrightText: Copyright (c) 2000 ACME, Inc. -# File +## File Information FileName: ./scan/copy2.c SPDXID: SPDXRef-3 FileChecksum: SHA1: 3922760d8492eb8f853c10a627f5a73f9eaec6ff @@ -38,7 +39,7 @@ LicenseConcluded: NOASSERTION LicenseInfoInFile: NONE FileCopyrightText: Copyright (c) 2000 ACME, Inc. -# File +## File Information FileName: ./scan/copy3.c SPDXID: SPDXRef-4 FileChecksum: SHA1: c91811eb5fdc7ab440355f9f8d1580e1518b0c2f @@ -46,7 +47,7 @@ LicenseConcluded: NOASSERTION LicenseInfoInFile: NONE FileCopyrightText: Copyright (c) 2000 ACME, Inc. -# File +## File Information FileName: ./scan/subdir/copy1.c SPDXID: SPDXRef-6 FileChecksum: SHA1: 3922760d8492eb8f853c10a627f5a73f9eaec6ff @@ -54,7 +55,7 @@ LicenseConcluded: NOASSERTION LicenseInfoInFile: NONE FileCopyrightText: Copyright (c) 2000 ACME, Inc. -# File +## File Information FileName: ./scan/subdir/copy2.c SPDXID: SPDXRef-7 FileChecksum: SHA1: 3922760d8492eb8f853c10a627f5a73f9eaec6ff @@ -62,7 +63,7 @@ LicenseConcluded: NOASSERTION LicenseInfoInFile: NONE FileCopyrightText: Copyright (c) 2000 ACME, Inc. -# File +## File Information FileName: ./scan/subdir/copy3.c SPDXID: SPDXRef-8 FileChecksum: SHA1: 389af7e629a9853056e42b262d5e30bf4579a74f @@ -70,7 +71,7 @@ LicenseConcluded: NOASSERTION LicenseInfoInFile: NONE FileCopyrightText: Copyright (c) 2000 ACME, Inc. -# File +## File Information FileName: ./scan/subdir/copy4.c SPDXID: SPDXRef-9 FileChecksum: SHA1: 58748872d25374160692f1ed7075d0fe80a544b1 diff --git a/tests/formattedcode/data/spdx/unicode/expected.rdf b/tests/formattedcode/data/spdx/unicode/expected.rdf index 720448a7400..c9f21d9cab9 100644 --- a/tests/formattedcode/data/spdx/unicode/expected.rdf +++ b/tests/formattedcode/data/spdx/unicode/expected.rdf @@ -1,88 +1,79 @@ { "rdf:RDF": { - "ns1:SpdxDocument": { - "ns1:name": { - "@rdf:resource": "SPDX Document created by ScanCode Toolkit" + "spdx:Package": { + "spdx:filesAnalyzed": { + "#text": "true", + "@rdf:datatype": "http://www.w3.org/2001/XMLSchema#boolean" }, - "ns1:dataLicense": { - "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + "spdx:licenseInfoFromFiles": { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-agere-bsd" }, - "ns1:hasExtractedLicensingInfo": { - "ns1:ExtractedLicensingInfo": { - "ns1:extractedText": "* SOFTWARE LICENSE\n *\n * This software is provided subject to the following terms and conditions,\n * which you should read carefully before using the software. Using this\n * software indicates your acceptance of these terms and conditions. If you do\n * not agree with these terms and conditions, do not use the software.\n *\n * Copyright \u00a9 2005 Agere Systems Inc.\n * All rights reserved.\n *\n * Redistribution and use in source or binary forms, with or without\n * modifications, are permitted provided that the following conditions are met:\n *\n * . Redistributions of source code must retain the above copyright notice, this\n * list of conditions and the following Disclaimer as comments in the code as\n * well as in the documentation and/or other materials provided with the\n * distribution.\n *\n * . Redistributions in binary form must reproduce the above copyright notice,\n * this list of conditions and the following Disclaimer in the documentation\n * and/or other materials provided with the distribution.\n *\n * . Neither the name of Agere Systems Inc. nor the names of the contributors\n * may be used to endorse or promote products derived from this software\n * without specific prior written permission.