This is an automated email from the ASF dual-hosted git repository. kezhenxu94 pushed a commit to branch maven/name in repository https://gitbox.apache.org/repos/asf/skywalking-eyes.git
commit 8d3ca9c74e5c96e0a1c15222dc33bcf0e4629013 Author: kezhenxu94 <[email protected]> AuthorDate: Mon Jun 13 21:32:36 2022 +0800 maven: set group:artifact as dependency name and extend functions in summary template --- dist/LICENSE | 10 +++++ .../license-github.com-Masterminds-semver-v3.txt | 19 +++++++++ .../license-github.com-Masterminds-sprig-v3.txt | 19 +++++++++ dist/licenses/license-github.com-google-uuid.txt | 27 +++++++++++++ .../license-github.com-huandu-xstrings.txt | 22 +++++++++++ dist/licenses/license-github.com-imdario-mergo.txt | 28 ++++++++++++++ .../license-github.com-mitchellh-copystructure.txt | 21 ++++++++++ .../license-github.com-mitchellh-reflectwalk.txt | 21 ++++++++++ .../license-github.com-shopspring-decimal.txt | 45 ++++++++++++++++++++++ dist/licenses/license-github.com-spf13-cast.txt | 21 ++++++++++ go.mod | 1 + go.sum | 24 ++++++++++++ pkg/deps/jar.go | 31 +++++++-------- pkg/deps/maven.go | 40 +++++++++++-------- pkg/deps/summary.go | 3 +- 15 files changed, 299 insertions(+), 33 deletions(-) diff --git a/dist/LICENSE b/dist/LICENSE index b3bb8b0..04877e4 100644 --- a/dist/LICENSE +++ b/dist/LICENSE @@ -183,6 +183,7 @@ Apache-2.0 licenses cloud.google.com/go/datastore v1.1.0 Apache-2.0 cloud.google.com/go/pubsub v1.3.1 Apache-2.0 cloud.google.com/go/storage v1.10.0 Apache-2.0 + github.com/Masterminds/goutils v1.1.1 Apache-2.0 github.com/census-instrumentation/opencensus-proto v0.2.1 Apache-2.0 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f Apache-2.0 github.com/envoyproxy/go-control-plane v0.9.4 Apache-2.0 @@ -223,8 +224,10 @@ BSD-3-Clause licenses github.com/google/go-github/v33 v33.0.0 BSD-3-Clause github.com/google/go-querystring v1.1.0 BSD-3-Clause github.com/google/licensecheck v0.3.1 BSD-3-Clause + github.com/google/uuid v1.1.1 BSD-3-Clause github.com/googleapis/gax-go/v2 v2.0.5 BSD-3-Clause github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6 BSD-3-Clause + github.com/imdario/mergo v0.3.11 BSD-3-Clause github.com/pmezard/go-difflib v1.0.0 BSD-3-Clause github.com/rogpeppe/go-internal v1.3.0 BSD-3-Clause github.com/spf13/pflag v1.0.5 BSD-3-Clause @@ -267,18 +270,25 @@ MIT licenses ======================================================================== github.com/BurntSushi/toml v0.3.1 MIT + github.com/Masterminds/semver/v3 v3.1.1 MIT + github.com/Masterminds/sprig/v3 v3.2.2 MIT github.com/bmatcuk/doublestar/v2 v2.0.4 MIT github.com/chzyer/logex v1.1.10 MIT github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e MIT github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1 MIT github.com/client9/misspell v0.3.4 MIT github.com/cpuguy83/go-md2man/v2 v2.0.1 MIT + github.com/huandu/xstrings v1.3.1 MIT github.com/jstemmer/go-junit-report v0.9.1 MIT github.com/kisielk/gotool v1.0.0 MIT github.com/kr/pretty v0.1.0 MIT github.com/kr/pty v1.1.1 MIT github.com/kr/text v0.1.0 MIT + github.com/mitchellh/copystructure v1.0.0 MIT + github.com/mitchellh/reflectwalk v1.0.0 MIT + github.com/shopspring/decimal v1.2.0 MIT github.com/sirupsen/logrus v1.8.1 MIT + github.com/spf13/cast v1.3.1 MIT github.com/stretchr/objx v0.1.0 MIT github.com/stretchr/testify v1.7.0 MIT github.com/yuin/goldmark v1.4.1 MIT diff --git a/dist/licenses/license-github.com-Masterminds-semver-v3.txt b/dist/licenses/license-github.com-Masterminds-semver-v3.txt new file mode 100644 index 0000000..9ff7da9 --- /dev/null +++ b/dist/licenses/license-github.com-Masterminds-semver-v3.txt @@ -0,0 +1,19 @@ +Copyright (C) 2014-2019, Matt Butcher and Matt Farina + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/dist/licenses/license-github.com-Masterminds-sprig-v3.txt b/dist/licenses/license-github.com-Masterminds-sprig-v3.txt new file mode 100644 index 0000000..f311b1e --- /dev/null +++ b/dist/licenses/license-github.com-Masterminds-sprig-v3.txt @@ -0,0 +1,19 @@ +Copyright (C) 2013-2020 Masterminds + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/dist/licenses/license-github.com-google-uuid.txt b/dist/licenses/license-github.com-google-uuid.txt new file mode 100644 index 0000000..5dc6826 --- /dev/null +++ b/dist/licenses/license-github.com-google-uuid.txt @@ -0,0 +1,27 @@ +Copyright (c) 2009,2014 Google Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/dist/licenses/license-github.com-huandu-xstrings.txt b/dist/licenses/license-github.com-huandu-xstrings.txt new file mode 100644 index 0000000..2701772 --- /dev/null +++ b/dist/licenses/license-github.com-huandu-xstrings.txt @@ -0,0 +1,22 @@ +The MIT License (MIT) + +Copyright (c) 2015 Huan Du + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + diff --git a/dist/licenses/license-github.com-imdario-mergo.txt b/dist/licenses/license-github.com-imdario-mergo.txt new file mode 100644 index 0000000..6866802 --- /dev/null +++ b/dist/licenses/license-github.com-imdario-mergo.txt @@ -0,0 +1,28 @@ +Copyright (c) 2013 Dario Castañé. All rights reserved. +Copyright (c) 2012 The Go Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/dist/licenses/license-github.com-mitchellh-copystructure.txt b/dist/licenses/license-github.com-mitchellh-copystructure.txt new file mode 100644 index 0000000..2298515 --- /dev/null +++ b/dist/licenses/license-github.com-mitchellh-copystructure.txt @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2014 Mitchell Hashimoto + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/dist/licenses/license-github.com-mitchellh-reflectwalk.txt b/dist/licenses/license-github.com-mitchellh-reflectwalk.txt new file mode 100644 index 0000000..f9c841a --- /dev/null +++ b/dist/licenses/license-github.com-mitchellh-reflectwalk.txt @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2013 Mitchell Hashimoto + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. diff --git a/dist/licenses/license-github.com-shopspring-decimal.txt b/dist/licenses/license-github.com-shopspring-decimal.txt new file mode 100644 index 0000000..ad2148a --- /dev/null +++ b/dist/licenses/license-github.com-shopspring-decimal.txt @@ -0,0 +1,45 @@ +The MIT License (MIT) + +Copyright (c) 2015 Spring, Inc. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + +- Based on https://github.com/oguzbilgic/fpd, which has the following license: +""" +The MIT License (MIT) + +Copyright (c) 2013 Oguz Bilgic + +Permission is hereby granted, free of charge, to any person obtaining a copy of +this software and associated documentation files (the "Software"), to deal in +the Software without restriction, including without limitation the rights to +use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of +the Software, and to permit persons to whom the Software is furnished to do so, +subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS +FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR +COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +""" diff --git a/dist/licenses/license-github.com-spf13-cast.txt b/dist/licenses/license-github.com-spf13-cast.txt new file mode 100644 index 0000000..4527efb --- /dev/null +++ b/dist/licenses/license-github.com-spf13-cast.txt @@ -0,0 +1,21 @@ +The MIT License (MIT) + +Copyright (c) 2014 Steve Francia + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. \ No newline at end of file diff --git a/go.mod b/go.mod index 15ff201..9614645 100644 --- a/go.mod +++ b/go.mod @@ -3,6 +3,7 @@ module github.com/apache/skywalking-eyes go 1.16 require ( + github.com/Masterminds/sprig/v3 v3.2.2 github.com/bmatcuk/doublestar/v2 v2.0.4 github.com/golang/protobuf v1.5.2 // indirect github.com/google/go-github/v33 v33.0.0 diff --git a/go.sum b/go.sum index ae2f5ee..317e638 100644 --- a/go.sum +++ b/go.sum @@ -33,6 +33,12 @@ cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= +github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= +github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= +github.com/Masterminds/semver/v3 v3.1.1 h1:hLg3sBzpNErnxhQtUy/mmLR2I9foDujNK030IGemrRc= +github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= +github.com/Masterminds/sprig/v3 v3.2.2 h1:17jRggJu518dr3QaafizSXOjKYp94wKfABxUmyxvxX8= +github.com/Masterminds/sprig/v3 v3.2.2/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFPhxNuwnnxkKlk= github.com/bmatcuk/doublestar/v2 v2.0.4 h1:6I6oUiT/sU27eE2OFcWqBhL1SwjyvQuOssxT4a1yidI= github.com/bmatcuk/doublestar/v2 v2.0.4/go.mod h1:QMmcs3H2AUQICWhfzLXz+IYln8lRQmTZRptLie8RgRw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= @@ -108,11 +114,17 @@ github.com/google/pprof v0.0.0-20200229191704-1ebb73c60ed3/go.mod h1:ZgVRPoUq/hf github.com/google/pprof v0.0.0-20200430221834-fc25d7d30c6d/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/pprof v0.0.0-20200708004538-1a94d8640e99/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= +github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= +github.com/huandu/xstrings v1.3.1 h1:4jgBlKK6tLKFvO8u5pmYjG91cqytmDCDvGh7ECVFfFs= +github.com/huandu/xstrings v1.3.1/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= +github.com/imdario/mergo v0.3.11 h1:3tnifQM4i+fbajXKBHXWEH+KvNHqojZ778UH75j3bGA= +github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= @@ -123,13 +135,21 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ= +github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= +github.com/mitchellh/reflectwalk v1.0.0 h1:9D+8oIskB4VJBN5SFlmc27fSlIBZaov1Wpk/IfikLNY= +github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ= +github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= github.com/sirupsen/logrus v1.8.1 h1:dJKuHgqk1NNQlqoA6BTlM1Wf9DOH3NBjQyu0h9+AZZE= github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= +github.com/spf13/cast v1.3.1 h1:nFm6S0SMdyzrzcmThSipiEubIDy8WEXKNZ0UOgiRpng= +github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cobra v1.4.0 h1:y+wJpx64xcgO1V+RcnwW0LEHxTKRi2ZDPSBjWnrg88Q= github.com/spf13/cobra v1.4.0/go.mod h1:Wo4iy3BUC+X2Fybo0PDqwJIv3dNRiZLHQymsfxlB84g= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= @@ -137,6 +157,7 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -152,6 +173,7 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220518034528-6f7dac969898 h1:SLP7Q4Di66FONjDJbCYrCRrh97focO6sLogHO7/g8F0= @@ -414,6 +436,8 @@ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20220512140231-539c8e751b99 h1:dbuHpmKjkDzSOMKAWl10QNlgaZUd3V1q99xc81tt2Kc= diff --git a/pkg/deps/jar.go b/pkg/deps/jar.go index 2e816ad..886db7c 100644 --- a/pkg/deps/jar.go +++ b/pkg/deps/jar.go @@ -46,26 +46,29 @@ func (resolver *JarResolver) Resolve(jarFiles string, config *ConfigDeps, report } for _, jarFile := range fs { state := NotFound - if err := resolver.ResolveJar(config, &state, jarFile, Unknown, report); err != nil { + result, err := resolver.ResolveJar(config, &state, jarFile, Unknown) + if err != nil { dep := filepath.Base(jarFile) logger.Log.Warnf("Failed to resolve the license