diff options
Diffstat (limited to 'jsonloader/parser2v2')
24 files changed, 0 insertions, 3305 deletions
diff --git a/jsonloader/parser2v2/jsonfiles/jsonloadertest.json b/jsonloader/parser2v2/jsonfiles/jsonloadertest.json deleted file mode 100644 index cf5955a..0000000 --- a/jsonloader/parser2v2/jsonfiles/jsonloadertest.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "SPDXID" : "SPDXRef-DOCUMENT", - "spdxVersion" : "SPDX-2.2", - "name" : "SPDX-Tools-v2.0", - "dataLicense" : "CC0-1.0" -}
\ No newline at end of file diff --git a/jsonloader/parser2v2/jsonfiles/otherlicensestest.json b/jsonloader/parser2v2/jsonfiles/otherlicensestest.json deleted file mode 100644 index 2144860..0000000 --- a/jsonloader/parser2v2/jsonfiles/otherlicensestest.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "hasExtractedLicensingInfos" : [ { - "extractedText" : "\"THE BEER-WARE LICENSE\" (Revision 42):\nphk@FreeBSD.ORG wrote this file. As long as you retain this notice you\ncan do whatever you want with this stuff. If we meet some day, and you think this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp </\nLicenseName: Beer-Ware License (Version 42)\nLicenseCrossReference: http://people.freebsd.org/~phk/\nLicenseComment: \nThe beerware license has a couple of other standard variants.", - "licenseId" : "LicenseRef-Beerware-4.2" - }, { - "extractedText" : "/*\n * (c) Copyright 2009 University of Bristol\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", - "licenseId" : "LicenseRef-4" - }, { - "comment" : "This is tye CyperNeko License", - "extractedText" : "The CyberNeko Software License, Version 1.0\n\n \n(C) Copyright 2002-2005, Andy Clark. All rights reserved.\n \nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions\nare met:\n\n1. Redistributions of source code must retain the above copyright\n notice, this list of conditions and the following disclaimer. \n\n2. Redistributions in binary form must reproduce the above copyright\n notice, this list of conditions and the following disclaimer in\n the documentation and/or other materials provided with the\n distribution.\n\n3. The end-user documentation included with the redistribution,\n if any, must include the following acknowledgment: \n \"This product includes software developed by Andy Clark.\"\n Alternately, this acknowledgment may appear in the software itself,\n if and wherever such third-party acknowledgments normally appear.\n\n4. The names \"CyberNeko\" and \"NekoHTML\" must not be used to endorse\n or promote products derived from this software without prior \n written permission. For written permission, please contact \n andyc@cyberneko.net.\n\n5. Products derived from this software may not be called \"CyberNeko\",\n nor may \"CyberNeko\" appear in their name, without prior written\n permission of the author.\n\nTHIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED\nWARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\nOF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR OTHER CONTRIBUTORS\nBE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, \nOR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT \nOF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR \nBUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, \nWHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE \nOR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, \nEVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", - "licenseId" : "LicenseRef-3", - "name" : "CyberNeko License", - "seeAlsos" : [ "http://people.apache.org/~andyc/neko/LICENSE", "http://justasample.url.com" ] - }, { - "extractedText" : "This package includes the GRDDL parser developed by Hewlett Packard under the following license:\n� Copyright 2007 Hewlett-Packard Development Company, LP\n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: \n\nRedistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. \nRedistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. \nThe name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. \nTHIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", - "licenseId" : "LicenseRef-2" - }, { - "extractedText" : "/*\n * (c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", - "licenseId" : "LicenseRef-1" - } ] - }
\ No newline at end of file diff --git a/jsonloader/parser2v2/jsonfiles/test.json b/jsonloader/parser2v2/jsonfiles/test.json deleted file mode 100644 index bf407b5..0000000 --- a/jsonloader/parser2v2/jsonfiles/test.json +++ /dev/null @@ -1,278 +0,0 @@ -{ - "SPDXID" : "SPDXRef-DOCUMENT", - "spdxVersion" : "SPDX-2.2", - "creationInfo" : { - "comment" : "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries.", - "created" : "2010-01-29T18:30:22Z", - "creators" : [ "Tool: LicenseFind-1.0", "Organization: ExampleCodeInspect ()", "Person: Jane Doe ()" ], - "licenseListVersion" : "3.8" - }, - "name" : "SPDX-Tools-v2.0", - "dataLicense" : "CC0-1.0", - "comment" : "This document was created using SPDX 2.0 using licenses from the web site.", - "externalDocumentRefs" : [ { - "externalDocumentId" : "DocumentRef-spdx-tool-1.2", - "checksum" : { - "algorithm" : "SHA1", - "checksumValue" : "d6a770ba38583ed4bb4525bd96e50461655d2759" - }, - "spdxDocument" : "http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301" - } ], - "hasExtractedLicensingInfos" : [ { - "extractedText" : "\"THE BEER-WARE LICENSE\" (Revision 42):\nphk@FreeBSD.ORG wrote this file. As long as you retain this notice you\ncan do whatever you want with this stuff. If we meet some day, and you think this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp </\nLicenseName: Beer-Ware License (Version 42)\nLicenseCrossReference: http://people.freebsd.org/~phk/\nLicenseComment: \nThe beerware license has a couple of other standard variants.", - "licenseId" : "LicenseRef-Beerware-4.2" - }, { - "extractedText" : "/*\n * (c) Copyright 2009 University of Bristol\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", - "licenseId" : "LicenseRef-4" - }, { - "comment" : "This is tye CyperNeko License", - "extractedText" : "The CyberNeko Software License, Version 1.0\n\n \n(C) Copyright 2002-2005, Andy Clark. All rights reserved.\n \nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions\nare met:\n\n1. Redistributions of source code must retain the above copyright\n notice, this list of conditions and the following disclaimer. \n\n2. Redistributions in binary form must reproduce the above copyright\n notice, this list of conditions and the following disclaimer in\n the documentation and/or other materials provided with the\n distribution.\n\n3. The end-user documentation included with the redistribution,\n if any, must include the following acknowledgment: \n \"This product includes software developed by Andy Clark.\"\n Alternately, this acknowledgment may appear in the software itself,\n if and wherever such third-party acknowledgments normally appear.\n\n4. The names \"CyberNeko\" and \"NekoHTML\" must not be used to endorse\n or promote products derived from this software without prior \n written permission. For written permission, please contact \n andyc@cyberneko.net.\n\n5. Products derived from this software may not be called \"CyberNeko\",\n nor may \"CyberNeko\" appear in their name, without prior written\n permission of the author.\n\nTHIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED\nWARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\nOF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR OTHER CONTRIBUTORS\nBE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, \nOR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT \nOF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR \nBUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, \nWHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE \nOR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, \nEVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", - "licenseId" : "LicenseRef-3", - "name" : "CyberNeko License", - "seeAlsos" : [ "http://people.apache.org/~andyc/neko/LICENSE", "http://justasample.url.com" ] - }, { - "extractedText" : "This package includes the GRDDL parser developed by Hewlett Packard under the following license:\n� Copyright 2007 Hewlett-Packard Development Company, LP\n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: \n\nRedistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. \nRedistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. \nThe name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. \nTHIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", - "licenseId" : "LicenseRef-2" - }, { - "extractedText" : "/*\n * (c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", - "licenseId" : "LicenseRef-1" - } ], - "annotations" : [ { - "annotationDate" : "2010-02-10T00:00:00Z", - "annotationType" : "REVIEW", - "annotator" : "Person: Joe Reviewer", - "comment" : "This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses" - }, { - "annotationDate" : "2011-03-13T00:00:00Z", - "annotationType" : "REVIEW", - "annotator" : "Person: Suzanne Reviewer", - "comment" : "Another example reviewer." - }, { - "annotationDate" : "2010-01-29T18:30:22Z", - "annotationType" : "OTHER", - "annotator" : "Person: Jane Doe ()", - "comment" : "Document level annotation" - } ], - "documentNamespace" : "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301", - "documentDescribes" : [ "SPDXRef-File", "SPDXRef-Package" ], - "packages" : [ { - "SPDXID" : "SPDXRef-Package", - "annotations" : [ { - "annotationDate" : "2011-01-29T18:30:22Z", - "annotationType" : "OTHER", - "annotator" : "Person: Package Commenter", - "comment" : "Package level annotation" - } ], - "attributionTexts" : [ "The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually." ], - "checksums" : [ { - "algorithm" : "SHA256", - "checksumValue" : "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd" - }, { - "algorithm" : "SHA1", - "checksumValue" : "85ed0817af83a24ad8da68c2b5094de69833983c" - }, { - "algorithm" : "MD5", - "checksumValue" : "624c1abb3664f4b35547e7c73864ad24" - } ], - "copyrightText" : "Copyright 2008-2010 John Smith", - "description" : "The GNU C Library defines functions that are specified by the ISO C standard, as well as additional features specific to POSIX and other derivatives of the Unix operating system, and extensions specific to GNU systems.", - "downloadLocation" : "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz", - "externalRefs" : [ { - "comment" : "This is the external ref for Acme", - "referenceCategory" : "OTHER", - "referenceLocator" : "acmecorp/acmenator/4.1.3-alpha", - "referenceType" : "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301#LocationRef-acmeforge" - }, { - "referenceCategory" : "SECURITY", - "referenceLocator" : "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*", - "referenceType" : "http://spdx.org/rdf/references/cpe23Type" - } ], - "filesAnalyzed" : true, - "hasFiles" : [ "SPDXRef-JenaLib", "SPDXRef-DoapSource", "SPDXRef-CommonsLangSrc" ], - "homepage" : "http://ftp.gnu.org/gnu/glibc", - "licenseComments" : "The license for this project changed with the release of version x.y. The version of the project included here post-dates the license change.", - "licenseConcluded" : "(LGPL-2.0-only OR LicenseRef-3)", - "licenseDeclared" : "(LGPL-2.0-only AND LicenseRef-3)", - "licenseInfoFromFiles" : [ "GPL-2.0-only", "LicenseRef-2", "LicenseRef-1" ], - "name" : "glibc", - "originator" : "Organization: ExampleCodeInspect (contact@example.com)", - "packageFileName" : "glibc-2.11.1.tar.gz", - "packageVerificationCode" : { - "packageVerificationCodeExcludedFiles" : [ "excludes: ./package.spdx" ], - "packageVerificationCodeValue" : "d6a770ba38583ed4bb4525bd96e50461655d2758" - }, - "sourceInfo" : "uses glibc-2_11-branch from git://sourceware.org/git/glibc.git.", - "summary" : "GNU C library.", - "supplier" : "Person: Jane Doe (jane.doe@example.com)", - "versionInfo" : "2.11.1" - }, { - "SPDXID" : "SPDXRef-fromDoap-1", - "comment" : "This package was converted from a DOAP Project by the same name", - "copyrightText" : "NOASSERTION", - "downloadLocation" : "NOASSERTION", - "filesAnalyzed" : false, - "homepage" : "http://commons.apache.org/proper/commons-lang/", - "licenseConcluded" : "NOASSERTION", - "licenseDeclared" : "NOASSERTION", - "name" : "Apache Commons Lang" - }, { - "SPDXID" : "SPDXRef-fromDoap-0", - "comment" : "This package was converted from a DOAP Project by the same name", - "copyrightText" : "NOASSERTION", - "downloadLocation" : "NOASSERTION", - "filesAnalyzed" : false, - "homepage" : "http://www.openjena.org/", - "licenseConcluded" : "NOASSERTION", - "licenseDeclared" : "NOASSERTION", - "name" : "Jena" - }, { - "SPDXID" : "SPDXRef-Saxon", - "checksums" : [ { - "algorithm" : "SHA1", - "checksumValue" : "85ed0817af83a24ad8da68c2b5094de69833983c" - } ], - "description" : "The Saxon package is a collection of tools for processing XML documents.", - "downloadLocation" : "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download", - "filesAnalyzed" : false, - "homepage" : "http://saxon.sourceforge.net/", - "licenseComments" : "Other versions available for a commercial license", - "licenseConcluded" : "MPL-1.0", - "licenseDeclared" : "MPL-1.0", - "name" : "Saxon", - "packageFileName" : "saxonB-8.8.zip", - "versionInfo" : "8.8" - } ], - "files" : [ { - "SPDXID" : "SPDXRef-DoapSource", - "checksums" : [ { - "algorithm" : "SHA1", - "checksumValue" : "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12" - } ], - "copyrightText" : "Copyright 2010, 2011 Source