\n *\n * Disclaimer\n *\n * THIS SOFTWARE IS PROVIDED \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES,\n * INCLUDING, BUT NOT LIMITED TO, INFRINGEMENT AND THE IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. ANY\n * USE, MODIFICATION OR DISTRIBUTION OF THIS SOFTWARE IS SOLELY AT THE USERS OWN\n * RISK. IN NO EVENT SHALL AGERE SYSTEMS INC. OR CONTRIBUTORS BE LIABLE FOR ANY\n * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES\n * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\n * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND\n * ON ANY THEORY OF LIABILITY, INCLUDING, BUT NOT LIMITED TO, CONTRACT, STRICT\n * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT\n * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH\n * DAMAGE.", - "ns1:licenseName": "Agere Systems BSD Software license", - "ns1:licenseId": "LicenseRef-scancode-agere-bsd", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/agere-bsd.yml" - } + "spdx:downloadLocation": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" }, - "ns1:referencesFile": { - "ns1:File": { - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:checksum": { - "ns1:Checksum": { - "ns1:checksumValue": "3903b654c47ea95203567230d72093ad1c5c4b90", - "ns1:algorithm": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" - } - }, - "ns1:licenseInfoInFile": { - "ns1:ExtractedLicensingInfo": { - "ns1:extractedText": "* SOFTWARE LICENSE\n *\n * This software is provided subject to the following terms and conditions,\n * which you should read carefully before using the software. Using this\n * software indicates your acceptance of these terms and conditions. If you do\n * not agree with these terms and conditions, do not use the software.\n *\n * Copyright \u00a9 2005 Agere Systems Inc.\n * All rights reserved.\n *\n * Redistribution and use in source or binary forms, with or without\n * modifications, are permitted provided that the following conditions are met:\n *\n * . Redistributions of source code must retain the above copyright notice, this\n * list of conditions and the following Disclaimer as comments in the code as\n * well as in the documentation and/or other materials provided with the\n * distribution.\n *\n * . Redistributions in binary form must reproduce the above copyright notice,\n * this list of conditions and the following Disclaimer in the documentation\n * and/or other materials provided with the distribution.\n *\n * . Neither the name of Agere Systems Inc. nor the names of the contributors\n * may be used to endorse or promote products derived from this software\n * without specific prior written permission.\n *\n * Disclaimer\n *\n * THIS SOFTWARE IS PROVIDED \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES,\n * INCLUDING, BUT NOT LIMITED TO, INFRINGEMENT AND THE IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. ANY\n * USE, MODIFICATION OR DISTRIBUTION OF THIS SOFTWARE IS SOLELY AT THE USERS OWN\n * RISK. IN NO EVENT SHALL AGERE SYSTEMS INC. OR CONTRIBUTORS BE LIABLE FOR ANY\n * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES\n * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\n * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND\n * ON ANY THEORY OF LIABILITY, INCLUDING, BUT NOT LIMITED TO, CONTRACT, STRICT\n * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT\n * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH\n * DAMAGE.", - "ns1:licenseName": "Agere Systems BSD Software license", - "ns1:licenseId": "LicenseRef-scancode-agere-bsd", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/agere-bsd.yml" - } - }, - "ns1:fileName": "./et131x.h", - "@rdf:about": "http://www.spdx.org/files#SPDXRef-1", - "ns1:copyrightText": "Copyright (c) 2005 Agere Systems Inc.