commit | c913e304a1534c4580fa70c2c3af5cd85d99fc9c | [log] [tgz] |
---|---|---|
author | Sascha Grunert <sgrunert@redhat.com> | Fri Jun 24 10:23:45 2022 +0200 |
committer | Bill Neubauer <bill.neubauer@gmail.com> | Tue Jul 12 16:43:05 2022 -0700 |
tree | 8e02c7da81214cc5016d69aeb690966d29d147da | |
parent | 7c62d6fe8d3aa2f39c4affb58c9781d9dc951a2d [diff] |
Fix runtime panic on LoadLicenses() It may be possible that the amount of segments is lower than 3 which caused a runtime panic in the license loader. We now skip those paths to fix that issue. Found: https://github.com/cri-o/cri-o/runs/7037925519 Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
The license classifier is a library and set of tools that can analyze text to determine what type of license it contains. It searches for license texts in a file and compares them to an archive of known licenses. These files could be, e.g., LICENSE
files with a single or multiple licenses in it, or source code files with the license text in a comment.
A “confidence level” is associated with each result indicating how close the match was. A confidence level of 1.0
indicates an exact match, while a confidence level of 0.0
indicates that no license was able to match the text.
Adding a new license is straight-forward:
Create a file in licenses/
.
.header
” to it. See licenses/README.md
for more details.Add the license name to the list in license_type.go
.
Regenerate the licenses.db
file by running the license serializer:
$ license_serializer -output licenseclassifier/licenses
Create and run appropriate tests to verify that the license is indeed present.
identify_license
is a command line tool that can identify the license(s) within a file.
$ identify_license LICENSE LICENSE: GPL-2.0 (confidence: 1, offset: 0, extent: 14794) LICENSE: LGPL-2.1 (confidence: 1, offset: 18366, extent: 23829) LICENSE: MIT (confidence: 1, offset: 17255, extent: 1059)
The license_serializer
tool regenerates the licenses.db
archive. The archive contains preprocessed license texts for quicker comparisons against unknown texts.
$ license_serializer -output licenseclassifier/licenses
This is not an official Google product (experimental or otherwise), it is just code that happens to be owned by Google.