of <%s>: %v\n", dep, state.String()) report.Skip(&Result{ Dependency: dep, LicenseSpdxID: Unknown, }) + } else if result != nil { + report.Resolve(result) } } return nil } -func (resolver *JarResolver) ResolveJar(config *ConfigDeps, state *State, jarFile, version string, report *Report) error { +func (resolver *JarResolver) ResolveJar(config *ConfigDeps, state *State, jarFile, version string) (*Result, error) { dep := filepath.Base(jarFile) logger.Log.Debugf("Resolving the license of <%s> from jar\n", dep) compressedJar, err := zip.OpenReader(jarFile) if err != nil { - return err + return nil, err } defer compressedJar.Close() @@ -79,10 +82,10 @@ func (resolver *JarResolver) ResolveJar(config *ConfigDeps, state *State, jarFil *state |= FoundLicenseInJarLicenseFile buf, err := resolver.ReadFileFromZip(compressedFile) if err != nil { - return err + return nil, err } - return resolver.IdentifyLicense(config, jarFile, dep, buf.String(), version, report) + return resolver.IdentifyLicense(config, jarFile, dep, buf.String(), version) case reHaveManifestFile.MatchString(archiveFile): manifestFile = compressedFile } @@ -91,7 +94,7 @@ func (resolver *JarResolver) ResolveJar(config *ConfigDeps, state *State, jarFil if manifestFile != nil { buf, err := resolver.ReadFileFromZip(manifestFile) if err != nil { - return err + return nil, err } norm := regexp.MustCompile(`(?im)[\r\n]+ +`) content := norm.ReplaceAllString(buf.String(), "") @@ -102,18 +105,17 @@ func (resolver *JarResolver) ResolveJar(config *ConfigDeps, state *State, jarFil if l, err := license.Identify(lcs, config.Threshold); err == nil { lcs = l } - report.Resolve(&Result{ + return &Result{ Dependency: dep, LicenseFilePath: jarFile, LicenseContent: strings.TrimSpace(r[1]), LicenseSpdxID: lcs, Version: version, - }) - return nil + }, nil } } - return fmt.Errorf("cannot find license content") + return nil, fmt.Errorf("cannot find license content") } func (resolver *JarResolver) ReadFileFromZip(archiveFile *zip.File) (*bytes.Buffer, error) { @@ -134,23 +136,22 @@ func (resolver *JarResolver) ReadFileFromZip(archiveFile *zip.File) (*bytes.Buff return buf, nil } -func (resolver *JarResolver) IdentifyLicense(config *ConfigDeps, path, dep, content, version string, report *Report) error { +func (resolver *JarResolver) IdentifyLicense(config *ConfigDeps, path, dep, content, version string) (*Result, error) { contents := strings.Split(content, "[, \\s]+") identifiers := make([]string, 0, len(contents)) for _, c := range contents { identifier, err := license.Identify(c, config.Threshold) if err != nil { - return err + return nil, err } identifiers = append(identifiers, identifier) } - report.Resolve(&Result{ + return &Result{ Dependency: dep, LicenseFilePath: path, LicenseContent: content, LicenseSpdxID: strings.Join(identifiers, " and "), Version: version, - }) - return nil + }, nil } diff --git a/pkg/deps/maven.go b/pkg/deps/maven.go index d76ce36..ed5c517 100644 --- a/pkg/deps/maven.go +++ b/pkg/deps/maven.go @@ -150,7 +150,7 @@ func (resolver *MavenPomResolver) ResolveDependencies(deps []*Dependency, config for _, version := range strings.Split(l.Version, ",") { if l.Name == fmt.Sprintf("%s:%s", strings.Join(dep.GroupID, "."), dep.ArtifactID) && version == dep.Version { report.Resolve(&Result{ - Dependency: dep.Jar(), + Dependency: dep.String(), LicenseSpdxID: l.License, Version: dep.Version, }) @@ -161,9 +161,9 @@ func (resolver *MavenPomResolver) ResolveDependencies(deps []*Dependency, config state := NotFound err := resolver.ResolveLicense(config, &state, dep, report) if err != nil { - logger.Log.Warnf("Failed to resolve the license of <%s>: %v\n", dep.Jar(), state.String()) + logger.Log.Warnf("Failed to resolve the license of <%s>: %v\n", dep.String(), state.String()) report.Skip(&Result{ - Dependency: dep.Jar(), + Dependency: dep.String(), LicenseSpdxID: Unknown, Version: dep.Version, }) @@ -175,44 +175,50 @@ func (resolver *MavenPomResolver) ResolveDependencies(deps []*Dependency, config // ResolveLicense search all possible locations of the license, such as pom file, jar package func (resolver *MavenPomResolver) ResolveLicense(config *ConfigDeps, state *State, dep *Dependency, report *Report) error { - err := resolver.ResolveJar(config, state, filepath.Join(resolver.repo, dep.Path(), dep.Jar()), dep.Version, report) - if err == nil { + result1, err1 := resolver.ResolveJar(config, state, filepath.Join(resolver.repo, dep.Path(), dep.Jar()), dep.Version) + if err1 == nil { + result1.Dependency = dep.String() + report.Resolve(result1) return nil } - return resolver.ResolveLicenseFromPom(config, state, dep, report) + result2, err2 := resolver.ResolveLicenseFromPom(config, state, dep) + if err2 == nil { + report.Resolve(result2) + return nil + } + + return fmt.Errorf("failed to resolve license for <%s> from jar or pom: %+v, %+v", dep.String(), err1, err2) } // ResolveLicenseFromPom search for license in the pom file, which may appear in the header comments or in license element of xml -func (resolver *MavenPomResolver) ResolveLicenseFromPom(config *ConfigDeps, state *State, dep *Dependency, report *Report) (err error) { +func (resolver *MavenPomResolver) ResolveLicenseFromPom(config *ConfigDeps, state *State, dep *Dependency) (*Result, error) { pomFile := filepath.Join(resolver.repo, dep.Path(), dep.Pom()) pom, err := resolver.ReadLicensesFromPom(pomFile) if err != nil { - return err + return nil, err } if pom != nil && len(pom.Licenses) != 0 { - report.Resolve(&Result{ - Dependency: dep.Jar(), + return &Result{ + Dependency: dep.String(), LicenseFilePath: pomFile, LicenseContent: pom.Raw(), LicenseSpdxID: pom.AllLicenses(config), Version: dep.Version, - }) - - return nil + }, nil } headerComments, err := resolver.ReadHeaderCommentsFromPom(pomFile) if err != nil { - return err + return nil, err } else if headerComments != "" { *state |= FoundLicenseInPomHeader - return resolver.IdentifyLicense(config, pomFile, dep.Jar(), headerComments, dep.Version, report) + return resolver.IdentifyLicense(config, pomFile, dep.String(), headerComments, dep.Version) } - return fmt.Errorf("not found in pom file") + return nil, fmt.Errorf("not found in pom file") } func (resolver *MavenPomResolver) ReadLicensesFromPom(pomFile string) (*PomFile, error) { @@ -439,7 +445,7 @@ func (dep *Dependency) String() string { buf := bytes.NewBuffer(nil) w := bufio.NewWriter(buf) - _, err := w.WriteString(fmt.Sprintf("%v -> %v : %v %v", dep.GroupID, dep.ArtifactID, dep.Version, dep.Scope)) + _, err := w.WriteString(fmt.Sprintf("%v:%v", strings.Join(dep.GroupID, "."), dep.ArtifactID)) if err != nil { logger.Log.Error(err) } diff --git a/pkg/deps/summary.go b/pkg/deps/summary.go index 5b81219..ff66cd2 100644 --- a/pkg/deps/summary.go +++ b/pkg/deps/summary.go @@ -23,6 +23,7 @@ import ( "sort" "text/template" + "github.com/Masterminds/sprig/v3" "github.com/apache/skywalking-eyes/pkg/header" "github.com/apache/skywalking-eyes/pkg/license" ) @@ -48,7 +49,7 @@ func ParseTemplate(path string) (*template.Template, error) { if err != nil { return nil, err } - return template.New("summary").Parse(string(tpl)) + return template.New("summary").Funcs(sprig.TxtFuncMap()).Parse(string(tpl)) } // GenerateSummary generate the summary content by template, license config and dependency report