\nCopyright (c) 2005 Agere Systems Inc." + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "spdx:licenseDeclared": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "@rdf:about": "#SPDXRef-001", + "spdx:packageVerificationCode": { + "spdx:PackageVerificationCode": { + "spdx:packageVerificationCodeValue": "ce09fd939153fe02b82fefb764381ba40234e6ca" } }, - "ns1:describesPackage": { - "ns1:Package": { - "ns1:Package": { - "@rdf:resource": "SPDXRef-001" - }, - "ns1:downloadLocation": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseConcluded": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:licenseDeclared": { - "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" - }, - "ns1:hasFile": { - "@rdf:resource": "http://www.spdx.org/files#SPDXRef-1" + "spdx:relationship": { + "spdx:Relationship": { + "spdx:relationshipType": { + "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" }, - "ns1:licenseInfoFromFiles": { - "ns1:ExtractedLicensingInfo": { - "ns1:extractedText": "* SOFTWARE LICENSE\n *\n * This software is provided subject to the following terms and conditions,\n * which you should read carefully before using the software. Using this\n * software indicates your acceptance of these terms and conditions. If you do\n * not agree with these terms and conditions, do not use the software.\n *\n * Copyright \u00a9 2005 Agere Systems Inc.\n * All rights reserved.\n *\n * Redistribution and use in source or binary forms, with or without\n * modifications, are permitted provided that the following conditions are met:\n *\n * . Redistributions of source code must retain the above copyright notice, this\n * list of conditions and the following Disclaimer as comments in the code as\n * well as in the documentation and/or other materials provided with the\n * distribution.\n *\n * . Redistributions in binary form must reproduce the above copyright notice,\n * this list of conditions and the following Disclaimer in the documentation\n * and/or other materials provided with the distribution.\n *\n * . Neither the name of Agere Systems Inc. nor the names of the contributors\n * may be used to endorse or promote products derived from this software\n * without specific prior written permission.\n *\n * Disclaimer\n *\n * THIS SOFTWARE IS PROVIDED \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES,\n * INCLUDING, BUT NOT LIMITED TO, INFRINGEMENT AND THE IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. ANY\n * USE, MODIFICATION OR DISTRIBUTION OF THIS SOFTWARE IS SOLELY AT THE USERS OWN\n * RISK. IN NO EVENT SHALL AGERE SYSTEMS INC. OR CONTRIBUTORS BE LIABLE FOR ANY\n * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES\n * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\n * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND\n * ON ANY THEORY OF LIABILITY, INCLUDING, BUT NOT LIMITED TO, CONTRACT, STRICT\n * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT\n * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH\n * DAMAGE.", - "ns1:licenseName": "Agere Systems BSD Software license", - "ns1:licenseId": "LicenseRef-scancode-agere-bsd", - "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/agere-bsd.yml" + "spdx:relatedSpdxElement": { + "spdx:File": { + "spdx:licenseInfoInFile": { + "@rdf:resource": "http://spdx.org/licenses/LicenseRef-scancode-agere-bsd" + }, + "spdx:licenseConcluded": { + "@rdf:resource": "http://spdx.org/rdf/terms#noassertion" + }, + "@rdf:about": "#SPDXRef-1", + "spdx:checksum": { + "spdx:Checksum": { + "spdx:algorithm": { + "@rdf:resource": "http://spdx.org/rdf/terms#checksumAlgorithm_sha1" + }, + "spdx:checksumValue": "3903b654c47ea95203567230d72093ad1c5c4b90" + } + }, + "spdx:fileName": "./et131x.h", + "spdx:copyrightText": "Copyright (c) 2005 Agere Systems Inc.