Auditor Inc.", - "fileContributors" : [ "Protecode Inc.", "SPDX Technical Team Members", "Open Logic Inc.", "Source Auditor Inc.", "Black Duck Software In.c" ], - "fileDependencies" : [ "SPDXRef-JenaLib", "SPDXRef-CommonsLangSrc" ], - "fileName" : "./src/org/spdx/parser/DOAPProject.java", - "fileTypes" : [ "SOURCE" ], - "licenseConcluded" : "Apache-2.0", - "licenseInfoInFiles" : [ "Apache-2.0" ] - }, { - "SPDXID" : "SPDXRef-CommonsLangSrc", - "checksums" : [ { - "algorithm" : "SHA1", - "checksumValue" : "c2b4e1c67a2d28fced849ee1bb76e7391b93f125" - } ], - "comment" : "This file is used by Jena", - "copyrightText" : "Copyright 2001-2011 The Apache Software Foundation", - "fileContributors" : [ "Apache Software Foundation" ], - "fileName" : "./lib-source/commons-lang3-3.1-sources.jar", - "fileTypes" : [ "ARCHIVE" ], - "licenseConcluded" : "Apache-2.0", - "licenseInfoInFiles" : [ "Apache-2.0" ], - "noticeText" : "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())" - }, { - "SPDXID" : "SPDXRef-JenaLib", - "checksums" : [ { - "algorithm" : "SHA1", - "checksumValue" : "3ab4e1c67a2d28fced849ee1bb76e7391b93f125" - } ], - "comment" : "This file belongs to Jena", - "copyrightText" : "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", - "fileContributors" : [ "Apache Software Foundation", "Hewlett Packard Inc." ], - "fileDependencies" : [ "SPDXRef-CommonsLangSrc" ], - "fileName" : "./lib-source/jena-2.6.3-sources.jar", - "fileTypes" : [ "ARCHIVE" ], - "licenseComments" : "This license is used by Jena", - "licenseConcluded" : "LicenseRef-1", - "licenseInfoInFiles" : [ "LicenseRef-1" ] - }, { - "SPDXID" : "SPDXRef-File", - "annotations" : [ { - "annotationDate" : "2011-01-29T18:30:22Z", - "annotationType" : "OTHER", - "annotator" : "Person: File Commenter", - "comment" : "File level annotation" - } ], - "checksums" : [ { - "algorithm" : "SHA1", - "checksumValue" : "d6a770ba38583ed4bb4525bd96e50461655d2758" - }, { - "algorithm" : "MD5", - "checksumValue" : "624c1abb3664f4b35547e7c73864ad24" - } ], - "comment" : "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory.", - "copyrightText" : "Copyright 2008-2010 John Smith", - "fileContributors" : [ "The Regents of the University of California", "Modified by Paul Mundt lethal@linux-sh.org", "IBM Corporation" ], - "fileName" : "./package/foo.c", - "fileTypes" : [ "SOURCE" ], - "licenseComments" : "The concluded license was taken from the package level that the file was included in.", - "licenseConcluded" : "(LGPL-2.0-only OR LicenseRef-2)", - "licenseInfoInFiles" : [ "GPL-2.0-only", "LicenseRef-2" ], - "noticeText" : "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the �Software�), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE." - } ], - "snippets" : [ { - "SPDXID" : "SPDXRef-Snippet", - "comment" : "This snippet was identified as significant and highlighted in this Apache-2.0 file, when a commercial scanner identified it as being derived from file foo.c in package xyz which is licensed under GPL-2.0.", - "copyrightText" : "Copyright 2008-2010 John Smith", - "licenseComments" : "The concluded license was taken from package xyz, from which the snippet was copied into the current file. The concluded license information was found in the COPYING.txt file in package xyz.", - "licenseConcluded" : "GPL-2.0-only", - "licenseInfoInSnippets" : [ "GPL-2.0-only" ], - "name" : "from linux kernel", - "ranges" : [ { - "endPointer" : { - "lineNumber" : 23, - "reference" : "SPDXRef-DoapSource" - }, - "startPointer" : { - "lineNumber" : 5, - "reference" : "SPDXRef-DoapSource" - } - }, { - "endPointer" : { - "offset" : 420, - "reference" : "SPDXRef-DoapSource" - }, - "startPointer" : { - "offset" : 310, - "reference" : "SPDXRef-DoapSource" - } - } ], - "snippetFromFile" : "SPDXRef-DoapSource" - } ], - "relationships" : [ { - "spdxElementId" : "SPDXRef-DOCUMENT", - "relatedSpdxElement" : "DocumentRef-spdx-tool-1.2:SPDXRef-ToolsElement", - "relationshipType" : "COPY_OF" - }, { - "spdxElementId" : "SPDXRef-DOCUMENT", - "relatedSpdxElement" : "SPDXRef-Package", - "relationshipType" : "CONTAINS" - }, { - "spdxElementId" : "SPDXRef-DOCUMENT", - "relatedSpdxElement" : "SPDXRef-File", - "relationshipType" : "DESCRIBES" - }, { - "spdxElementId" : "SPDXRef-DOCUMENT", - "relatedSpdxElement" : "SPDXRef-Package", - "relationshipType" : "DESCRIBES" - }, { - "spdxElementId" : "SPDXRef-Package", - "relatedSpdxElement" : "SPDXRef-Saxon", - "relationshipType" : "DYNAMIC_LINK" - }, { - "spdxElementId" : "SPDXRef-Package", - "relatedSpdxElement" : "SPDXRef-JenaLib", - "relationshipType" : "CONTAINS" - }, { - "spdxElementId" : "SPDXRef-CommonsLangSrc", - "relatedSpdxElement" : "NOASSERTION", - "relationshipType" : "GENERATED_FROM" - }, { - "spdxElementId" : "SPDXRef-JenaLib", - "relatedSpdxElement" : "SPDXRef-Package", - "relationshipType" : "CONTAINS" - }, { - "spdxElementId" : "SPDXRef-File", - "relatedSpdxElement" : "SPDXRef-fromDoap-0", - "relationshipType" : "GENERATED_FROM" - } ] -} diff --git a/jsonloader/parser2v2/parse_annotations.go b/jsonloader/parser2v2/parse_annotations.go deleted file mode 100644 index f9ceaa3..0000000 --- a/jsonloader/parser2v2/parse_annotations.go +++ /dev/null @@ -1,48 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "fmt" - "reflect" - - "github.com/spdx/tools-golang/spdx" -) - -func (spec JSONSpdxDocument) parseJsonAnnotations2_2(key string, value interface{}, doc *spdxDocument2_2, SPDXElementId spdx.DocElementID) error { - //FIXME: SPDXID property not defined in spec but it is needed - if reflect.TypeOf(value).Kind() == reflect.Slice { - annotations := reflect.ValueOf(value) - for i := 0; i < annotations.Len(); i++ { - annotation := annotations.Index(i).Interface().(map[string]interface{}) - ann := spdx.Annotation2_2{AnnotationSPDXIdentifier: SPDXElementId} - // Remove loop all properties are mandatory in annotations - for k, v := range annotation { - switch k { - case "annotationDate": - ann.AnnotationDate = v.(string) - case "annotationType": - ann.AnnotationType = v.(string) - case "comment": - ann.AnnotationComment = v.(string) - case "annotator": - subkey, subvalue, err := extractSubs(v.(string)) - if err != nil { - return err - } - if subkey != "Person" && subkey != "Organization" && subkey != "Tool" { - return fmt.Errorf("unrecognized Annotator type %v", subkey) - } - ann.AnnotatorType = subkey - ann.Annotator = subvalue - - default: - return fmt.Errorf("received unknown tag %v in Annotation section", k) - } - } - doc.Annotations = append(doc.Annotations, &ann) - } - - } - return nil -} diff --git a/jsonloader/parser2v2/parse_annotations_test.go b/jsonloader/parser2v2/parse_annotations_test.go deleted file mode 100644 index 014c3dd..0000000 --- a/jsonloader/parser2v2/parse_annotations_test.go +++ /dev/null @@ -1,156 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "encoding/json" - "reflect" - "testing" - - "github.com/spdx/tools-golang/spdx" -) - -func TestJSONSpdxDocument_parseJsonAnnotations2_2(t *testing.T) { - - data := []byte(`{ - "annotations" : [ { - "annotationDate" : "2010-02-10T00:00:00Z", - "annotationType" : "REVIEW", - "annotator" : "Person: Joe Reviewer", - "comment" : "This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses" - }, { - "annotationDate" : "2011-03-13T00:00:00Z", - "annotationType" : "REVIEW", - "annotator" : "Person: Suzanne Reviewer", - "comment" : "Another example reviewer." - }, { - "annotationDate" : "2010-01-29T18:30:22Z", - "annotationType" : "OTHER", - "annotator" : "Person: Jane Doe ()", - "comment" : "Document level annotation" - } ] - } - `) - data2 := []byte(`{ - "annotations" : [ { - "annotationDate" : "2010-02-10T00:00:00Z", - "annotationType" : "REVIEW", - "annotator" : "Person: Joe Reviewer", - "comment" : "This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses", - "Hello":"hellp" - }] -} -`) - data3 := []byte(`{ - "annotations" : [ { - "annotationDate" : "2010-02-10T00:00:00Z", - "annotationType" : "REVIEW", - "annotator" : "Fasle: Joe Reviewer", - "comment" : "This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses", - "Hello":"hellp" - }] -} -`) - - annotationstest1 := []*spdx.Annotation2_2{ - { - AnnotationSPDXIdentifier: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - AnnotationDate: "2010-02-10T00:00:00Z", - AnnotationType: "REVIEW", - AnnotatorType: "Person", - Annotator: "Joe Reviewer", - AnnotationComment: "This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses", - }, - { - AnnotationSPDXIdentifier: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - AnnotationDate: "2011-03-13T00:00:00Z", - AnnotationType: "REVIEW", - AnnotatorType: "Person", - Annotator: "Suzanne Reviewer", - AnnotationComment: "Another example reviewer.", - }, - { - AnnotationSPDXIdentifier: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - AnnotationDate: "2010-01-29T18:30:22Z", - AnnotationType: "OTHER", - AnnotatorType: "Person", - Annotator: "Jane Doe ()", - AnnotationComment: "Document level annotation", - }, - } - - var specs JSONSpdxDocument - var specs2 JSONSpdxDocument - var specs3 JSONSpdxDocument - - json.Unmarshal(data, &specs) - json.Unmarshal(data2, &specs2) - json.Unmarshal(data3, &specs3) - - type args struct { - key string - value interface{} - doc *spdxDocument2_2 - SPDXElementID spdx.DocElementID - } - tests := []struct { - name string - spec JSONSpdxDocument - args args - want []*spdx.Annotation2_2 - wantErr bool - }{ - // TODO: Add test cases. - { - name: "successTest", - spec: specs, - args: args{ - key: "annotations", - value: specs["annotations"], - doc: &spdxDocument2_2{}, - SPDXElementID: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - }, - want: annotationstest1, - wantErr: false, - }, - { - name: "failure test - invaid creator type", - spec: specs2, - args: args{ - key: "annotations", - value: specs2["annotations"], - doc: &spdxDocument2_2{}, - SPDXElementID: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - }, - want: nil, - wantErr: true, - }, - { - name: "failure test - invalid tag", - spec: specs3, - args: args{ - key: "annotations", - value: specs3["annotations"], - doc: &spdxDocument2_2{}, - SPDXElementID: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - }, - want: nil, - wantErr: true, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - if err := tt.spec.parseJsonAnnotations2_2(tt.args.key, tt.args.value, tt.args.doc, tt.args.SPDXElementID); (err != nil) != tt.wantErr { - t.Errorf("JSONSpdxDocument.parseJsonAnnotations2_2() error = %v, wantErr %v", err, tt.wantErr) - } - if !tt.wantErr { - for i := 0; i < len(tt.want); i++ { - if !reflect.DeepEqual(tt.args.doc.Annotations[i], tt.want[i]) { - t.Errorf("Load2_2() = %v, want %v", tt.args.doc.Annotations[i], tt.want[i]) - } - } - } - - }) - } -} diff --git a/jsonloader/parser2v2/parse_creation_info.go b/jsonloader/parser2v2/parse_creation_info.go deleted file mode 100644 index 9e818e8..0000000 --- a/jsonloader/parser2v2/parse_creation_info.go +++ /dev/null @@ -1,122 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "fmt" - "reflect" - "strings" - - "github.com/spdx/tools-golang/spdx" -) - -func (spec JSONSpdxDocument) parseJsonCreationInfo2_2(key string, value interface{}, doc *spdxDocument2_2) error { - // create an SPDX Creation Info data struct if we don't have one already - - if doc.CreationInfo == nil { - doc.CreationInfo = &spdx.CreationInfo2_2{ - ExternalDocumentReferences: map[string]spdx.ExternalDocumentRef2_2{}, - } - } - ci := doc.CreationInfo - switch key { - case "dataLicense": - ci.DataLicense = value.(string) - case "spdxVersion": - ci.SPDXVersion = value.(string) - case "SPDXID": - id, err := extractElementID(value.(string)) - if err != nil { - return fmt.Errorf("%s", err) - } - ci.SPDXIdentifier = id - case "documentNamespace": - ci.DocumentNamespace = value.(string) - case "name": - ci.DocumentName = value.(string) - case "comment": - ci.DocumentComment = value.(string) - case "creationInfo": - creationInfo := value.(map[string]interface{}) - for key, val := range creationInfo { - switch key { - case "comment": - ci.CreatorComment = val.(string) - case "created": - ci.Created = val.(string) - case "licenseListVersion": - ci.LicenseListVersion = val.(string) - case "creators": - err := parseCreators(creationInfo["creators"], ci) - if err != nil { - return fmt.Errorf("%s", err) - } - } - } - case "externalDocumentRefs": - err := parseExternalDocumentRefs(value, ci) - if err != nil { - return fmt.Errorf("%s", err) - } - default: - return fmt.Errorf("unrecognized key %v", key) - - } - - return nil -} - -// ===== Helper functions ===== - -func parseCreators(creators interface{}, ci *spdx.CreationInfo2_2) error { - if reflect.TypeOf(creators).Kind() == reflect.Slice { - s := reflect.ValueOf(creators) - - for i := 0; i < s.Len(); i++ { - subkey, subvalue, err := extractSubs(s.Index(i).Interface().(string)) - if err != nil { - return err - } - switch subkey { - case "Person": - ci.CreatorPersons = append(ci.CreatorPersons, subvalue) - case "Organization": - ci.CreatorOrganizations = append(ci.CreatorOrganizations, subvalue) - case "Tool": - ci.CreatorTools = append(ci.CreatorTools, subvalue) - default: - return fmt.Errorf("unrecognized Creator type %v", subkey) - } - - } - } - return nil -} - -func parseExternalDocumentRefs(references interface{}, ci *spdx.CreationInfo2_2) error { - if reflect.TypeOf(references).Kind() == reflect.Slice { - s := reflect.ValueOf(references) - - for i := 0; i < s.Len(); i++ { - ref := s.Index(i).Interface().(map[string]interface{}) - documentRefID := ref["externalDocumentId"].