FOSSLight Prechecker

License Current python package version.

FOSSLight Prechecker is a tool that can be used to comply with the copyright/license writing rules in the source code using reuse-tool.

Github Repository : https://github.com/fosslight/fosslight_prechecker
License : GPL-3.0-only

Prerequisite
How to install
How to run
Result
How it works

📋 Prerequisite

FOSSLight Prechecker needs a Python 3.7+.

🎉 How to install

It can be installed using pip3.
It is recommended to install it in the python 3.7 + virtualenv environment.

$ pip3 install fosslight_prechecker

🚀 How to run

FOSSLight Prechecker has 3 modes as following:

lint — (Default) Check whether the source code's copyright and license writing rules are complied with.
convert — Convert sbom-info.yaml or oss-pkg-info.yaml to fosslight_report.xlsx.
- It converts yaml file to SRC Sheet of FOSSLight Report
add — Add copyright and license to source code which is missing copyright and license

fosslight_prechecker [Mode] [option1] <arg1> [option2] <arg2>...

How to run by mode & Parameters

Required parameter : Mode
Optional parameter : Options

Mode
    lint                  (Default) Check whether the copyright and license writing rules are complied with
    convert               Convert sbom-info.yaml or oss_pkg_info.yaml -> fosslight_report.xlsx
    add                   Add missing license and copyright
 
Options:
    -h                    Print help message
    -v                    Print FOSSLight Prechecker version
    -p <path>             Path to check
    -f <format>           Output file format (yaml, xml, html)
    -o <file_name>        Output file name
    -n                    Don't exclude venv*, node_modules, and .*/ from the analysis
    -i                    Don't both write log file and show progress bar
 
Options for only 'add' mode
    -l <license>          License name(SPDX format) to add
    -c <copyright>        Copyright to add(ex, 2015-2021 LG Electronics Inc.)
  

(Only for Windows) Run using executable file

Download fosslight_prechecker_windows.exe from FOSSLight Prechecker - Release.
Two methods is available
2-1. Move the executable to the desired path and double-click to run it
- Run only Lint mode, which is the default mode
  2.2. Run as command
- Run ‘cmd'
- Run fosslight_prechecker.exe file according to ‘How to Run by Mode and Parameters' in the path where the file is located
  - ex) fosslight_prechecker.exe lint -p src/

📁 Result

🔖 lint mode

1) Analyze for specific folder

(venv)$ fosslight_prechecker lint -p /home/tests -o result.yaml

Result

  Checking copyright/license writing rules:
      Compliant: Not OK
      Files without copyright:
      - add/test_no_copyright.py
      Files without license:
      - add/test_no_license.py
      Files without license and copyright: N/A
      Summary:
        Detected Licenses:
        - '-'
        - GPL-3.0-only
        - MIT
        Files without copyright / total: 1 / 14
        Files without license / total: 1 / 14
        Open Source Package File:
        - convert/oss-pkg-info.yaml
        - add/oss-pkg-info.yaml
      Tool Info:
        Analyze path: tests
        OS: Linux 4.15.0-144-generic
        Python version: 3
        fosslight_prechecker version: fosslight_prechecker v2.2.0

2) Analyze for specific files

(venv)$ fosslight_prechecker lint -p "src/file1.py,src/file2.py"

Result

    # src/file1.py
    * License: 
    * Copyright: 

    # src/file2.py
    * License: GPL-3.0-only
    * Copyright: Copyright (c) 2022 LG Electronics Inc.

    Checking copyright/license writing rules:
      Compliant: Not OK
      Files without copyright: N/A
      Files without license: N/A
      Files without license and copyright:
      - src/fosslight_prechecker/_precheck.py
      Summary:
        Detected Licenses: N/A
        Files without copyright / total: 1 / 2
        Files without license / total: 1 / 2
        Open Source Package File: []
      Tool Info:
        Analyze path: /home/jaekwonbang/tests
        OS: Linux 4.15.0-144-generic
        Python version: 3
        fosslight_prechecker version: fosslight_prechecker v2.2.0

Contents of result

Depending on the format, the resulting output could be different. (Default format: yaml)

Compliant: lint Whether the result is Compliant (OK or Not OK)
Files without copyright: A list of files without copyright
Files without license: A list of files without a license
Files without license and copyright: A list of files without both copyright and licenses
Summary
- Detected Licenses: Detected License in source code
- Files without copyright / total: Number of files without copyright / Total number of files
- Files without license / total: Number of files without license / Total number of files
- Files without copyright / total: Number of files without copyright / Total number of files
- Open Source Package File: A list of sbom-info.yaml or oss-pkg-info.yaml files
- Tool Info
  - Analysis path: Path conducted by analysis
  - OS: OS version with FOSSLight Prechecker running
  - Python version: Python ver.
  - fosslight_prechecker version: FOSSLight Prechecker ver.