\nCopyright (c) 2005 Agere Systems Inc." } - }, - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-Package", - "ns1:copyrightText": "Copyright (c) 2005 Agere Systems Inc.", - "ns1:name": "unicode" + } } }, - "ns1:relationship": { - "ns1:Relationship": { - "ns1:relationshipType": { - "@rdf:resource": "http://spdx.org/rdf/terms#relationshipType_contains" - }, - "ns1:spdxElementId": "SPDXRef-001", - "ns1:relatedSpdxElement": "SPDXRef-1" + "spdx:copyrightText": "Copyright (c) 2005 Agere Systems Inc.", + "spdx:name": "unicode" + }, + "spdx:SpdxDocument": { + "spdx:dataLicense": { + "@rdf:resource": "http://spdx.org/licenses/CC0-1.0" + }, + "@rdf:about": "#SPDXRef-DOCUMENT", + "spdx:hasExtractedLicensingInfo": { + "spdx:ExtractedLicensingInfo": { + "@rdf:about": "#LicenseRef-scancode-agere-bsd", + "spdx:extractedText": "* SOFTWARE LICENSE\n *\n * This software is provided subject to the following terms and conditions,\n * which you should read carefully before using the software. Using this\n * software indicates your acceptance of these terms and conditions. If you do\n * not agree with these terms and conditions, do not use the software.\n *\n * Copyright \u00a9 2005 Agere Systems Inc.\n * All rights reserved.\n *\n * Redistribution and use in source or binary forms, with or without\n * modifications, are permitted provided that the following conditions are met:\n *\n * . Redistributions of source code must retain the above copyright notice, this\n * list of conditions and the following Disclaimer as comments in the code as\n * well as in the documentation and/or other materials provided with the\n * distribution.\n *\n * . Redistributions in binary form must reproduce the above copyright notice,\n * this list of conditions and the following Disclaimer in the documentation\n * and/or other materials provided with the distribution.\n *\n * . Neither the name of Agere Systems Inc. nor the names of the contributors\n * may be used to endorse or promote products derived from this software\n * without specific prior written permission.\n *\n * Disclaimer\n *\n * THIS SOFTWARE IS PROVIDED \"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES,\n * INCLUDING, BUT NOT LIMITED TO, INFRINGEMENT AND THE IMPLIED WARRANTIES OF\n * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. ANY\n * USE, MODIFICATION OR DISTRIBUTION OF THIS SOFTWARE IS SOLELY AT THE USERS OWN\n * RISK. IN NO EVENT SHALL AGERE SYSTEMS INC. OR CONTRIBUTORS BE LIABLE FOR ANY\n * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES\n * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\n * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND\n * ON ANY THEORY OF LIABILITY, INCLUDING, BUT NOT LIMITED TO, CONTRACT, STRICT\n * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT\n * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH\n * DAMAGE.", + "spdx:name": "Agere BSD", + "spdx:licenseId": "LicenseRef-scancode-agere-bsd", + "rdfs:comment": "See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/agere-bsd.LICENSE" } }, - "@rdf:about": "http://www.spdx.org/tools#SPDXRef-DOCUMENT", - "ns1:specVersion": "SPDX-2.2" + "rdfs:comment": "Generated with ScanCode and provided on an \"AS IS\" BASIS, WITHOUT WARRANTIES\nOR CONDITIONS OF ANY KIND, either express or implied. No content created from\nScanCode should be considered or used as legal advice. Consult an Attorney\nfor any legal advice.\nScanCode is a free software code scanning tool from nexB Inc. and others.\nVisit https://github.com/nexB/scancode-toolkit/ for support and download.