Add ScanCode LicenseRefs to summary definitions
Opened this issue · 2 comments
Description
Currently, LicenseRefs reported by ScanCode are converted to NOASSERTION or OTHER. Update code to allow LicenseRefs in definitions reported from ClearlyDefined.
NOTE: This may require changes in other repositories as well. Exploration is required to determine where the remapping is happening.
I've looked into this a bit and as I understand it today, there's two options for how we can address this. As far as I can tell, the only work required would be in the clearlydefined/service
repo.
The place where LicenseRef-
expressions get turned into NOASSERTION
values is ClearlyDefined's fork of the spdx-expression-parse.js
library.
The library calls three sub-functions as part of the parseAtom
function: https://github.com/clearlydefined/spdx-expression-parse.js/blob/4d69bb5b95e540da61a4c5c625e204eaedb4eff7/parse.js#L123-L129
function parseAtom () {
return (
parseParenthesizedExpression() ||
parseLicenseRef() ||
parseLicense()
)
}
While the parseLicenseRef
function does have support for LicenseRef-
expressions, what we call this function with is a ScanCode license expression, not yet a SPDX expression.
We do pass a "visitor" function to SPDX.parse
, however, this function only gets called in parseLicense
which runs _after parseLicenseRef
so our function that uses the scancodeMap
to turn the ScanCode expression into SPDX runs after the parsing code that supports LicenseRef
.
In my opinion, there are two ways for changing the behavior to support LicenseRef-
going forward:
- Update
spdx-expression-parse.js
to run the visitor function first, beforeparseLicenseRef
is called - Update the way we call
SPDX.parse
so that the use ofscancodeMap
happens before. I have an experimental commit here that makes this work: lumaxis@1e77eb7
- Update
spdx-expression-parse.js
to run the visitor function first, beforeparseLicenseRef
is called
Another variation of 1 can be introducing a licenseRefVisitor similar to licenseVisitor, converting the licenseRef as we parse the licenseRef leaf node.