oss/syft
2
0
Fork 0
mirror of https://github.com/anchore/syft.git synced 2026-02-12 10:36:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix: map license URLs to SPDX IDs for machine readable format

Browse Source 
Signed-off-by: Avadhut03 <avadhutkul60@gmail.com>
This commit is contained in:
Avadhut03 2025-09-26 09:56:21 +05:30
parent 323fd3e34c
commit d02e3bcf62
3 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
internal/spdxlicense/license_list.go
View File

@ -1426,6 +1426,8 @@ var licenseIDs = map[string]string{
var urlToLicense = map[string]string{ var urlToLicense = map[string]string{
"ftp://ftp.tin.org/pub/news/utils/newsx/newsx-1.6.tar.gz": "Zeeff", "ftp://ftp.tin.org/pub/news/utils/newsx/newsx-1.6.tar.gz": "Zeeff",
"http://apache.org/licenses/LICENSE-1.1": "Apache-1.1", "http://apache.org/licenses/LICENSE-1.1": "Apache-1.1",
"http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html": "LGPL-2.1-only",
"http://www.eclipse.org/org/documents/edl-v10.php": "BSD-3-Clause",
"http://artlibre.org/licence/lal/licence-art-libre-12/": "LAL-1.2", "http://artlibre.org/licence/lal/licence-art-libre-12/": "LAL-1.2",
"http://bits.netizen.com.au/licenses/NOSL/nosl.txt": "NOSL", "http://bits.netizen.com.au/licenses/NOSL/nosl.txt": "NOSL",
"http://bzip.org/1.0.5/bzip2-manual-1.0.5.html": "bzip2-1.0.6", "http://bzip.org/1.0.5/bzip2-manual-1.0.5.html": "bzip2-1.0.6",

12
internal/spdxlicense/license_url_test.go
View File

@ -53,6 +53,18 @@ func TestLicenseByURL(t *testing.T) {
wantID: "", wantID: "",
wantFound: false, wantFound: false,
}, },
{
name: "EPL-1.0 license URL",
url: "http://www.eclipse.org/legal/epl-v10.html",
wantID: "EPL-1.0",
wantFound: true,
},
{
name: "LGPL-2.1-only license URL",
url: "http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html",
wantID: "LGPL-2.1-only",
wantFound: true,
},
{ {
name: "Empty URL", name: "Empty URL",
url: "", url: "",

6
syft/pkg/cataloger/java/archive_parser.go
View File

@ -25,6 +25,7 @@ import (
"github.com/anchore/syft/syft/pkg" "github.com/anchore/syft/syft/pkg"
"github.com/anchore/syft/syft/pkg/cataloger/generic" "github.com/anchore/syft/syft/pkg/cataloger/generic"
"github.com/anchore/syft/syft/pkg/cataloger/java/internal/maven" "github.com/anchore/syft/syft/pkg/cataloger/java/internal/maven"
"github.com/anchore/syft/internal/spdxlicense"
) )
var archiveFormatGlobs = []string{ var archiveFormatGlobs = []string{
@ -375,6 +376,11 @@ func toPkgLicenses(ctx context.Context, location *file.Location, licenses []mave
if name == "" && url == "" { if name == "" && url == "" {
continue continue
} }
if licInfo, ok := spdxlicense.LicenseByURL(url); ok {
if name == "" {
name = licInfo.ID // use detected license ID if no name given
}
}
out = append(out, pkg.NewLicenseFromFieldsWithContext(ctx, name, url, location)) out = append(out, pkg.NewLicenseFromFieldsWithContext(ctx, name, url, location))
} }
return out return out