\nSPDX License List: 3.21", + "spdx:name": "SPDX Document created by ScanCode Toolkit", + "spdx:specVersion": "SPDX-2.2" }, - "@xmlns:ns1": "http://spdx.org/rdf/terms#", "@xmlns:rdf": "http://www.w3.org/1999/02/22-rdf-syntax-ns#", - "@xmlns:rdfs": "http://www.w3.org/2000/01/rdf-schema#" + "@xmlns:rdfs": "http://www.w3.org/2000/01/rdf-schema#", + "@xmlns:spdx": "http://spdx.org/rdf/terms#" } } \ No newline at end of file diff --git a/tests/formattedcode/data/spdx/unicode/expected.tv b/tests/formattedcode/data/spdx/unicode/expected.tv index e4beeb43158..1482ce670c0 100644 --- a/tests/formattedcode/data/spdx/unicode/expected.tv +++ b/tests/formattedcode/data/spdx/unicode/expected.tv @@ -1,28 +1,29 @@ -# Document Information +## Document Information SPDXVersion: SPDX-2.2 DataLicense: CC0-1.0 -DocumentNamespace: http://spdx.org/spdxdocs/unicode -DocumentName: SPDX Document created by ScanCode Toolkit -LicenseListVersion: 3.20 SPDXID: SPDXRef-DOCUMENT +DocumentName: SPDX Document created by ScanCode Toolkit +DocumentNamespace: http://spdx.org/spdxdocs/unicode DocumentComment: Generated with ScanCode and provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. No content created from ScanCode should be considered or used as legal advice. Consult an Attorney for any legal advice. ScanCode is a free software code scanning tool from nexB Inc. and others. -Visit https://github.com/nexB/scancode-toolkit/ for support and download. -# Creation Info -# Package +Visit https://github.com/nexB/scancode-toolkit/ for support and download. +SPDX License List: 3.21 +## Creation Information +## Package Information PackageName: unicode SPDXID: SPDXRef-001 PackageDownloadLocation: NOASSERTION +FilesAnalyzed: True PackageVerificationCode: ce09fd939153fe02b82fefb764381ba40234e6ca -PackageLicenseDeclared: NOASSERTION PackageLicenseConcluded: NOASSERTION PackageLicenseInfoFromFiles: LicenseRef-scancode-agere-bsd +PackageLicenseDeclared: NOASSERTION PackageCopyrightText: Copyright (c) 2005 Agere Systems Inc. -# File +## File Information FileName: ./et131x.h SPDXID: SPDXRef-1 FileChecksum: SHA1: 3903b654c47ea95203567230d72093ad1c5c4b90 @@ -31,11 +32,8 @@ LicenseInfoInFile: LicenseRef-scancode-agere-bsd FileCopyrightText: Copyright (c) 2005 Agere Systems Inc. Copyright (c) 2005 Agere Systems Inc. -# Extracted Licenses +## License Information LicenseID: LicenseRef-scancode-agere-bsd -LicenseName: Agere Systems BSD Software license -LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/agere-bsd.yml - ExtractedText: * SOFTWARE LICENSE * * This software is provided subject to the following terms and conditions, @@ -75,4 +73,7 @@ ExtractedText: * SOFTWARE LICENSE * ON ANY THEORY OF LIABILITY, INCLUDING, BUT NOT LIMITED TO, CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH -* DAMAGE. \ No newline at end of file +* DAMAGE. +LicenseName: Agere BSD +LicenseComment: See details at https://github.com/nexB/scancode-toolkit/blob/develop/src/licensedcode/data/licenses/agere-bsd.LICENSE + \ No newline at end of file diff --git a/tests/formattedcode/test_output_spdx.py b/tests/formattedcode/test_output_spdx.py index 3ad099a2b91..8aa1fda02f3 100644 --- a/tests/formattedcode/test_output_spdx.py +++ b/tests/formattedcode/test_output_spdx.py @@ -31,14 +31,16 @@ def strip_variable_text(rdf_text): Return rdf_text stripped from variable parts such as rdf nodeids """ + namespace_regex = re.compile('SpdxDocument rdf:about="(.+)#SPDXRef-DOCUMENT"') + namespace = namespace_regex.search(rdf_text).group(1) + rdf_text = re.compile(namespace).sub('', rdf_text) + replace_nid = re.compile('rdf:nodeID="[^\\"]*"').sub rdf_text = replace_nid('', rdf_text) - replace_creation = re.compile('.*', re.DOTALL).sub # NOQA + replace_creation = re.compile('.*', re.DOTALL).sub # NOQA rdf_text = replace_creation('', rdf_text) - replace_pcc = re.compile('.