tools/license.sh: script to generate LICENSE for product
Runs from the project root directory.
That will generate LICENSE.prod, which should replace LICENSE
in the released product.
This script uses `yarn licenses generate-disclaimer`,
so this cl adds the dev dependency on yarn.
We call this during the release process.
And delete thirdpartynotices.txt - that is stale and was never updated after the first introduction. The autogenerated LICENSE file with tools/license.sh includes the license for json-rpc2.
Change-Id: I5c0869bc9a86aac1769441a663229eb4c5141b73
GitHub-Last-Rev: b561d4c9d5948bd7d11f2015e280426061383e81
GitHub-Pull-Request: golang/vscode-go#240
Reviewed-on: https://go-review.googlesource.com/c/vscode-go/+/238860
Reviewed-by: Rebecca Stambler <rstambler@golang.org>
diff --git a/package-lock.json b/package-lock.json
index ce0f081..9c46b90 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -2057,6 +2057,12 @@
"lodash": "^4.17.15",
"yargs": "^13.3.0"
}
+ },
+ "yarn": {
+ "version": "1.22.4",
+ "resolved": "https://registry.npmjs.org/yarn/-/yarn-1.22.4.tgz",
+ "integrity": "sha512-oYM7hi/lIWm9bCoDMEWgffW8aiNZXCWeZ1/tGy0DWrN6vmzjCXIKu2Y21o8DYVBUtiktwKcNoxyGl/2iKLUNGA==",
+ "dev": true
}
}
}
diff --git a/package.json b/package.json
index 409d2bc..e46ccd9 100644
--- a/package.json
+++ b/package.json
@@ -74,7 +74,8 @@
"sinon": "^9.0.2",
"tslint": "^6.1.1",
"typescript": "^3.8.3",
- "vscode-test": "^1.3.0"
+ "vscode-test": "^1.3.0",
+ "yarn": "^1.22.4"
},
"engines": {
"vscode": "^1.41.0"
diff --git a/thirdpartynotices.txt b/thirdpartynotices.txt
deleted file mode 100644
index d00316e..0000000
--- a/thirdpartynotices.txt
+++ /dev/null
@@ -1,35 +0,0 @@
-THIRD-PARTY SOFTWARE NOTICES AND INFORMATION
-For Microsoft vscode-go
-
-This project incorporates material from the projects listed below. The original copyright notice
-and the license under which Microsoft received such material are set out below. Microsoft reserves
-all other rights not expressly granted, whether by implication, estoppel or otherwise.
-
-
-1. json-rpc2 version 1.0.2 (https://github.com/pocesar/node-jsonrpc2)
-
-The MIT License
-
- Copyright (C) 2009 Eric Florenzano <eflorenzano.com/aboutme/> and
- Ryan Tomayko <tomayko.com/about>
-
-Permission is hereby granted, free of charge, to any person ob-
-taining a copy of this software and associated documentation
-files (the "Software"), to deal in the Software without restric-
-tion, including without limitation the rights to use, copy, modi-
-fy, merge, publish, distribute, sublicense, and/or sell copies of
-the Software, and to permit persons to whom the Software is fur-
-nished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
-OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONIN-
-FRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
-ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
-CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-
diff --git a/tools/license.sh b/tools/license.sh
new file mode 100755
index 0000000..9647e1f
--- /dev/null
+++ b/tools/license.sh
@@ -0,0 +1,70 @@
+#!/bin/bash
+
+# Copyright 2020 The Go Authors. All rights reserved.
+# Licensed under the MIT License. See LICENSE in the project root for license information.
+
+set -euo pipefail
+
+root_dir() {
+ local script_name="${0}"
+ local script_dir=$(dirname "${script_name}")
+ local parent_dir=$(cd "${script_dir}/.." && pwd)
+ echo "${parent_dir}"
+}
+
+ROOT="$(root_dir)"
+cd "${ROOT}" # always run from the root directory.
+
+WORKTREE="$(mktemp -d)"
+BRANCH="license-gen-$(date +%Y%m%d%H%M%S)"
+
+git fetch
+git worktree add --track -b "${BRANCH}" "${WORKTREE}" origin/master
+
+cd "${WORKTREE}"
+export GIT_GOFMT_HOOK=off
+
+YARN="${ROOT}/node_modules/.bin/yarn"
+
+ALL_LICENSES=$(
+ $YARN licenses list --json --no-progress 2>/dev/null|
+ jq 'select(.type == "table") | .data.body | map( {name: .[0], version: .[1], license: .[2], url: .[3], verndor: .[4], vendorName: .[5]} )')
+
+NG=$(echo "${ALL_LICENSES}" | jq '
+{
+ "Apache-2.0": 1,
+ "BSD-2-Clause": 1,
+ "BSD-3-Clause": 1,
+ "ISC": 1,
+ "MIT": 1,
+ "Unlicense": 1,
+ "0BSD": 1,
+ "(Unlicense OR Apache-2.0)": 1,
+} as $allowed_licenses |
+{
+ "json-schema@0.2.3": 1,
+} as $allow_list |
+.[] | select(.license | in($allowed_licenses) | not)
+| select((.name+"@"+.version) | in($allow_list) | not) ')
+
+if [ -z "${NG}" ];
+then
+ echo "PASSED license check"
+else
+ echo "FAILED license check. The following dependencies need manual check: ${NG}" &&
+ echo "WORKTREE=${WORKTREE}" &&
+ exit 1
+fi
+
+LICENSEFILE="LICENSE.prod"
+cat LICENSE > "${LICENSEFILE}"
+printf "\n\n" >> "${LICENSEFILE}"
+"${YARN}" licenses generate-disclaimer --prod >> "${LICENSEFILE}"
+
+if [[ -f thirdpartynotices.txt ]]
+then
+ printf "\n" >> "${LICENSEFILE}"
+ cat thirdpartynotices.txt >> "${LICENSEFILE}"
+fi
+
+cd - && mv "${WORKTREE}/${LICENSEFILE}" . && git worktree remove "${WORKTREE}" -f