(string) - if !strings.HasPrefix(documentRefID, "DocumentRef-") { - return fmt.Errorf("expected first element to have DocumentRef- prefix") - } - documentRefID = strings.TrimPrefix(documentRefID, "DocumentRef-") - if documentRefID == "" { - return fmt.Errorf("document identifier has nothing after prefix") - } - checksum := ref["checksum"].(map[string]interface{}) - edr := spdx.ExternalDocumentRef2_2{ - DocumentRefID: documentRefID, - URI: ref["spdxDocument"].(string), - Alg: checksum["algorithm"].(string), - Checksum: checksum["checksumValue"].(string), - } - - ci.ExternalDocumentReferences[documentRefID] = edr - } - } - return nil -} diff --git a/jsonloader/parser2v2/parse_creation_info_test.go b/jsonloader/parser2v2/parse_creation_info_test.go deleted file mode 100644 index 280775a..0000000 --- a/jsonloader/parser2v2/parse_creation_info_test.go +++ /dev/null @@ -1,227 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "reflect" - "testing" - - "github.com/spdx/tools-golang/spdx" -) - -func TestJSONSpdxDocument_parseJsonCreationInfo2_2(t *testing.T) { - - var specs JSONSpdxDocument - - type args struct { - key string - value interface{} - doc *spdxDocument2_2 - } - tests := []struct { - name string - spec JSONSpdxDocument - args args - want *spdx.CreationInfo2_2 - wantErr bool - }{ - // TODO: Add test cases. - // check whether DataLicense is being parsed - { - name: "DataLicense", - spec: specs, - args: args{ - key: "dataLicense", - value: "CC0-1.0", - doc: &spdxDocument2_2{}, - }, - want: &spdx.CreationInfo2_2{DataLicense: "CC0-1.0", ExternalDocumentReferences: map[string]spdx.ExternalDocumentRef2_2{}}, - wantErr: false, - }, - // check whether SPDXID is being parsed - { - name: "SPDXID", - spec: specs, - args: args{ - key: "SPDXID", - value: "SPDXRef-DOCUMENT", - doc: &spdxDocument2_2{}, - }, - want: &spdx.CreationInfo2_2{SPDXIdentifier: "DOCUMENT", ExternalDocumentReferences: map[string]spdx.ExternalDocumentRef2_2{}}, - wantErr: false, - }, - // check whether DocumentName is being parsed - { - name: "DocumentName", - spec: specs, - args: args{ - key: "name", - value: "SPDX-Tools-v2.0", - doc: &spdxDocument2_2{}, - }, - want: &spdx.CreationInfo2_2{DocumentName: "SPDX-Tools-v2.0", ExternalDocumentReferences: map[string]spdx.ExternalDocumentRef2_2{}}, - wantErr: false, - }, - // check whether SPDXVersion is being parsed - { - name: "spdxVersion", - spec: specs, - args: args{ - key: "spdxVersion", - value: "SPDX-2.2", - doc: &spdxDocument2_2{}, - }, - want: &spdx.CreationInfo2_2{SPDXVersion: "SPDX-2.2", ExternalDocumentReferences: map[string]spdx.ExternalDocumentRef2_2{}}, - wantErr: false, - }, - // check whether DocumentComment is being parsed - { - name: "comment", - spec: specs, - args: args{ - key: "comment", - value: "This document was created using SPDX 2.0 using licenses from the web site.", - doc: &spdxDocument2_2{}, - }, - want: &spdx.CreationInfo2_2{DocumentComment: "This document was created using SPDX 2.0 using licenses from the web site.", ExternalDocumentReferences: map[string]spdx.ExternalDocumentRef2_2{}}, - wantErr: false, - }, - // check whether DocumentNamespace is being parsed - { - name: "documentNamespace", - spec: specs, - args: args{ - key: "documentNamespace", - value: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301", - doc: &spdxDocument2_2{}, - }, - want: &spdx.CreationInfo2_2{DocumentNamespace: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301", ExternalDocumentReferences: map[string]spdx.ExternalDocumentRef2_2{}}, - wantErr: false, - }, - // check whether CreationInfo(Creators , CreatorComment and Licence List Version) is being parsed - { - name: "creationInfo", - spec: specs, - args: args{ - key: "creationInfo", - value: map[string]interface{}{ - "comment": "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries.", - "created": "2010-01-29T18:30:22Z", - "creators": []string{"Tool: LicenseFind-1.0", "Organization: ExampleCodeInspect ()", "Person: Jane Doe ()"}, - "licenseListVersion": "3.8", - }, - doc: &spdxDocument2_2{}, - }, - want: &spdx.CreationInfo2_2{ - CreatorComment: "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries.", - Created: "2010-01-29T18:30:22Z", - CreatorPersons: []string{"Jane Doe ()"}, - CreatorOrganizations: []string{"ExampleCodeInspect ()"}, - CreatorTools: []string{"LicenseFind-1.0"}, - LicenseListVersion: "3.8", - ExternalDocumentReferences: map[string]spdx.ExternalDocumentRef2_2{}, - }, - wantErr: false, - }, - // check whether ExternalDocumentReferences is being parsed - { - name: "externalDocumentRefs", - spec: specs, - args: args{ - key: "externalDocumentRefs", - value: []map[string]interface{}{ - { - "externalDocumentId": "DocumentRef-spdx-tool-1.2", - "spdxDocument": "http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301", - "checksum": map[string]interface{}{ - "algorithm": "SHA1", - "checksumValue": "d6a770ba38583ed4bb4525bd96e50461655d2759", - }, - }, - }, - doc: &spdxDocument2_2{}, - }, - want: &spdx.CreationInfo2_2{ - ExternalDocumentReferences: map[string]spdx.ExternalDocumentRef2_2{ - "spdx-tool-1.2": { - DocumentRefID: "spdx-tool-1.2", - URI: "http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301", - Alg: "SHA1", - Checksum: "d6a770ba38583ed4bb4525bd96e50461655d2759", - }, - }, - }, - wantErr: false, - }, - { - name: "failure : Invalid tag ", - spec: specs, - args: args{ - key: "invalid", - value: "This document was created using SPDX 2.0 using licenses from the web site.", - doc: &spdxDocument2_2{}, - }, - want: &spdx.CreationInfo2_2{ExternalDocumentReferences: map[string]spdx.ExternalDocumentRef2_2{}}, - wantErr: true, - }, - { - name: "failure : DocRef missing in ExternalRefs", - spec: specs, - args: args{ - key: "externalDocumentRefs", - value: []map[string]interface{}{ - { - "externalDocumentId": "spdx-tool-1.2", - "spdxDocument": "http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301", - "checksum": map[string]interface{}{ - "algorithm": "SHA1", - "checksumValue": "d6a770ba38583ed4bb4525bd96e50461655d2759", - }, - }, - }, - doc: &spdxDocument2_2{}, - }, - want: nil, - wantErr: true, - }, - { - name: "failure : invalid SPDXID", - spec: specs, - args: args{ - key: "SPDXID", - value: "DOCUMENT", - doc: &spdxDocument2_2{}, - }, - want: &spdx.CreationInfo2_2{ExternalDocumentReferences: map[string]spdx.ExternalDocumentRef2_2{}}, - wantErr: true, - }, - { - name: "failure - invalid creator type", - spec: specs, - args: args{ - key: "creationInfo", - value: map[string]interface{}{ - "comment": "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries.", - "created": "2010-01-29T18:30:22Z", - "creators": []string{"Invalid: LicenseFind-1.0", "Organization: ExampleCodeInspect ()", "Person: Jane Doe ()"}, - "licenseListVersion": "3.8", - }, - doc: &spdxDocument2_2{}, - }, - want: nil, - wantErr: true, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - tt.args.doc = &spdxDocument2_2{} - if err := tt.spec.parseJsonCreationInfo2_2(tt.args.key, tt.args.value, tt.args.doc); (err != nil) != tt.wantErr { - t.Errorf("JSONSpdxDocument.parseJsonCreationInfo2_2() error = %v, wantErr %v", err, tt.wantErr) - } - if !tt.wantErr && !reflect.DeepEqual(tt.args.doc.CreationInfo, tt.want) { - t.Errorf("Load2_2() = %v, want %v", tt.args.doc.CreationInfo, tt.want) - } - - }) - } -} diff --git a/jsonloader/parser2v2/parse_files.go b/jsonloader/parser2v2/parse_files.go deleted file mode 100644 index 090c5e7..0000000 --- a/jsonloader/parser2v2/parse_files.go +++ /dev/null @@ -1,122 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "fmt" - "reflect" - - "github.com/spdx/tools-golang/spdx" -) - -//TODO: check whether file can contain annotations or not -func (spec JSONSpdxDocument) parseJsonFiles2_2(key string, value interface{}, doc *spdxDocument2_2) error { - - if doc.UnpackagedFiles == nil { - doc.UnpackagedFiles = map[spdx.ElementID]*spdx.File2_2{} - } - - if reflect.TypeOf(value).Kind() == reflect.Slice { - files := reflect.ValueOf(value) - for i := 0; i < files.Len(); i++ { - filemap := files.Index(i).Interface().(map[string]interface{}) - // create a new package - file := &spdx.File2_2{} - //extract the SPDXID of the package - eID, err := extractElementID(filemap["SPDXID"].(string)) - if err != nil { - return fmt.Errorf("%s", err) - } - file.FileSPDXIdentifier = eID - //range over all other properties now - for k, v := range filemap { - switch k { - case "SPDXID": - //redundant case - case "fileName": - file.FileName = v.(string) - case "fileTypes": - if reflect.TypeOf(v).Kind() == reflect.Slice { - texts := reflect.ValueOf(v) - for i := 0; i < texts.Len(); i++ { - file.FileType = append(file.FileType, texts.Index(i).Interface().(string)) - } - } - case "checksums": - //general function to parse checksums in utils - if reflect.TypeOf(v).Kind() == reflect.Slice { - checksums := reflect.ValueOf(v) - if file.FileChecksums == nil { - file.FileChecksums = make(map[spdx.ChecksumAlgorithm]spdx.Checksum) - } - for i := 0; i < checksums.Len(); i++ { - checksum := checksums.Index(i).Interface().(map[string]interface{}) - switch checksum["algorithm"].(string) { - case spdx.SHA1, spdx.SHA256, spdx.MD5: - algorithm := spdx.ChecksumAlgorithm(checksum["algorithm"].(string)) - file.FileChecksums[algorithm] = spdx.Checksum{Algorithm: algorithm, Value: checksum["checksumValue"].(string)} - default: - return fmt.Errorf("got unknown checksum type %s", checksum["algorithm"]) - } - } - } - case "annotations": - id, err := extractDocElementID(filemap["SPDXID"].(string)) - if err != nil { - return fmt.Errorf("%s", err) - } - err = spec.parseJsonAnnotations2_2(k, v, doc, id) - if err != nil { - return err - } - case "copyrightText": - file.FileCopyrightText = v.(string) - case "noticeText": - file.FileNotice = v.(string) - case "licenseComments": - file.LicenseComments = v.(string) - case "licenseConcluded": - file.LicenseConcluded = v.(string) - case "licenseInfoInFiles": - if reflect.TypeOf(v).Kind() == reflect.Slice { - info := reflect.ValueOf(v) - for i := 0; i < info.Len(); i++ { - file.LicenseInfoInFile = append(file.LicenseInfoInFile, info.Index(i).Interface().(string)) - } - } - case "fileContributors": - if reflect.TypeOf(v).Kind() == reflect.Slice { - info := reflect.ValueOf(v) - for i := 0; i < info.Len(); i++ { - file.FileContributor = append(file.FileContributor, info.Index(i).Interface().(string)) - } - } - case "fileDependencies": - if reflect.TypeOf(v).Kind() == reflect.Slice { - info := reflect.ValueOf(v) - for i := 0; i < info.Len(); i++ { - file.FileDependencies = append(file.FileDependencies, info.Index(i).Interface().(string)) - } - } - case "attributionTexts": - if reflect.TypeOf(v).Kind() == reflect.Slice { - info := reflect.ValueOf(v) - for i := 0; i < info.Len(); i++ { - file.FileAttributionTexts = append(file.FileAttributionTexts, info.Index(i).Interface().(string)) - } - } - case "comment": - file.FileComment = v.(string) - - default: - return fmt.Errorf("received unknown tag %v in files section", k) - } - } - doc.UnpackagedFiles[eID] = file - } - - } - return nil -} - -//relationship comment property diff --git a/jsonloader/parser2v2/parse_files_test.go b/jsonloader/parser2v2/parse_files_test.go deleted file mode 100644 index 4d54fad..0000000 --- a/jsonloader/parser2v2/parse_files_test.go +++ /dev/null @@ -1,210 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "encoding/json" - "reflect" - "testing" - - "github.com/spdx/tools-golang/spdx" -) - -//TODO: tests for annotations parsed from files - -func TestJSONSpdxDocument_parseJsonFiles2_2(t *testing.T) { - - data := []byte(`{ - "files" : [ { - "SPDXID" : "SPDXRef-DoapSource", - "checksums" : [ { - "algorithm" : "SHA1", - "checksumValue" : "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12" - } ], - "copyrightText" : "Copyright 2010, 2011 Source Auditor Inc.", - "fileContributors" : [ "Protecode Inc.", "SPDX Technical Team Members", "Open Logic Inc.", "Source Auditor Inc.", "Black Duck Software In.c" ], - "fileDependencies" : [ "SPDXRef-JenaLib", "SPDXRef-CommonsLangSrc" ], - "fileName" : "./src/org/spdx/parser/DOAPProject.java", - "fileTypes" : [ "SOURCE" ], - "licenseConcluded" : "Apache-2.0", - "attributionTexts":["text1"], - "licenseInfoInFiles" : [ "Apache-2.0" ] - }, { - "SPDXID" : "SPDXRef-CommonsLangSrc", - "checksums" : [ { - "algorithm" : "SHA1", - "checksumValue" : "c2b4e1c67a2d28fced849ee1bb76e7391b93f125" - } ], - "comment" : "This file is used by Jena", - "copyrightText" : "Copyright 2001-2011 The Apache Software Foundation", - "fileContributors" : [ "Apache Software Foundation" ], - "fileName" : "./lib-source/commons-lang3-3.1-sources.jar", - "fileTypes" : [ "ARCHIVE" ], - "licenseConcluded" : "Apache-2.0", - "licenseInfoInFiles" : [ "Apache-2.0" ], - "noticeText" : "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())" - }, { - "SPDXID" : "SPDXRef-JenaLib", - "checksums" : [ { - "algorithm" : "SHA1", - "checksumValue" : "3ab4e1c67a2d28fced849ee1bb76e7391b93f125" - } ], - "comment" : "This file belongs to Jena", - "copyrightText" : "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", - "fileContributors" : [ "Apache Software Foundation", "Hewlett Packard Inc." ], - "fileDependencies" : [ "SPDXRef-CommonsLangSrc" ], - "fileName" : "./lib-source/jena-2.6.3-sources.jar", - "fileTypes" : [ "ARCHIVE" ], - "licenseComments" : "This license is used by Jena", - "licenseConcluded" : "LicenseRef-1", - "licenseInfoInFiles" : [ "LicenseRef-1" ] - }, { - "SPDXID" : "SPDXRef-File", - "annotations" : [ { - "annotationDate" : "2011-01-29T18:30:22Z", - "annotationType" : "OTHER", - "annotator" : "Person: File Commenter", - "comment" : "File level annotation" - } ], - "checksums" : [ { - "algorithm" : "SHA1", - "checksumValue" : "d6a770ba38583ed4bb4525bd96e50461655d2758" - }, { - "algorithm" : "MD5", - "checksumValue" : "624c1abb3664f4b35547e7c73864ad24" - } ], - "comment" : "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory.", - "copyrightText" : "Copyright 2008-2010 John Smith", - "fileContributors" : [ "The Regents of the University of California", "Modified by Paul Mundt lethal@linux-sh.org", "IBM Corporation" ], - "fileName" : "./package/foo.c", - "fileTypes" : [ "SOURCE" ], - "licenseComments" : "The concluded license was taken from the package level that the file was included in.", - "licenseConcluded" : "(LGPL-2.0-only OR LicenseRef-2)", - "licenseInfoInFiles" : [ "GPL-2.0-only", "LicenseRef-2" ], - "noticeText" : "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the �Software�), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE." - } ] - } - `) - - var specs JSONSpdxDocument - json.Unmarshal(data, &specs) - - filestest1 := map[spdx.ElementID]*spdx.File2_2{ - "DoapSource": { - FileSPDXIdentifier: "DoapSource", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12", - }, - }, - FileCopyrightText: "Copyright 2010, 2011 Source Auditor Inc.", - FileContributor: []string{"Protecode Inc.", "SPDX Technical Team Members", "Open Logic Inc.", "Source Auditor Inc.", "Black Duck Software In.c"}, - FileDependencies: []string{"SPDXRef-JenaLib", "SPDXRef-CommonsLangSrc"}, - FileName: "./src/org/spdx/parser/DOAPProject.java", - FileType: []string{"SOURCE"}, - LicenseConcluded: "Apache-2.0", - FileAttributionTexts: []string{"text1"}, - LicenseInfoInFile: []string{"Apache-2.0"}, - }, - "CommonsLangSrc": { - FileSPDXIdentifier: "CommonsLangSrc", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "c2b4e1c67a2d28fced849ee1bb76e7391b93f125", - }, - }, - FileComment: "This file is used by Jena", - FileCopyrightText: "Copyright 2001-2011 The Apache Software Foundation", - FileContributor: []string{"Apache Software Foundation"}, - FileName: "./lib-source/commons-lang3-3.1-sources.jar", - FileType: []string{"ARCHIVE"}, - LicenseConcluded: "Apache-2.0", - LicenseInfoInFile: []string{"Apache-2.0"}, - FileNotice: "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())", - }, - "JenaLib": { - FileSPDXIdentifier: "JenaLib", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "3ab4e1c67a2d28fced849ee1bb76e7391b93f125", - }, - }, - FileComment: "This file belongs to Jena", - FileCopyrightText: "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", - FileContributor: []string{"Apache Software Foundation", "Hewlett Packard Inc."}, - FileDependencies: []string{"SPDXRef-CommonsLangSrc"}, - FileName: "./lib-source/jena-2.6.3-sources.jar", - FileType: []string{"ARCHIVE"}, - LicenseComments: "This license is used by Jena", - LicenseConcluded: "LicenseRef-1", - LicenseInfoInFile: []string{"LicenseRef-1"}, - }, - "File": { - FileSPDXIdentifier: "File", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "d6a770ba38583ed4bb4525bd96e50461655d2758", - }, - "MD5": { - Algorithm: "MD5", - Value: "624c1abb3664f4b35547e7c73864ad24", - }, - }, - FileComment: "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory.", - FileCopyrightText: "Copyright 2008-2010 John Smith", - FileContributor: []string{"The Regents of the University of California", "Modified by Paul Mundt lethal@linux-sh.org", "IBM Corporation"}, - FileName: "./package/foo.c", - FileType: []string{"SOURCE"}, - LicenseComments: "The concluded license was taken from the package level that the file was included in.", - LicenseConcluded: "(LGPL-2.0-only OR LicenseRef-2)", - LicenseInfoInFile: []string{"GPL-2.0-only", "LicenseRef-2"}, - FileNotice: "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the �Software�), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.", - }, - } - - type args struct { - key string - value interface{} - doc *spdxDocument2_2 - } - tests := []struct { - name string - spec JSONSpdxDocument - args args - want map[spdx.ElementID]*spdx.File2_2 - wantErr bool - }{ - // TODO: Add test cases. - { - name: "successTest", - spec: specs, - args: args{ - key: "files", - value: specs["files"], - doc: &spdxDocument2_2{}, - }, - want: filestest1, - wantErr: false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - if err := tt.spec.parseJsonFiles2_2(tt.args.key, tt.args.value, tt.args.doc); (err != nil) != tt.wantErr { - t.Errorf("JSONSpdxDocument.parseJsonFiles2_2() error = %v, wantErr %v", err, tt.wantErr) - } - - if !tt.wantErr { - for k, v := range tt.want { - if !reflect.DeepEqual(tt.args.doc.UnpackagedFiles[k], v) { - t.Errorf("Load2_2() = %v, want %v", tt.args.doc.UnpackagedFiles[k], v) - } - } - } - - }) - } -} diff --git a/jsonloader/parser2v2/parse_other_license.go b/jsonloader/parser2v2/parse_other_license.go deleted file mode 100644 index 997ad02..0000000 --- a/jsonloader/parser2v2/parse_other_license.go +++ /dev/null @@ -1,45 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "fmt" - "reflect" - - "github.com/spdx/tools-golang/spdx" -) - -func (spec JSONSpdxDocument) parseJsonOtherLicenses2_2(key string, value interface{}, doc *spdxDocument2_2) error { - if reflect.TypeOf(value).Kind() == reflect.Slice { - otherlicenses := reflect.ValueOf(value) - for i := 0; i < otherlicenses.Len(); i++ { - licensemap := otherlicenses.Index(i).Interface().(map[string]interface{}) - license := spdx.OtherLicense2_2{} - // Remove loop all properties are mandatory in annotations - for k, v := range licensemap { - switch k { - case "licenseId": - license.LicenseIdentifier = v.(string) - case "extractedText": - license.ExtractedText = v.(string) - case "name": - license.LicenseName = v.(string) - case "comment": - license.LicenseComment = v.(string) - case "seeAlsos": - if reflect.TypeOf(v).Kind() == reflect.Slice { - texts := reflect.ValueOf(v) - for i := 0; i < texts.Len(); i++ { - license.LicenseCrossReferences = append(license.LicenseCrossReferences, texts.Index(i).Interface().(string)) - } - } - default: - return fmt.Errorf("received unknown tag %v in Licenses section", k) - } - } - doc.OtherLicenses = append(doc.OtherLicenses, &license) - } - - } - return nil -} diff --git a/jsonloader/parser2v2/parse_other_license_test.go b/jsonloader/parser2v2/parse_other_license_test.go deleted file mode 100644 index 41d8ede..0000000 --- a/jsonloader/parser2v2/parse_other_license_test.go +++ /dev/null @@ -1,113 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "encoding/json" - "io/ioutil" - "log" - "reflect" - "testing" - - "github.com/spdx/tools-golang/spdx" -) - -func TestJSONSpdxDocument_parseJsonOtherLicenses2_2(t *testing.T) { - - jsonData, err := ioutil.ReadFile("jsonfiles/otherlicensestest.json") // b has type []byte - if err != nil { - log.Fatal(err) - } - - otherLicensestest1 := []*spdx.OtherLicense2_2{ - { - ExtractedText: "\"THE BEER-WARE LICENSE\" (Revision 42):\nphk@FreeBSD.ORG wrote this file. As long as you retain this notice you\ncan do whatever you want with this stuff. If we meet some day, and you think this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp </\nLicenseName: Beer-Ware License (Version 42)\nLicenseCrossReference: http://people.freebsd.org/~phk/\nLicenseComment: \nThe beerware license has a couple of other standard variants.", - LicenseIdentifier: "LicenseRef-Beerware-4.2", - }, - { - ExtractedText: "/*\n * (c) Copyright 2009 University of Bristol\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", - LicenseIdentifier: "LicenseRef-4", - }, - { - LicenseComment: "This is tye CyperNeko License", - ExtractedText: "The CyberNeko Software License, Version 1.0\n\n \n(C) Copyright 2002-2005, Andy Clark. All rights reserved.\n \nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions\nare met:\n\n1. Redistributions of source code must retain the above copyright\n notice, this list of conditions and the following disclaimer. \n\n2. Redistributions in binary form must reproduce the above copyright\n notice, this list of conditions and the following disclaimer in\n the documentation and/or other materials provided with the\n distribution.\n\n3. The end-user documentation included with the redistribution,\n if any, must include the following acknowledgment: \n \"This product includes software developed by Andy Clark.\"\n Alternately, this acknowledgment may appear in the software itself,\n if and wherever such third-party acknowledgments normally appear.\n\n4. The names \"CyberNeko\" and \"NekoHTML\" must not be used to endorse\n or promote products derived from this software without prior \n written permission. For written permission, please contact \n andyc@cyberneko.net.\n\n5. Products derived from this software may not be called \"CyberNeko\",\n nor may \"CyberNeko\" appear in their name, without prior written\n permission of the author.\n\nTHIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED\nWARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\nOF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR OTHER CONTRIBUTORS\nBE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, \nOR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT \nOF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR \nBUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, \nWHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE \nOR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, \nEVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", - LicenseIdentifier: "LicenseRef-3", - LicenseName: "CyberNeko License", - LicenseCrossReferences: []string{"http://people.apache.org/~andyc/neko/LICENSE", "http://justasample.url.com"}, - }, - { - ExtractedText: "This package includes the GRDDL parser developed by Hewlett Packard under the following license:\n� Copyright 2007 Hewlett-Packard Development Company, LP\n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: \n\nRedistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. \nRedistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. \nThe name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. \nTHIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", - LicenseIdentifier: "LicenseRef-2", - }, - { - ExtractedText: "/*\n * (c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", - LicenseIdentifier: "LicenseRef-1", - }, - } - - otherLicensestest2 := []byte(`{ - "hasExtractedLicensingInfos":[{ - "extractedText" : "\"THE BEER-WARE LICENSE\" (Revision 42):\nphk@FreeBSD.ORG wrote this file. As long as you retain this notice you\ncan do whatever you want with this stuff. If we meet some day, and you think this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp </\nLicenseName: Beer-Ware License (Version 42)\nLicenseCrossReference: http://people.freebsd.org/~phk/\nLicenseComment: \nThe beerware license has a couple of other standard variants.", - "licensd" : "LicenseRef-Beerware-4.2" - }] - } - `) - - var specs JSONSpdxDocument - json.Unmarshal(jsonData, &specs) - - var specs2 JSONSpdxDocument - json.Unmarshal(otherLicensestest2, &specs2) - - type args struct { - key string - value interface{} - doc *spdxDocument2_2 - } - tests := []struct { - name string - spec JSONSpdxDocument - args args - wantErr bool - want []*spdx.OtherLicense2_2 - }{ - // TODO: Add test cases. - { - name: "successTest", - spec: specs, - args: args{ - key: "hasExtractedLicensingInfos", - value: specs["hasExtractedLicensingInfos"], - doc: &spdxDocument2_2{}, - }, - want: otherLicensestest1, - wantErr: false, - }, - { - name: "failure test --> unknown tag", - spec: specs2, - args: args{ - key: "hasExtractedLicensingInfos", - value: specs2["hasExtractedLicensingInfos"], - doc: &spdxDocument2_2{}, - }, - want: nil, - wantErr: true, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - if err := tt.spec.parseJsonOtherLicenses2_2(tt.args.key, tt.args.value, tt.args.doc); (err != nil) != tt.wantErr { - t.Errorf("JSONSpdxDocument.parseJsonOtherLicenses2_2() error = %v, wantErr %v", err, tt.wantErr) - } - - if !tt.wantErr { - for i := 0; i < len(tt.want); i++ { - if !reflect.DeepEqual(tt.args.doc.OtherLicenses[i], tt.want[i]) { - t.Errorf("Load2_2() = %v, want %v", tt.args.doc.OtherLicenses[i], tt.want[i]) - } - } - } - }) - } -} diff --git a/jsonloader/parser2v2/parse_package.go b/jsonloader/parser2v2/parse_package.go deleted file mode 100644 index f698da5..0000000 --- a/jsonloader/parser2v2/parse_package.go +++ /dev/null @@ -1,211 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "fmt" - "reflect" - "strings" - - "github.com/spdx/tools-golang/spdx" -) - -func (spec JSONSpdxDocument) parseJsonPackages2_2(key string, value interface{}, doc *spdxDocument2_2) error { - - if doc.Packages == nil { - doc.Packages = map[spdx.ElementID]*spdx.Package2_2{} - } - - if reflect.TypeOf(value).Kind() == reflect.Slice { - packages := reflect.ValueOf(value) - for i := 0; i < packages.Len(); i++ { - pack := packages.Index(i).Interface().(map[string]interface{}) - // create a new package - pkg := &spdx.Package2_2{ - FilesAnalyzed: true, - IsFilesAnalyzedTagPresent: false, - } - //extract the SPDXID of the package - eID, err := extractElementID(pack["SPDXID"].(string)) - if err != nil { - return fmt.Errorf("%s", err) - } - pkg.PackageSPDXIdentifier = eID - //range over all other properties now - for k, v := range pack { - switch k { - case "SPDXID": - //redundant case - case "name": - pkg.PackageName = v.(string) - case "annotations": - packageId, err := extractDocElementID(pack["SPDXID"].