*', re.DOTALL).sub # NOQA - rdf_text = replace_pcc('', rdf_text) return rdf_text diff --git a/tests/packagedcode/data/npm/yarn-lock/v1-complex/yarn.lock b/tests/packagedcode/data/npm/yarn-lock/v1-complex/yarn.lock index ba267ae31a3..a3202ffc0d4 100644 --- a/tests/packagedcode/data/npm/yarn-lock/v1-complex/yarn.lock +++ b/tests/packagedcode/data/npm/yarn-lock/v1-complex/yarn.lock @@ -25,3 +25,20 @@ integrity sha512-3UYcJUj9kvSLbLbUIfQTqzcy5VX7GRZ/CCDrnOaZorFFM01aXp1+GJwuFGV4NDDoAS+mOUyHcO6UD/RfqOks3Q== dependencies: "@babel/types" "^7.0.0" + +"@react-spring/web@9.7.3", "react-spring@npm:@react-spring/web@9.7.3": + version "9.7.3" + resolved "https://registry.yarnpkg.com/@react-spring/web/-/web-9.7.3.tgz#da977382f91d9af4c400e4aa7dc37d3db07b87e0" + integrity sha512-rEvipblmihiz8+Eo01zDp5dqWn6XfYk8q2rlN9c18YIOL4o6nuY/VplDoocUMHYfH4liurpO4o1QudKOO1nAiQ== + dependencies: + "@react-spring/animated" "9.7.3" + "@react-spring/core" "9.7.3" + "@react-spring/shared" "9.7.3" + +"@testing-library/react-12@npm:@testing-library/react@^12": + version "12.1.2" + resolved "https://registry.yarnpkg.com/@testing-library/react/-/react-12.1.2.tgz#f1bc9a45943461fa2a598bb4597df1ae044cfc76" + integrity sha512-ihQiEOklNyHIpo2Y8FREkyD1QAea054U0MVbwH1m8N9TxeFz+KoJ9LkqoKqJlzx2JDm56DVwaJ1r36JYxZM05g== + dependencies: + "@babel/runtime" "^7.12.5" + "@testing-library/dom" "^8.0.0" diff --git a/tests/packagedcode/data/npm/yarn-lock/v1-complex/yarn.lock-expected b/tests/packagedcode/data/npm/yarn-lock/v1-complex/yarn.lock-expected index 240319304a7..02b97085a21 100644 --- a/tests/packagedcode/data/npm/yarn-lock/v1-complex/yarn.lock-expected +++ b/tests/packagedcode/data/npm/yarn-lock/v1-complex/yarn.lock-expected @@ -250,6 +250,161 @@ "purl": "pkg:npm/%40babel/helper-annotate-as-pure@7.0.0" }, "extra_data": {} + }, + { + "purl": "pkg:npm/%40react-spring/web@9.7.3", + "extracted_requirement": "9.7.3 9.7.3", + "scope": "dependencies", + "is_runtime": true, + "is_optional": false, + "is_resolved": true, + "resolved_package": { + "type": "npm", + "namespace": "@react-spring", + "name": "web", + "version": "9.7.3", + "qualifiers": {}, + "subpath": null, + "primary_language": "JavaScript", + "description": null, + "release_date": null, + "parties": [], + "keywords": [], + "homepage_url": null, + "download_url": "https://registry.yarnpkg.com/@react-spring/web/-/web-9.7.3.tgz", + "size": null, + "sha1": "da977382f91d9af4c400e4aa7dc37d3db07b87e0", + "md5": null, + "sha256": null, + "sha512": + "ac4be2a5b9668a18b3f3e128d35cc3a7976a5a7e977d893cab6ae537d735f1820e2f8a3a9ee63f569943a2871430761f1f8962baba4ee28d50b9d28e3b59c089", + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "holder": null, + "declared_license_expression": null, + "declared_license_expression_spdx": null, + "license_detections": [], + "other_license_expression": null, + "other_license_expression_spdx": null, + "other_license_detections": [], + "extracted_license_statement": null, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [ + { + "purl": "pkg:npm/%22%40react-spring/animated%22", + "extracted_requirement": "9.7.3", + "scope": "dependencies", + "is_runtime": true, + "is_optional": false, + "is_resolved": false, + "resolved_package": {}, + "extra_data": {} + }, + { + "purl": "pkg:npm/%22%40react-spring/core%22", + "extracted_requirement": "9.7.3", + "scope": "dependencies", + "is_runtime": true, + "is_optional": false, + "is_resolved": false, + "resolved_package": {}, + "extra_data": {} + }, + { + "purl": "pkg:npm/%22%40react-spring/shared%22", + "extracted_requirement": "9.7.3", + "scope": "dependencies", + "is_runtime": true, + "is_optional": false, + "is_resolved": false, + "resolved_package": {}, + "extra_data": {} + } + ], + "repository_homepage_url": "https://www.npmjs.com/package/@react-spring/web", + "repository_download_url": "https://registry.npmjs.org/@react-spring/web/-/web-9.7.3.tgz", + "api_data_url": "https://registry.npmjs.org/@react-spring%2fweb/9.7.3", + "datasource_id": "yarn_lock_v1", + "purl": "pkg:npm/%40react-spring