When calculating the number of files, excluded the following items

Hidden file

A file with no code in it

Files defined in .gitignore

Untracked files based on git repo

Deliverables of FOSSLight

Exclude path in sbom-info.yaml / oss-pkg-info.yaml

Demo Video (lint)

🔖 convert mode

1) Convert all sbom-info.yaml or oss-pkg-info.yaml in the path recursively.

$ fosslight_prechecker convert -p tests/

2) Result file example

oss-pkg-info.yaml

When writing a path in the yaml file, if it starts with a special character ({, } , [, ], &, *, #, ?, |, -, <, >, =, !, @), use double quotation marks ("").

    glibc:
    - version: '2.3'
      source name or path:
      - tests/b.c
      - tests/a.c
      license:
      - GPL-3.0
      - LGPL-2.1
      download location: https://github.com/fsfe/glibc
    dbus:
    - version: '1.3'
      source name or path:
      - tests/src/*
      license:
      - GPL-2.0
      download location: https://github.com/fsfe/dbus
      copyright text: 'Copyright (c) 2020 Test Copyright (c) 2020 Sample'
    reuse-tool:
    - version: ''
      source name or path:
      - tests/
      license:
      - MIT
      download location: https://github.com/fsfe/reuse
      homepage: http://google.com
      copyright text: Copyright (c) 2020 Test
    build-tool:
    - version: ''
      source name or path:
      - tests/
      license:
      - Apache-2.0
      download location: http://gihub.com/bazel
      exclude: true
  

fosslight_report.xlsx

FOSSLight Report

Demo Video (convert)

demo video for convert mode

🔖 add mode

1) Add copyright and license to file(s) in the input path

(venv)$ fosslight_prechecker add -p tests/add -c "2019-2021 LG Electronics Inc." -l "GPL-3.0-only"
  

2) Add copyright and license to input file(s)

(venv)$ fosslight_prechecker add -p "tests/add/test_both_have_1.py,tests/add/test_both_have_2.py,tests/add/test_no_copyright.py,tests/add/test_no_license.py" -c "2019-2021 LG Electronics Inc." -l "GPL-3.0-only"
  

3) Result ▪️ Changes in the file - Added copyright or license at the top of the file

Before	After

    # File list that have both license and copyright : 3 / 7
    # __init__.py
    * License:
    * Copyright:

    # test_both_have_1.py
    * License: GPL-3.0-only
    * Copyright: SPDX-FileCopyrightText: Copyright 2019-2021 LG Electronics Inc.

    # test_both_have_2.py
    * License: MIT
    * Copyright: SPDX-FileCopyrightText: Copyright (c) 2011 LG Electronics Inc.

    # Missing license File(s)
    * test_no_license.py
    * Your input license : GPL-3.0-only
    Successfully changed header of tests/add_result/test_no_license.py

    # Missing Copyright File(s)
    * test_no_copyright.py
    * Your input Copyright : Copyright 2019-2021 LG Electronics Inc.
    Successfully changed header of tests/add_result/test_no_copyright.py
  

Demo Video (add)

🔍 How it works

🔖 lint mode

Find a OSS Package Information file.
Check if at least one of the following files exists (case-free)
- sbom-info.yaml (or .yml)
- oss-pkg-info.yaml (or .yml)
- requirement.txt
- requirements.txt
- package.json
- pom.xml
- build.gradle
- Podfile.lock
- Cartfile.resolved
- pubspec.yaml
- Package.resolved
- go.mod
- packages.config
- package.assets.json
- oss-package.info
- File started with "MODULE_LICENSE_ "
Run fsfe-reuse lint
2-1. When running on a project basis.
- If there is no ./reuse/dep5 file in the Root Path, it is created.
- If it already exists, copy it to bk file and append the default config value to the existing dep file.
- By creating dep5 files, exclude binary or .json, venv /, node_modules/,. */ from reuse.
- Run fsfe-reuse lint (If the OSS Package Information file exists, the list of missing license files is not printed.)
- Recover to existing dep5-related file if it originally existed, delete if it doesn't exist.
2-2. When executing in file unit
- Print the copyright text and license text extraction by file.
- However, if the file does not exist or the file is binary or .json, copyright text and license text are not printed.
Print the execution result and save it in xml format.

🔖 convert mode

Check if there is an OSS Package Information or FOSSLight Report file.
- file example : sbom-info.yaml, oss-pkg-info.yaml

Convert sbom-info.yaml or oss-pkg-info.yaml file to FOSSLight Report
2-1. When running on a project basis.
- Convert all files in the path (oss-pkg-info.yaml file -> fosslight_report.xlsx)
2-2. When running in file unit
- Convert the input yaml file
- However, if an output file name is specified with -o, a result file is created with that name.

🔖 add mode

Confirm to add copyright and license to missing file
Add copyright and license to missing file(s) using -c and -l option
- Print file list that both has copyright and license(excluded from Adding)
- Add input copyright and license to missing file(s) using -c and -l option