(string)) - if err != nil { - return fmt.Errorf("%s", err) - } - //generalize function to parse annotations - err = spec.parseJsonAnnotations2_2("annotations", v, doc, packageId) - if err != nil { - return err - } - case "attributionTexts": - if reflect.TypeOf(v).Kind() == reflect.Slice { - texts := reflect.ValueOf(v) - for i := 0; i < texts.Len(); i++ { - pkg.PackageAttributionTexts = append(pkg.PackageAttributionTexts, texts.Index(i).Interface().(string)) - } - } - case "checksums": - //general function to parse checksums in utils - if reflect.TypeOf(v).Kind() == reflect.Slice { - checksums := reflect.ValueOf(v) - if pkg.PackageChecksums == nil { - pkg.PackageChecksums = make(map[spdx.ChecksumAlgorithm]spdx.Checksum) - } - for i := 0; i < checksums.Len(); i++ { - checksum := checksums.Index(i).Interface().(map[string]interface{}) - switch checksum["algorithm"].(string) { - case spdx.SHA1, spdx.SHA256, spdx.MD5: - algorithm := spdx.ChecksumAlgorithm(checksum["algorithm"].(string)) - pkg.PackageChecksums[algorithm] = spdx.Checksum{Algorithm: algorithm, Value: checksum["checksumValue"].(string)} - default: - return fmt.Errorf("got unknown checksum type %s", checksum["algorithm"]) - } - } - } - case "copyrightText": - pkg.PackageCopyrightText = v.(string) - case "description": - pkg.PackageDescription = v.(string) - case "downloadLocation": - pkg.PackageDownloadLocation = v.(string) - case "externalRefs": - //make a function to parse these - if reflect.TypeOf(v).Kind() == reflect.Slice { - extrefs := reflect.ValueOf(v) - for i := 0; i < extrefs.Len(); i++ { - ref := extrefs.Index(i).Interface().(map[string]interface{}) - newref := &spdx.PackageExternalReference2_2{} - //TODO: if either of these 3 missing then error - newref.RefType = ref["referenceType"].(string) - newref.Locator = ref["referenceLocator"].(string) - newref.Category = ref["referenceCategory"].(string) - if ref["comment"] != nil { - newref.ExternalRefComment = ref["comment"].(string) - } - pkg.PackageExternalReferences = append(pkg.PackageExternalReferences, newref) - } - } - case "filesAnalyzed": - pkg.IsFilesAnalyzedTagPresent = true - if !v.(bool) { - pkg.FilesAnalyzed = false - } else { - pkg.FilesAnalyzed = true - } - case "homepage": - pkg.PackageHomePage = v.(string) - case "licenseComments": - pkg.PackageLicenseComments = v.(string) - case "licenseConcluded": - pkg.PackageLicenseConcluded = v.(string) - case "licenseDeclared": - pkg.PackageLicenseDeclared = v.(string) - case "licenseInfoFromFiles": - if reflect.TypeOf(v).Kind() == reflect.Slice { - info := reflect.ValueOf(v) - for i := 0; i < info.Len(); i++ { - pkg.PackageLicenseInfoFromFiles = append(pkg.PackageLicenseInfoFromFiles, info.Index(i).Interface().(string)) - } - } - case "originator": - if v.(string) == "NOASSERTION" { - pkg.PackageOriginatorNOASSERTION = true - break - } - subkey, subvalue, err := extractSubs(v.(string)) - if err != nil { - return err - } - switch subkey { - case "Person": - pkg.PackageOriginatorPerson = subvalue - case "Organization": - pkg.PackageOriginatorOrganization = subvalue - default: - return fmt.Errorf("unrecognized PackageOriginator type %v", subkey) - } - case "packageFileName": - pkg.PackageFileName = v.(string) - case "packageVerificationCode": - code := v.(map[string]interface{}) - for codekey, codeval := range code { - switch codekey { - case "packageVerificationCodeExcludedFiles": - if reflect.TypeOf(codeval).Kind() == reflect.Slice { - efiles := reflect.ValueOf(codeval) - filename := efiles.Index(0).Interface().(string) - if strings.HasPrefix(filename, "excludes:") { - _, filename, err = extractSubs(efiles.Index(0).Interface().(string)) - if err != nil { - return fmt.Errorf("%s", err) - } - } - pkg.PackageVerificationCodeExcludedFile = strings.Trim(filename, " ") - } - case "packageVerificationCodeValue": - pkg.PackageVerificationCode = code["packageVerificationCodeValue"].(string) - } - } - case "sourceInfo": - pkg.PackageSourceInfo = v.(string) - case "summary": - pkg.PackageSummary = v.(string) - case "supplier": - if v.(string) == "NOASSERTION" { - pkg.PackageSupplierNOASSERTION = true - break - } - subkey, subvalue, err := extractSubs(v.(string)) - if err != nil { - return err - } - switch subkey { - case "Person": - pkg.PackageSupplierPerson = subvalue - case "Organization": - pkg.PackageSupplierOrganization = subvalue - default: - return fmt.Errorf("unrecognized PackageSupplier type %v", subkey) - } - - case "versionInfo": - pkg.PackageVersion = v.(string) - case "comment": - pkg.PackageComment = v.(string) - case "hasFiles": - if pkg.Files == nil { - pkg.Files = make(map[spdx.ElementID]*spdx.File2_2) - } - if reflect.TypeOf(v).Kind() == reflect.Slice { - SpdxIds := reflect.ValueOf(v) - for i := 0; i < SpdxIds.Len(); i++ { - fileId, err := extractElementID(SpdxIds.Index(i).Interface().(string)) - if err != nil { - return err - } - pkg.Files[fileId] = doc.UnpackagedFiles[fileId] - delete(doc.UnpackagedFiles, fileId) - } - } - - default: - return fmt.Errorf("received unknown tag %v in Annotation section", k) - } - } - doc.Packages[eID] = pkg - } - - } - return nil -} diff --git a/jsonloader/parser2v2/parse_package_test.go b/jsonloader/parser2v2/parse_package_test.go deleted file mode 100644 index 9217836..0000000 --- a/jsonloader/parser2v2/parse_package_test.go +++ /dev/null @@ -1,376 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "encoding/json" - "reflect" - "testing" - - "github.com/spdx/tools-golang/spdx" -) - -func TestJSONSpdxDocument_parseJsonPackages2_2(t *testing.T) { - - data := []byte(`{ - "packages" : [ { - "SPDXID" : "SPDXRef-Package", - "annotations" : [ { - "annotationDate" : "2011-01-29T18:30:22Z", - "annotationType" : "OTHER", - "annotator" : "Person: Package Commenter", - "comment" : "Package level annotation" - } ], - "attributionTexts" : [ "The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually." ], - "checksums" : [ { - "algorithm" : "SHA256", - "checksumValue" : "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd" - }, { - "algorithm" : "SHA1", - "checksumValue" : "85ed0817af83a24ad8da68c2b5094de69833983c" - }, { - "algorithm" : "MD5", - "checksumValue" : "624c1abb3664f4b35547e7c73864ad24" - } ], - "copyrightText" : "Copyright 2008-2010 John Smith", - "description" : "The GNU C Library defines functions that are specified by the ISO C standard, as well as additional features specific to POSIX and other derivatives of the Unix operating system, and extensions specific to GNU systems.", - "downloadLocation" : "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz", - "externalRefs" : [ { - "comment" : "This is the external ref for Acme", - "referenceCategory" : "OTHER", - "referenceLocator" : "acmecorp/acmenator/4.1.3-alpha", - "referenceType" : "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301#LocationRef-acmeforge" - }, { - "referenceCategory" : "SECURITY", - "referenceLocator" : "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*", - "referenceType" : "http://spdx.org/rdf/references/cpe23Type" - } ], - "filesAnalyzed" : true, - "hasFiles" : [ "SPDXRef-JenaLib", "SPDXRef-DoapSource", "SPDXRef-CommonsLangSrc" ], - "homepage" : "http://ftp.gnu.org/gnu/glibc", - "licenseComments" : "The license for this project changed with the release of version x.y. The version of the project included here post-dates the license change.", - "licenseConcluded" : "(LGPL-2.0-only OR LicenseRef-3)", - "licenseDeclared" : "(LGPL-2.0-only AND LicenseRef-3)", - "licenseInfoFromFiles" : [ "GPL-2.0-only", "LicenseRef-2", "LicenseRef-1" ], - "name" : "glibc", - "originator" : "Organization: ExampleCodeInspect (contact@example.com)", - "packageFileName" : "glibc-2.11.1.tar.gz", - "packageVerificationCode" : { - "packageVerificationCodeExcludedFiles" : [ "excludes: ./package.spdx" ], - "packageVerificationCodeValue" : "d6a770ba38583ed4bb4525bd96e50461655d2758" - }, - "sourceInfo" : "uses glibc-2_11-branch from git://sourceware.org/git/glibc.git.", - "summary" : "GNU C library.", - "supplier" : "Person: Jane Doe (jane.doe@example.com)", - "versionInfo" : "2.11.1" - }, { - "SPDXID" : "SPDXRef-fromDoap-1", - "comment" : "This package was converted from a DOAP Project by the same name", - "copyrightText" : "NOASSERTION", - "downloadLocation" : "NOASSERTION", - "filesAnalyzed" : false, - "homepage" : "http://commons.apache.org/proper/commons-lang/", - "licenseConcluded" : "NOASSERTION", - "licenseDeclared" : "NOASSERTION", - "name" : "Apache Commons Lang" - }, { - "SPDXID" : "SPDXRef-fromDoap-0", - "comment" : "This package was converted from a DOAP Project by the same name", - "copyrightText" : "NOASSERTION", - "downloadLocation" : "NOASSERTION", - "filesAnalyzed" : false, - "homepage" : "http://www.openjena.org/", - "licenseConcluded" : "NOASSERTION", - "licenseDeclared" : "NOASSERTION", - "name" : "Jena" - }, { - "SPDXID" : "SPDXRef-Saxon", - "checksums" : [ { - "algorithm" : "SHA1", - "checksumValue" : "85ed0817af83a24ad8da68c2b5094de69833983c" - } ], - "description" : "The Saxon package is a collection of tools for processing XML documents.", - "downloadLocation" : "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download", - "filesAnalyzed" : false, - "homepage" : "http://saxon.sourceforge.net/", - "licenseComments" : "Other versions available for a commercial license", - "licenseConcluded" : "MPL-1.0", - "licenseDeclared" : "MPL-1.0", - "name" : "Saxon", - "packageFileName" : "saxonB-8.8.zip", - "versionInfo" : "8.8" - } ] - } - `) - - document := spdxDocument2_2{ - UnpackagedFiles: map[spdx.ElementID]*spdx.File2_2{ - "DoapSource": { - FileSPDXIdentifier: "DoapSource", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12", - }, - }, - FileCopyrightText: "Copyright 2010, 2011 Source Auditor Inc.", - FileContributor: []string{"Protecode Inc.", "SPDX Technical Team Members", "Open Logic Inc.", "Source Auditor Inc.", "Black Duck Software In.c"}, - FileDependencies: []string{"SPDXRef-JenaLib", "SPDXRef-CommonsLangSrc"}, - FileName: "./src/org/spdx/parser/DOAPProject.java", - FileType: []string{"SOURCE"}, - LicenseConcluded: "Apache-2.0", - LicenseInfoInFile: []string{"Apache-2.0"}, - }, - "CommonsLangSrc": { - FileSPDXIdentifier: "CommonsLangSrc", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "c2b4e1c67a2d28fced849ee1bb76e7391b93f125", - }, - }, - FileComment: "This file is used by Jena", - FileCopyrightText: "Copyright 2001-2011 The Apache Software Foundation", - FileContributor: []string{"Apache Software Foundation"}, - FileName: "./lib-source/commons-lang3-3.1-sources.jar", - FileType: []string{"ARCHIVE"}, - LicenseConcluded: "Apache-2.0", - LicenseInfoInFile: []string{"Apache-2.0"}, - FileNotice: "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())", - }, - "JenaLib": { - FileSPDXIdentifier: "JenaLib", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "3ab4e1c67a2d28fced849ee1bb76e7391b93f125", - }, - }, - FileComment: "This file belongs to Jena", - FileCopyrightText: "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", - FileContributor: []string{"Apache Software Foundation", "Hewlett Packard Inc."}, - FileDependencies: []string{"SPDXRef-CommonsLangSrc"}, - FileName: "./lib-source/jena-2.6.3-sources.jar", - FileType: []string{"ARCHIVE"}, - LicenseComments: "This license is used by Jena", - LicenseConcluded: "LicenseRef-1", - LicenseInfoInFile: []string{"LicenseRef-1"}, - }, - "File": { - FileSPDXIdentifier: "File", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "d6a770ba38583ed4bb4525bd96e50461655d2758", - }, - "MD5": { - Algorithm: "MD5", - Value: "624c1abb3664f4b35547e7c73864ad24", - }, - }, - FileComment: "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory.", - FileCopyrightText: "Copyright 2008-2010 John Smith", - FileContributor: []string{"The Regents of the University of California", "Modified by Paul Mundt lethal@linux-sh.org", "IBM Corporation"}, - FileName: "./package/foo.c", - FileType: []string{"SOURCE"}, - LicenseComments: "The concluded license was taken from the package level that the file was included in.", - LicenseConcluded: "(LGPL-2.0-only OR LicenseRef-2)", - LicenseInfoInFile: []string{"GPL-2.0-only", "LicenseRef-2"}, - FileNotice: "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the �Software�), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.", - }, - }, - } - - packagetest1 := map[spdx.ElementID]*spdx.Package2_2{ - "Package": { - PackageSPDXIdentifier: "Package", - PackageAttributionTexts: []string{"The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually."}, - PackageChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA256": { - Algorithm: "SHA256", - Value: "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd", - }, - "SHA1": { - Algorithm: "SHA1", - Value: "85ed0817af83a24ad8da68c2b5094de69833983c", - }, - "MD5": { - Algorithm: "MD5", - Value: "624c1abb3664f4b35547e7c73864ad24", - }, - }, - PackageCopyrightText: "Copyright 2008-2010 John Smith", - PackageDescription: "The GNU C Library defines functions that are specified by the ISO C standard, as well as additional features specific to POSIX and other derivatives of the Unix operating system, and extensions specific to GNU systems.", - PackageDownloadLocation: "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz", - PackageExternalReferences: []*spdx.PackageExternalReference2_2{ - { - RefType: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301#LocationRef-acmeforge", - ExternalRefComment: "This is the external ref for Acme", - Category: "OTHER", - Locator: "acmecorp/acmenator/4.1.3-alpha", - }, - { - RefType: "http://spdx.org/rdf/references/cpe23Type", - Category: "SECURITY", - Locator: "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*", - }, - }, - FilesAnalyzed: true, - IsFilesAnalyzedTagPresent: true, - Files: map[spdx.ElementID]*spdx.File2_2{ - "DoapSource": { - FileSPDXIdentifier: "DoapSource", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12", - }, - }, - FileCopyrightText: "Copyright 2010, 2011 Source Auditor Inc.", - FileContributor: []string{"Protecode Inc.", "SPDX Technical Team Members", "Open Logic Inc.", "Source Auditor Inc.", "Black Duck Software In.c"}, - FileDependencies: []string{"SPDXRef-JenaLib", "SPDXRef-CommonsLangSrc"}, - FileName: "./src/org/spdx/parser/DOAPProject.java", - FileType: []string{"SOURCE"}, - LicenseConcluded: "Apache-2.0", - LicenseInfoInFile: []string{"Apache-2.0"}, - }, - "CommonsLangSrc": { - FileSPDXIdentifier: "CommonsLangSrc", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "c2b4e1c67a2d28fced849ee1bb76e7391b93f125", - }, - }, - FileComment: "This file is used by Jena", - FileCopyrightText: "Copyright 2001-2011 The Apache Software Foundation", - FileContributor: []string{"Apache Software Foundation"}, - FileName: "./lib-source/commons-lang3-3.1-sources.jar", - FileType: []string{"ARCHIVE"}, - LicenseConcluded: "Apache-2.0", - LicenseInfoInFile: []string{"Apache-2.0"}, - FileNotice: "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())", - }, - "JenaLib": { - FileSPDXIdentifier: "JenaLib", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "3ab4e1c67a2d28fced849ee1bb76e7391b93f125", - }, - }, - FileComment: "This file belongs to Jena", - FileCopyrightText: "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", - FileContributor: []string{"Apache Software Foundation", "Hewlett Packard Inc."}, - FileDependencies: []string{"SPDXRef-CommonsLangSrc"}, - FileName: "./lib-source/jena-2.6.3-sources.jar", - FileType: []string{"ARCHIVE"}, - LicenseComments: "This license is used by Jena", - LicenseConcluded: "LicenseRef-1", - LicenseInfoInFile: []string{"LicenseRef-1"}, - }, - }, - PackageHomePage: "http://ftp.gnu.org/gnu/glibc", - PackageLicenseComments: "The license for this project changed with the release of version x.y. The version of the project included here post-dates the license change.", - PackageLicenseConcluded: "(LGPL-2.0-only OR LicenseRef-3)", - PackageLicenseDeclared: "(LGPL-2.0-only AND LicenseRef-3)", - PackageLicenseInfoFromFiles: []string{"GPL-2.0-only", "LicenseRef-2", "LicenseRef-1"}, - PackageName: "glibc", - PackageOriginatorOrganization: "ExampleCodeInspect (contact@example.com)", - PackageFileName: "glibc-2.11.1.tar.gz", - PackageVerificationCodeExcludedFile: "./package.spdx", - PackageVerificationCode: "d6a770ba38583ed4bb4525bd96e50461655d2758", - PackageSourceInfo: "uses glibc-2_11-branch from git://sourceware.org/git/glibc.git.", - PackageSummary: "GNU C library.", - PackageSupplierPerson: "Jane Doe (jane.doe@example.com)", - PackageVersion: "2.11.1", - }, - "fromDoap-1": { - PackageSPDXIdentifier: "fromDoap-1", - PackageComment: "This package was converted from a DOAP Project by the same name", - PackageCopyrightText: "NOASSERTION", - PackageDownloadLocation: "NOASSERTION", - FilesAnalyzed: false, - IsFilesAnalyzedTagPresent: true, - PackageHomePage: "http://commons.apache.org/proper/commons-lang/", - PackageLicenseConcluded: "NOASSERTION", - PackageLicenseDeclared: "NOASSERTION", - PackageName: "Apache Commons Lang", - }, - "fromDoap-0": { - PackageSPDXIdentifier: "fromDoap-0", - PackageComment: "This package was converted from a DOAP Project by the same name", - PackageCopyrightText: "NOASSERTION", - PackageDownloadLocation: "NOASSERTION", - FilesAnalyzed: false, - IsFilesAnalyzedTagPresent: true, - PackageHomePage: "http://www.openjena.org/", - PackageLicenseConcluded: "NOASSERTION", - PackageLicenseDeclared: "NOASSERTION", - PackageName: "Jena", - }, - - "Saxon": { - PackageSPDXIdentifier: "Saxon", - PackageChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "85ed0817af83a24ad8da68c2b5094de69833983c", - }, - }, - PackageDescription: "The Saxon package is a collection of tools for processing XML documents.", - PackageDownloadLocation: "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download", - FilesAnalyzed: false, - IsFilesAnalyzedTagPresent: true, - PackageHomePage: "http://saxon.sourceforge.net/", - PackageLicenseComments: "Other versions available for a commercial license", - PackageLicenseConcluded: "MPL-1.0", - PackageLicenseDeclared: "MPL-1.0", - PackageName: "Saxon", - PackageFileName: "saxonB-8.8.zip", - PackageVersion: "8.8", - }, - } - var specs JSONSpdxDocument - json.Unmarshal(data, &specs) - - type args struct { - key string - value interface{} - doc *spdxDocument2_2 - } - tests := []struct { - name string - spec JSONSpdxDocument - args args - want map[spdx.ElementID]*spdx.Package2_2 - wantErr bool - }{ - // TODO: Add test cases. - { - name: "successTest", - spec: specs, - args: args{ - key: "packages", - value: specs["packages"], - doc: &document, - }, - want: packagetest1, - wantErr: false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - if err := tt.spec.parseJsonPackages2_2(tt.args.key, tt.args.value, tt.args.doc); (err != nil) != tt.wantErr { - t.Errorf("JSONSpdxDocument.parseJsonPackages2_2() error = %v, wantErr %v", err, tt.wantErr) - } - - for k, v := range tt.want { - if !reflect.DeepEqual(tt.args.doc.Packages[k], v) { - t.Errorf("Load2_2() = %v, want %v", tt.args.doc.Packages[k], v) - } - } - - }) - } -} diff --git a/jsonloader/parser2v2/parse_relationship.go b/jsonloader/parser2v2/parse_relationship.go deleted file mode 100644 index b6d2bfa..0000000 --- a/jsonloader/parser2v2/parse_relationship.go +++ /dev/null @@ -1,51 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "fmt" - "reflect" - - "github.com/spdx/tools-golang/spdx" -) - -func (spec JSONSpdxDocument) parseJsonRelationships2_2(key string, value interface{}, doc *spdxDocument2_2) error { - - //FIXME : NOASSERTION and NONE in relationship B value not compatible - if reflect.TypeOf(value).Kind() == reflect.Slice { - relationships := reflect.ValueOf(value) - for i := 0; i < relationships.Len(); i++ { - relationship := relationships.Index(i).Interface().(map[string]interface{}) - rel := spdx.Relationship2_2{} - // Parse ref A of the relationship - aid, err := extractDocElementID(relationship["spdxElementId"].(string)) - if err != nil { - return fmt.Errorf("%s", err) - } - rel.RefA = aid - - // Parse the refB of the relationship - // NONE and NOASSERTION are permitted on right side - permittedSpecial := []string{"NONE", "NOASSERTION"} - bid, err := extractDocElementSpecial(relationship["relatedSpdxElement"].(string), permittedSpecial) - if err != nil { - return fmt.Errorf("%s", err) - } - rel.RefB = bid - // Parse relationship type - if relationship["relationshipType"] == nil { - return fmt.Errorf("%s , %d", "RelationshipType propty missing in relationship number", i) - } - rel.Relationship = relationship["relationshipType"].(string) - - // Parse the relationship comment - if relationship["comment"] != nil { - rel.RelationshipComment = relationship["comment"].(string) - } - - doc.Relationships = append(doc.Relationships, &rel) - } - - } - return nil -} diff --git a/jsonloader/parser2v2/parse_relationship_test.go b/jsonloader/parser2v2/parse_relationship_test.go deleted file mode 100644 index 5350a9c..0000000 --- a/jsonloader/parser2v2/parse_relationship_test.go +++ /dev/null @@ -1,145 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "encoding/json" - "reflect" - "testing" - - "github.com/spdx/tools-golang/spdx" -) - -func TestJSONSpdxDocument_parseJsonRelationships2_2(t *testing.T) { - data := []byte(`{ - "relationships" : [ { - "spdxElementId" : "SPDXRef-DOCUMENT", - "relatedSpdxElement" : "DocumentRef-spdx-tool-1.2:SPDXRef-ToolsElement", - "relationshipType" : "COPY_OF" - }, { - "spdxElementId" : "SPDXRef-DOCUMENT", - "relatedSpdxElement" : "SPDXRef-Package", - "relationshipType" : "CONTAINS" - }, { - "spdxElementId" : "SPDXRef-DOCUMENT", - "relatedSpdxElement" : "SPDXRef-File", - "relationshipType" : "DESCRIBES" - }, { - "spdxElementId" : "SPDXRef-DOCUMENT", - "relatedSpdxElement" : "SPDXRef-Package", - "relationshipType" : "DESCRIBES" - }, { - "spdxElementId" : "SPDXRef-Package", - "relatedSpdxElement" : "SPDXRef-Saxon", - "relationshipType" : "DYNAMIC_LINK" - }, { - "spdxElementId" : "SPDXRef-Package", - "relatedSpdxElement" : "SPDXRef-JenaLib", - "relationshipType" : "CONTAINS" - },{ - "spdxElementId" : "SPDXRef-CommonsLangSrc", - "relatedSpdxElement" : "NOASSERTION", - "relationshipType" : "GENERATED_FROM" - } , { - "spdxElementId" : "SPDXRef-JenaLib", - "relatedSpdxElement" : "SPDXRef-Package", - "relationshipType" : "CONTAINS" - }, { - "spdxElementId" : "SPDXRef-File", - "relatedSpdxElement" : "SPDXRef-fromDoap-0", - "relationshipType" : "GENERATED_FROM" - } ] - } - `) - - Relationship := []*spdx.Relationship2_2{ - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - RefB: spdx.DocElementID{DocumentRefID: "spdx-tool-1.2", ElementRefID: "ToolsElement"}, - Relationship: "COPY_OF", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Package"}, - Relationship: "CONTAINS", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "File"}, - Relationship: "DESCRIBES", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Package"}, - Relationship: "DESCRIBES", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Package"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Saxon"}, - Relationship: "DYNAMIC_LINK", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Package"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "JenaLib"}, - Relationship: "CONTAINS", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "CommonsLangSrc"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "", SpecialID: "NOASSERTION"}, - Relationship: "GENERATED_FROM", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "JenaLib"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Package"}, - Relationship: "CONTAINS", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "File"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "fromDoap-0"}, - Relationship: "GENERATED_FROM", - }, - } - - var specs JSONSpdxDocument - json.Unmarshal(data, &specs) - - type args struct { - key string - value interface{} - doc *spdxDocument2_2 - } - tests := []struct { - name string - spec JSONSpdxDocument - args args - want []*spdx.Relationship2_2 - wantErr bool - }{ - // TODO: Add test cases. - { - name: "successTest", - spec: specs, - args: args{ - key: "relationships", - value: specs["relationships"], - doc: &spdxDocument2_2{}, - }, - want: Relationship, - wantErr: false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - if err := tt.spec.parseJsonRelationships2_2(tt.args.key, tt.args.value, tt.args.doc); (err != nil) != tt.wantErr { - t.Errorf("JSONSpdxDocument.parseJsonRelationships2_2() error = %v, wantErr %v", err, tt.wantErr) - } - - for i := 0; i < len(tt.want); i++ { - if !reflect.DeepEqual(tt.args.doc.Relationships[i], tt.want[i]) { - t.Errorf("Load2_2() = %v, want %v", tt.args.doc.Relationships[i], tt.want[i]) - } - } - - }) - } -} diff --git a/jsonloader/parser2v2/parse_reviews.go b/jsonloader/parser2v2/parse_reviews.go deleted file mode 100644 index 279e0b2..0000000 --- a/jsonloader/parser2v2/parse_reviews.go +++ /dev/null @@ -1,45 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "fmt" - "reflect" - - "github.com/spdx/tools-golang/spdx" -) - -func (spec JSONSpdxDocument) parseJsonReviews2_2(key string, value interface{}, doc *spdxDocument2_2) error { - //FIXME: Reviewer type property of review not specified in the spec - if reflect.TypeOf(value).Kind() == reflect.Slice { - reviews := reflect.ValueOf(value) - for i := 0; i < reviews.Len(); i++ { - reviewmap := reviews.Index(i).Interface().(map[string]interface{}) - review := spdx.Review2_2{} - // Remove loop all properties are mandatory in annotations - for k, v := range reviewmap { - switch k { - case "reviewer": - subkey, subvalue, err := extractSubs(v.(string)) - if err != nil { - return err - } - if subkey != "Person" && subkey != "Organization" && subkey != "Tool" { - return fmt.Errorf("unrecognized Reviewer type %v", subkey) - } - review.ReviewerType = subkey - review.Reviewer = subvalue - case "comment": - review.ReviewComment = v.(string) - case "reviewDate": - review.ReviewDate = v.