/web@9.7.3" + }, + "extra_data": {} + }, + { + "purl": "pkg:npm/%40testing-library/react@12.1.2", + "extracted_requirement": "^12", + "scope": "dependencies", + "is_runtime": true, + "is_optional": false, + "is_resolved": true, + "resolved_package": { + "type": "npm", + "namespace": "@testing-library", + "name": "react", + "version": "12.1.2", + "qualifiers": {}, + "subpath": null, + "primary_language": "JavaScript", + "description": null, + "release_date": null, + "parties": [], + "keywords": [], + "homepage_url": null, + "download_url": "https://registry.yarnpkg.com/@testing-library/react/-/react-12.1.2.tgz", + "size": null, + "sha1": "f1bc9a45943461fa2a598bb4597df1ae044cfc76", + "md5": null, + "sha256": null, + "sha512": "8a142210e9253721c8a68d98f054449320f540079ad39e14d0c55bc07d66f0df53c5e173f8aa09f4b92aa0aa89973c762439b9e83570689d6bdfa258c59334e6", + "bug_tracking_url": null, + "code_view_url": null, + "vcs_url": null, + "copyright": null, + "holder": null, + "declared_license_expression": null, + "declared_license_expression_spdx": null, + "license_detections": [], + "other_license_expression": null, + "other_license_expression_spdx": null, + "other_license_detections": [], + "extracted_license_statement": null, + "notice_text": null, + "source_packages": [], + "file_references": [], + "extra_data": {}, + "dependencies": [ + { + "purl": "pkg:npm/%22%40babel/runtime%22", + "extracted_requirement": "^7.12.5", + "scope": "dependencies", + "is_runtime": true, + "is_optional": false, + "is_resolved": false, + "resolved_package": {}, + "extra_data": {} + }, + { + "purl": "pkg:npm/%22%40testing-library/dom%22", + "extracted_requirement": "^8.0.0", + "scope": "dependencies", + "is_runtime": true, + "is_optional": false, + "is_resolved": false, + "resolved_package": {}, + "extra_data": {} + } + ], + "repository_homepage_url": "https://www.npmjs.com/package/@testing-library/react", + "repository_download_url": "https://registry.npmjs.org/@testing-library/react/-/react-12.1.2.tgz", + "api_data_url": "https://registry.npmjs.org/@testing-library%2freact/12.1.2", + "datasource_id": "yarn_lock_v1", + "purl": "pkg:npm/%40testing-library/react@12.1.2" + }, + "extra_data": {} } ], "repository_homepage_url": null, @@ -258,4 +413,4 @@ "datasource_id": "yarn_lock_v1", "purl": null } -] \ No newline at end of file +] diff --git a/tests/packagedcode/data/plugin/help.txt b/tests/packagedcode/data/plugin/help.txt index 1f0da6029b5..73e63059acf 100755 --- a/tests/packagedcode/data/plugin/help.txt +++ b/tests/packagedcode/data/plugin/help.txt @@ -746,7 +746,7 @@ Package type: rpm documentation URL: https://fedoraproject.org/wiki/Changes/Sqlite_Rpmdb primary language: None description: RPM installed package SQLite database - path_patterns: '*var/lib/rpm/rpmdb.sqlite' + path_patterns: '*rpm/rpmdb.sqlite' -------------------------------------------- Package type: rpm datasource_id: rpm_spefile diff --git a/tests/packagedcode/data/rpm/rpmdb.sqlite b/tests/packagedcode/data/rpm/rpmdb.sqlite new file mode 100644 index 00000000000..ff1f6e880e4 Binary files /dev/null and b/tests/packagedcode/data/rpm/rpmdb.sqlite differ diff --git a/tests/packagedcode/test_recognize.py b/tests/packagedcode/test_recognize.py index 1d32c6cf67b..f7736aeeb61 100644 --- a/tests/packagedcode/test_recognize.py +++ b/tests/packagedcode/test_recognize.py @@ -196,3 +196,9 @@ def test_recognize_go_sum(self): packages = recognize_package_data(test_file) assert packages assert isinstance(packages[0], models.PackageData) + + def test_recognize_rpmdb_sqlite(self): + test_file = self.get_test_loc('rpm/rpmdb.sqlite') + packages = recognize_package_data(test_file, system=True) + assert packages + assert isinstance(packages[0], models.PackageData)