(string) - default: - return fmt.Errorf("received unknown tag %v in Review Section section", k) - } - } - doc.Reviews = append(doc.Reviews, &review) - } - - } - return nil -} diff --git a/jsonloader/parser2v2/parse_reviews_test.go b/jsonloader/parser2v2/parse_reviews_test.go deleted file mode 100644 index d6fa6d0..0000000 --- a/jsonloader/parser2v2/parse_reviews_test.go +++ /dev/null @@ -1,86 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "encoding/json" - "reflect" - "testing" - - "github.com/spdx/tools-golang/spdx" -) - -func TestJSONSpdxDocument_parseJsonReviews2_2(t *testing.T) { - - data := []byte(`{ - "revieweds" : [ { - "reviewDate" : "2010-02-10T00:00:00Z", - "reviewer" : "Person: Joe Reviewer", - "comment" : "This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses" - }, { - "reviewDate" : "2011-03-13T00:00:00Z", - "reviewer" : "Person: Suzanne Reviewer", - "comment" : "Another example reviewer." - }] - } - `) - - reviewstest1 := []*spdx.Review2_2{ - { - ReviewDate: "2010-02-10T00:00:00Z", - ReviewerType: "Person", - Reviewer: "Joe Reviewer", - ReviewComment: "This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses", - }, - { - ReviewDate: "2011-03-13T00:00:00Z", - ReviewerType: "Person", - Reviewer: "Suzanne Reviewer", - ReviewComment: "Another example reviewer.", - }, - } - - var specs JSONSpdxDocument - json.Unmarshal(data, &specs) - - type args struct { - key string - value interface{} - doc *spdxDocument2_2 - SPDXElementID spdx.DocElementID - } - tests := []struct { - name string - spec JSONSpdxDocument - args args - want []*spdx.Review2_2 - wantErr bool - }{ - // TODO: Add test cases. - { - name: "successTest", - spec: specs, - args: args{ - key: "revieweds", - value: specs["revieweds"], - doc: &spdxDocument2_2{}, - }, - want: reviewstest1, - wantErr: false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - if err := tt.spec.parseJsonReviews2_2(tt.args.key, tt.args.value, tt.args.doc); (err != nil) != tt.wantErr { - t.Errorf("JSONSpdxDocument.parseJsonAnnotations2_2() error = %v, wantErr %v", err, tt.wantErr) - } - - for i := 0; i < len(tt.want); i++ { - if !reflect.DeepEqual(tt.args.doc.Reviews[i], tt.want[i]) { - t.Errorf("Load2_2() = %v, want %v", tt.args.doc.Reviews[i], tt.want[i]) - } - } - - }) - } -} diff --git a/jsonloader/parser2v2/parse_snippets.go b/jsonloader/parser2v2/parse_snippets.go deleted file mode 100644 index a49191d..0000000 --- a/jsonloader/parser2v2/parse_snippets.go +++ /dev/null @@ -1,89 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "fmt" - "reflect" - - "github.com/spdx/tools-golang/spdx" -) - -func (spec JSONSpdxDocument) parseJsonSnippets2_2(key string, value interface{}, doc *spdxDocument2_2) error { - - if reflect.TypeOf(value).Kind() == reflect.Slice { - snippets := reflect.ValueOf(value) - for i := 0; i < snippets.Len(); i++ { - snippetmap := snippets.Index(i).Interface().(map[string]interface{}) - // create a new package - snippet := &spdx.Snippet2_2{} - //extract the SPDXID of the package - eID, err := extractElementID(snippetmap["SPDXID"].(string)) - if err != nil { - return fmt.Errorf("%s", err) - } - snippet.SnippetSPDXIdentifier = eID - //range over all other properties now - for k, v := range snippetmap { - switch k { - case "SPDXID", "snippetFromFile": - //redundant case - case "name": - snippet.SnippetName = v.(string) - case "copyrightText": - snippet.SnippetCopyrightText = v.(string) - case "licenseComments": - snippet.SnippetLicenseComments = v.(string) - case "licenseConcluded": - snippet.SnippetLicenseConcluded = v.(string) - case "licenseInfoInSnippets": - if reflect.TypeOf(v).Kind() == reflect.Slice { - info := reflect.ValueOf(v) - for i := 0; i < info.Len(); i++ { - snippet.LicenseInfoInSnippet = append(snippet.LicenseInfoInSnippet, info.Index(i).Interface().(string)) - } - } - case "attributionTexts": - if reflect.TypeOf(v).Kind() == reflect.Slice { - info := reflect.ValueOf(v) - for i := 0; i < info.Len(); i++ { - snippet.SnippetAttributionTexts = append(snippet.SnippetAttributionTexts, info.Index(i).Interface().(string)) - } - } - case "comment": - snippet.SnippetComment = v.(string) - case "ranges": - //TODO: optimise this logic - if reflect.TypeOf(v).Kind() == reflect.Slice { - info := reflect.ValueOf(v) - for i := 0; i < info.Len(); i++ { - ranges := info.Index(i).Interface().(map[string]interface{}) - rangeStart := ranges["startPointer"].(map[string]interface{}) - rangeEnd := ranges["endPointer"].(map[string]interface{}) - if rangeStart["lineNumber"] != nil && rangeEnd["lineNumber"] != nil { - snippet.SnippetLineRangeStart = int(rangeStart["lineNumber"].(float64)) - snippet.SnippetLineRangeEnd = int(rangeEnd["lineNumber"].(float64)) - } else { - snippet.SnippetByteRangeStart = int(rangeStart["offset"].(float64)) - snippet.SnippetByteRangeEnd = int(rangeEnd["offset"].(float64)) - } - } - } - default: - return fmt.Errorf("received unknown tag %v in snippet section", k) - } - } - fileID, err2 := extractDocElementID(snippetmap["snippetFromFile"].(string)) - if err2 != nil { - return fmt.Errorf("%s", err2) - } - snippet.SnippetFromFileSPDXIdentifier = fileID - if doc.UnpackagedFiles[fileID.ElementRefID].Snippets == nil { - doc.UnpackagedFiles[fileID.ElementRefID].Snippets = make(map[spdx.ElementID]*spdx.Snippet2_2) - } - doc.UnpackagedFiles[fileID.ElementRefID].Snippets[eID] = snippet - } - - } - return nil -} diff --git a/jsonloader/parser2v2/parse_snippets_test.go b/jsonloader/parser2v2/parse_snippets_test.go deleted file mode 100644 index b25bee5..0000000 --- a/jsonloader/parser2v2/parse_snippets_test.go +++ /dev/null @@ -1,123 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "encoding/json" - "log" - "reflect" - "testing" - - "github.com/spdx/tools-golang/spdx" -) - -func TestJSONSpdxDocument_parseJsonSnippets2_2(t *testing.T) { - - data := []byte(`{ - "snippets" : [ { - "SPDXID" : "SPDXRef-Snippet", - "comment" : "This snippet was identified as significant and highlighted in this Apache-2.0 file, when a commercial scanner identified it as being derived from file foo.c in package xyz which is licensed under GPL-2.0.", - "copyrightText" : "Copyright 2008-2010 John Smith", - "licenseComments" : "The concluded license was taken from package xyz, from which the snippet was copied into the current file. The concluded license information was found in the COPYING.txt file in package xyz.", - "licenseConcluded" : "GPL-2.0-only", - "licenseInfoInSnippets" : [ "GPL-2.0-only" ], - "attributionTexts":["text1"], - "name" : "from linux kernel", - "ranges" : [ { - "endPointer" : { - "lineNumber" : 23, - "reference" : "SPDXRef-DoapSource" - }, - "startPointer" : { - "lineNumber" : 5, - "reference" : "SPDXRef-DoapSource" - } - }, { - "endPointer" : { - "offset" : 420, - "reference" : "SPDXRef-DoapSource" - }, - "startPointer" : { - "offset" : 310, - "reference" : "SPDXRef-DoapSource" - } - } ], - "snippetFromFile" : "SPDXRef-DoapSource" - } ] - } - `) - - filetest1 := spdx.File2_2{ - FileSPDXIdentifier: "DoapSource", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{}, - Snippets: map[spdx.ElementID]*spdx.Snippet2_2{ - "Snippet": { - SnippetSPDXIdentifier: "Snippet", - SnippetAttributionTexts: []string{"text1"}, - SnippetFromFileSPDXIdentifier: spdx.DocElementID{ElementRefID: "DoapSource"}, - SnippetComment: "This snippet was identified as significant and highlighted in this Apache-2.0 file, when a commercial scanner identified it as being derived from file foo.c in package xyz which is licensed under GPL-2.0.", - SnippetCopyrightText: "Copyright 2008-2010 John Smith", - SnippetLicenseComments: "The concluded license was taken from package xyz, from which the snippet was copied into the current file. The concluded license information was found in the COPYING.txt file in package xyz.", - SnippetLicenseConcluded: "GPL-2.0-only", - LicenseInfoInSnippet: []string{"GPL-2.0-only"}, - SnippetName: "from linux kernel", - SnippetByteRangeStart: 310, - SnippetByteRangeEnd: 420, - SnippetLineRangeStart: 5, - SnippetLineRangeEnd: 23, - }, - }, - } - - var specs JSONSpdxDocument - err := json.Unmarshal(data, &specs) - - if err != nil { - log.Fatal(err) - } - type args struct { - key string - value interface{} - doc *spdxDocument2_2 - } - tests := []struct { - name string - spec JSONSpdxDocument - args args - want *spdx.File2_2 - wantErr bool - }{ - // TODO: Add test cases. - { - name: "successTest", - spec: specs, - args: args{ - key: "snippets", - value: specs["snippets"], - doc: &spdxDocument2_2{UnpackagedFiles: map[spdx.ElementID]*spdx.File2_2{ - "DoapSource": { - FileSPDXIdentifier: "DoapSource", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{}, - Snippets: map[spdx.ElementID]*spdx.Snippet2_2{}, - }, - }}, - }, - want: &filetest1, - wantErr: false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - if err := tt.spec.parseJsonSnippets2_2(tt.args.key, tt.args.value, tt.args.doc); (err != nil) != tt.wantErr { - t.Errorf("JSONSpdxDocument.parseJsonSnippets2_2() error = %v, wantErr %v", err, tt.wantErr) - } - - for k, v := range tt.want.Snippets { - if !reflect.DeepEqual(tt.args.doc.UnpackagedFiles["DoapSource"].Snippets[k], v) { - t.Errorf("Load2_2() = %v, want %v", tt.args.doc.UnpackagedFiles["DoapSource"].Snippets[k], v) - } - } - - }) - } -} diff --git a/jsonloader/parser2v2/parser.go b/jsonloader/parser2v2/parser.go deleted file mode 100644 index b1fbe8a..0000000 --- a/jsonloader/parser2v2/parser.go +++ /dev/null @@ -1,132 +0,0 @@ -// Package jsonloader is used to load and parse SPDX JSON documents -// into tools-golang data structures. -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "encoding/json" - "fmt" - - "github.com/spdx/tools-golang/spdx" -) - -//TODO : return spdx.Document2_2 -func Load2_2(content []byte) (*spdx.Document2_2, error) { - // check whetehr the Json is valid or not - if !json.Valid(content) { - return nil, fmt.Errorf("%s", "Invalid JSON Specification") - } - result := spdxDocument2_2{} - // unmarshall the json into the result struct - err := json.Unmarshal(content, &result) - resultfinal := spdx.Document2_2(result) - - if err != nil { - return nil, fmt.Errorf("%s", err) - } - - return &resultfinal, nil -} - -func (doc *spdxDocument2_2) UnmarshalJSON(data []byte) error { - var specs JSONSpdxDocument - //unmarshall the json into the intermediate stricture map[string]interface{} - err := json.Unmarshal(data, &specs) - if err != nil { - return err - } - // parse the data from the intermediate structure to the spdx.Document2_2{} - err = specs.newDocument(doc) - if err != nil { - return err - } - return nil -} - -func (spec JSONSpdxDocument) newDocument(doc *spdxDocument2_2) error { - // raneg through all the keys in the map and send them to appropriate arsing functions - for key, val := range spec { - switch key { - case "dataLicense", "spdxVersion", "SPDXID", "documentNamespace", "name", "comment", "creationInfo", "externalDocumentRefs": - err := spec.parseJsonCreationInfo2_2(key, val, doc) - if err != nil { - return err - } - case "annotations": - // if the json spec doenn't has any files then only this case will be executed - if spec["files"] == nil { - - id, err := extractDocElementID(spec["SPDXID"].(string)) - if err != nil { - return fmt.Errorf("%s", err) - } - err = spec.parseJsonAnnotations2_2(key, val, doc, id) - if err != nil { - return err - } - } - case "relationships": - err := spec.parseJsonRelationships2_2(key, val, doc) - if err != nil { - return err - } - case "files": - //first parse all the files - err := spec.parseJsonFiles2_2(key, val, doc) - if err != nil { - return err - } - //then parse the snippets - if spec["snippets"] != nil { - err = spec.parseJsonSnippets2_2("snippets", spec["snippets"], doc) - if err != nil { - return err - } - } - //then parse the packages - if spec["packages"] != nil { - err = spec.parseJsonPackages2_2("packages", spec["packages"], doc) - if err != nil { - return err - } - } - // then parse the annotations - if spec["annotations"] != nil { - id, err := extractDocElementID(spec["SPDXID"].(string)) - if err != nil { - return fmt.Errorf("%s", err) - } - err = spec.parseJsonAnnotations2_2("annotations", spec["annotations"], doc, id) - if err != nil { - return err - } - } - - case "packages": - // if the json spec doesn't has any files to parse then this switch case will be executed - if spec["files"] == nil { - err := spec.parseJsonPackages2_2("packages", spec["packages"], doc) - if err != nil { - return err - } - } - case "hasExtractedLicensingInfos": - err := spec.parseJsonOtherLicenses2_2(key, val, doc) - if err != nil { - return err - } - case "revieweds": - err := spec.parseJsonReviews2_2(key, val, doc) - if err != nil { - return err - } - case "snippets", "documentDescribes": - //redundant case - default: - return fmt.Errorf("unrecognized key here %v", key) - } - - } - return nil -} diff --git a/jsonloader/parser2v2/parser_test.go b/jsonloader/parser2v2/parser_test.go deleted file mode 100644 index 051ff99..0000000 --- a/jsonloader/parser2v2/parser_test.go +++ /dev/null @@ -1,419 +0,0 @@ -// Package jsonloader is used to load and parse SPDX JSON documents -// into tools-golang data structures. -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "io/ioutil" - "log" - "reflect" - "testing" - - "github.com/spdx/tools-golang/spdx" -) - -//TODO: json validity check -//TODO: passsing an unrecornized key - -func TestLoad2_2(t *testing.T) { - - jsonData, err := ioutil.ReadFile("jsonfiles/test.json") // b has type []byte - if err != nil { - log.Fatal(err) - } - - type args struct { - content []byte - } - tests := []struct { - name string - args args - want *spdxDocument2_2 - wantErr bool - }{ - { - name: "True test", - args: args{content: jsonData}, - want: &spdxDocument2_2{ - CreationInfo: &spdx.CreationInfo2_2{ - DataLicense: "CC0-1.0", - SPDXVersion: "SPDX-2.2", - SPDXIdentifier: "DOCUMENT", - DocumentComment: "This document was created using SPDX 2.0 using licenses from the web site.", - LicenseListVersion: "3.8", - Created: "2010-01-29T18:30:22Z", - CreatorPersons: []string{"Jane Doe ()"}, - CreatorOrganizations: []string{"ExampleCodeInspect ()"}, - CreatorTools: []string{"LicenseFind-1.0"}, - DocumentName: "SPDX-Tools-v2.0", - DocumentNamespace: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301", - CreatorComment: "This package has been shipped in source and binary form.\nThe binaries were created with gcc 4.5.1 and expect to link to\ncompatible system run time libraries.", - ExternalDocumentReferences: map[string]spdx.ExternalDocumentRef2_2{ - "spdx-tool-1.2": { - DocumentRefID: "spdx-tool-1.2", - URI: "http://spdx.org/spdxdocs/spdx-tools-v1.2-3F2504E0-4F89-41D3-9A0C-0305E82C3301", - Alg: "SHA1", - Checksum: "d6a770ba38583ed4bb4525bd96e50461655d2759", - }, - }, - }, - Annotations: []*spdx.Annotation2_2{ - { - AnnotationSPDXIdentifier: spdx.DocElementID{DocumentRefID: "", ElementRefID: "File"}, - AnnotationDate: "2011-01-29T18:30:22Z", - AnnotationType: "OTHER", - AnnotatorType: "Person", - Annotator: "File Commenter", - AnnotationComment: "File level annotation", - }, - { - AnnotationSPDXIdentifier: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Package"}, - AnnotationDate: "2011-01-29T18:30:22Z", - AnnotationType: "OTHER", - AnnotatorType: "Person", - Annotator: "Package Commenter", - AnnotationComment: "Package level annotation", - }, - { - AnnotationSPDXIdentifier: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - AnnotationDate: "2010-02-10T00:00:00Z", - AnnotationType: "REVIEW", - AnnotatorType: "Person", - Annotator: "Joe Reviewer", - AnnotationComment: "This is just an example. Some of the non-standard licenses look like they are actually BSD 3 clause licenses", - }, - { - AnnotationSPDXIdentifier: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - AnnotationDate: "2011-03-13T00:00:00Z", - AnnotationType: "REVIEW", - AnnotatorType: "Person", - Annotator: "Suzanne Reviewer", - AnnotationComment: "Another example reviewer.", - }, - { - AnnotationSPDXIdentifier: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - AnnotationDate: "2010-01-29T18:30:22Z", - AnnotationType: "OTHER", - AnnotatorType: "Person", - Annotator: "Jane Doe ()", - AnnotationComment: "Document level annotation", - }, - }, - Relationships: []*spdx.Relationship2_2{ - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - RefB: spdx.DocElementID{DocumentRefID: "spdx-tool-1.2", ElementRefID: "ToolsElement"}, - Relationship: "COPY_OF", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Package"}, - Relationship: "CONTAINS", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "File"}, - Relationship: "DESCRIBES", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "DOCUMENT"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Package"}, - Relationship: "DESCRIBES", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Package"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Saxon"}, - Relationship: "DYNAMIC_LINK", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Package"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "JenaLib"}, - Relationship: "CONTAINS", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "CommonsLangSrc"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "", SpecialID: "NOASSERTION"}, - Relationship: "GENERATED_FROM", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "JenaLib"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "Package"}, - Relationship: "CONTAINS", - }, - { - RefA: spdx.DocElementID{DocumentRefID: "", ElementRefID: "File"}, - RefB: spdx.DocElementID{DocumentRefID: "", ElementRefID: "fromDoap-0"}, - Relationship: "GENERATED_FROM", - }, - }, - Packages: map[spdx.ElementID]*spdx.Package2_2{ - "Package": { - PackageSPDXIdentifier: "Package", - PackageAttributionTexts: []string{"The GNU C Library is free software. See the file COPYING.LIB for copying conditions, and LICENSES for notices about a few contributions that require these additional notices to be distributed. License copyright years may be listed using range notation, e.g., 1996-2015, indicating that every year in the range, inclusive, is a copyrightable year that would otherwise be listed individually."}, - PackageChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA256": { - Algorithm: "SHA256", - Value: "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd", - }, - "SHA1": { - Algorithm: "SHA1", - Value: "85ed0817af83a24ad8da68c2b5094de69833983c", - }, - "MD5": { - Algorithm: "MD5", - Value: "624c1abb3664f4b35547e7c73864ad24", - }, - }, - PackageCopyrightText: "Copyright 2008-2010 John Smith", - PackageDescription: "The GNU C Library defines functions that are specified by the ISO C standard, as well as additional features specific to POSIX and other derivatives of the Unix operating system, and extensions specific to GNU systems.", - PackageDownloadLocation: "http://ftp.gnu.org/gnu/glibc/glibc-ports-2.15.tar.gz", - PackageExternalReferences: []*spdx.PackageExternalReference2_2{ - { - RefType: "http://spdx.org/spdxdocs/spdx-example-444504E0-4F89-41D3-9A0C-0305E82C3301#LocationRef-acmeforge", - ExternalRefComment: "This is the external ref for Acme", - Category: "OTHER", - Locator: "acmecorp/acmenator/4.1.3-alpha", - }, - { - RefType: "http://spdx.org/rdf/references/cpe23Type", - Category: "SECURITY", - Locator: "cpe:2.3:a:pivotal_software:spring_framework:4.1.0:*:*:*:*:*:*:*", - }, - }, - FilesAnalyzed: true, - IsFilesAnalyzedTagPresent: true, - Files: map[spdx.ElementID]*spdx.File2_2{ - "DoapSource": { - FileSPDXIdentifier: "DoapSource", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "2fd4e1c67a2d28fced849ee1bb76e7391b93eb12", - }, - }, - Snippets: map[spdx.ElementID]*spdx.Snippet2_2{ - "Snippet": { - SnippetSPDXIdentifier: "Snippet", - SnippetFromFileSPDXIdentifier: spdx.DocElementID{ElementRefID: "DoapSource"}, - SnippetComment: "This snippet was identified as significant and highlighted in this Apache-2.0 file, when a commercial scanner identified it as being derived from file foo.c in package xyz which is licensed under GPL-2.0.", - SnippetCopyrightText: "Copyright 2008-2010 John Smith", - SnippetLicenseComments: "The concluded license was taken from package xyz, from which the snippet was copied into the current file. The concluded license information was found in the COPYING.txt file in package xyz.", - SnippetLicenseConcluded: "GPL-2.0-only", - LicenseInfoInSnippet: []string{"GPL-2.0-only"}, - SnippetName: "from linux kernel", - SnippetByteRangeStart: 310, - SnippetByteRangeEnd: 420, - SnippetLineRangeStart: 5, - SnippetLineRangeEnd: 23, - }, - }, - FileCopyrightText: "Copyright 2010, 2011 Source Auditor Inc.", - FileContributor: []string{"Protecode Inc.", "SPDX Technical Team Members", "Open Logic Inc.", "Source Auditor Inc.", "Black Duck Software In.c"}, - FileDependencies: []string{"SPDXRef-JenaLib", "SPDXRef-CommonsLangSrc"}, - FileName: "./src/org/spdx/parser/DOAPProject.java", - FileType: []string{"SOURCE"}, - LicenseConcluded: "Apache-2.0", - LicenseInfoInFile: []string{"Apache-2.0"}, - }, - "CommonsLangSrc": { - FileSPDXIdentifier: "CommonsLangSrc", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "c2b4e1c67a2d28fced849ee1bb76e7391b93f125", - }, - }, - FileComment: "This file is used by Jena", - FileCopyrightText: "Copyright 2001-2011 The Apache Software Foundation", - FileContributor: []string{"Apache Software Foundation"}, - FileName: "./lib-source/commons-lang3-3.1-sources.jar", - FileType: []string{"ARCHIVE"}, - LicenseConcluded: "Apache-2.0", - LicenseInfoInFile: []string{"Apache-2.0"}, - FileNotice: "Apache Commons Lang\nCopyright 2001-2011 The Apache Software Foundation\n\nThis product includes software developed by\nThe Apache Software Foundation (http://www.apache.org/).\n\nThis product includes software from the Spring Framework,\nunder the Apache License 2.0 (see: StringUtils.containsWhitespace())", - }, - "JenaLib": { - FileSPDXIdentifier: "JenaLib", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "3ab4e1c67a2d28fced849ee1bb76e7391b93f125", - }, - }, - FileComment: "This file belongs to Jena", - FileCopyrightText: "(c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP", - FileContributor: []string{"Apache Software Foundation", "Hewlett Packard Inc."}, - FileDependencies: []string{"SPDXRef-CommonsLangSrc"}, - FileName: "./lib-source/jena-2.6.3-sources.jar", - FileType: []string{"ARCHIVE"}, - LicenseComments: "This license is used by Jena", - LicenseConcluded: "LicenseRef-1", - LicenseInfoInFile: []string{"LicenseRef-1"}, - }, - }, - PackageHomePage: "http://ftp.gnu.org/gnu/glibc", - PackageLicenseComments: "The license for this project changed with the release of version x.y. The version of the project included here post-dates the license change.", - PackageLicenseConcluded: "(LGPL-2.0-only OR LicenseRef-3)", - PackageLicenseDeclared: "(LGPL-2.0-only AND LicenseRef-3)", - PackageLicenseInfoFromFiles: []string{"GPL-2.0-only", "LicenseRef-2", "LicenseRef-1"}, - PackageName: "glibc", - PackageOriginatorOrganization: "ExampleCodeInspect (contact@example.com)", - PackageFileName: "glibc-2.11.1.tar.gz", - PackageVerificationCodeExcludedFile: "./package.spdx", - PackageVerificationCode: "d6a770ba38583ed4bb4525bd96e50461655d2758", - PackageSourceInfo: "uses glibc-2_11-branch from git://sourceware.org/git/glibc.git.", - PackageSummary: "GNU C library.", - PackageSupplierPerson: "Jane Doe (jane.doe@example.com)", - PackageVersion: "2.11.1", - }, - "fromDoap-1": { - PackageSPDXIdentifier: "fromDoap-1", - PackageComment: "This package was converted from a DOAP Project by the same name", - PackageCopyrightText: "NOASSERTION", - PackageDownloadLocation: "NOASSERTION", - FilesAnalyzed: false, - IsFilesAnalyzedTagPresent: true, - PackageHomePage: "http://commons.apache.org/proper/commons-lang/", - PackageLicenseConcluded: "NOASSERTION", - PackageLicenseDeclared: "NOASSERTION", - PackageName: "Apache Commons Lang", - }, - "fromDoap-0": { - PackageSPDXIdentifier: "fromDoap-0", - PackageComment: "This package was converted from a DOAP Project by the same name", - PackageCopyrightText: "NOASSERTION", - PackageDownloadLocation: "NOASSERTION", - FilesAnalyzed: false, - IsFilesAnalyzedTagPresent: true, - PackageHomePage: "http://www.openjena.org/", - PackageLicenseConcluded: "NOASSERTION", - PackageLicenseDeclared: "NOASSERTION", - PackageName: "Jena", - }, - - "Saxon": { - PackageSPDXIdentifier: "Saxon", - PackageChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "85ed0817af83a24ad8da68c2b5094de69833983c", - }, - }, - PackageDescription: "The Saxon package is a collection of tools for processing XML documents.", - PackageDownloadLocation: "https://sourceforge.net/projects/saxon/files/Saxon-B/8.8.0.7/saxonb8-8-0-7j.zip/download", - FilesAnalyzed: false, - IsFilesAnalyzedTagPresent: true, - PackageHomePage: "http://saxon.sourceforge.net/", - PackageLicenseComments: "Other versions available for a commercial license", - PackageLicenseConcluded: "MPL-1.0", - PackageLicenseDeclared: "MPL-1.0", - PackageName: "Saxon", - PackageFileName: "saxonB-8.8.zip", - PackageVersion: "8.8", - }, - }, - UnpackagedFiles: map[spdx.ElementID]*spdx.File2_2{ - "File": { - FileSPDXIdentifier: "File", - FileChecksums: map[spdx.ChecksumAlgorithm]spdx.Checksum{ - "SHA1": { - Algorithm: "SHA1", - Value: "d6a770ba38583ed4bb4525bd96e50461655d2758", - }, - "MD5": { - Algorithm: "MD5", - Value: "624c1abb3664f4b35547e7c73864ad24", - }, - }, - FileComment: "The concluded license was taken from the package level that the file was included in.\nThis information was found in the COPYING.txt file in the xyz directory.", - FileCopyrightText: "Copyright 2008-2010 John Smith", - FileContributor: []string{"The Regents of the University of California", "Modified by Paul Mundt lethal@linux-sh.org", "IBM Corporation"}, - FileName: "./package/foo.c", - FileType: []string{"SOURCE"}, - LicenseComments: "The concluded license was taken from the package level that the file was included in.", - LicenseConcluded: "(LGPL-2.0-only OR LicenseRef-2)", - LicenseInfoInFile: []string{"GPL-2.0-only", "LicenseRef-2"}, - FileNotice: "Copyright (c) 2001 Aaron Lehmann aaroni@vitelus.com\n\nPermission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the �Software�), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: \nThe above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.", - }, - }, - OtherLicenses: []*spdx.OtherLicense2_2{ - { - ExtractedText: "\"THE BEER-WARE LICENSE\" (Revision 42):\nphk@FreeBSD.ORG wrote this file. As long as you retain this notice you\ncan do whatever you want with this stuff. If we meet some day, and you think this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp </\nLicenseName: Beer-Ware License (Version 42)\nLicenseCrossReference: http://people.freebsd.org/~phk/\nLicenseComment: \nThe beerware license has a couple of other standard variants.", - LicenseIdentifier: "LicenseRef-Beerware-4.2", - }, - { - ExtractedText: "/*\n * (c) Copyright 2009 University of Bristol\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", - LicenseIdentifier: "LicenseRef-4", - }, - { - LicenseComment: "This is tye CyperNeko License", - ExtractedText: "The CyberNeko Software License, Version 1.0\n\n \n(C) Copyright 2002-2005, Andy Clark. All rights reserved.\n \nRedistribution and use in source and binary forms, with or without\nmodification, are permitted provided that the following conditions\nare met:\n\n1. Redistributions of source code must retain the above copyright\n notice, this list of conditions and the following disclaimer. \n\n2. Redistributions in binary form must reproduce the above copyright\n notice, this list of conditions and the following disclaimer in\n the documentation and/or other materials provided with the\n distribution.\n\n3. The end-user documentation included with the redistribution,\n if any, must include the following acknowledgment: \n \"This product includes software developed by Andy Clark.\"\n Alternately, this acknowledgment may appear in the software itself,\n if and wherever such third-party acknowledgments normally appear.\n\n4. The names \"CyberNeko\" and \"NekoHTML\" must not be used to endorse\n or promote products derived from this software without prior \n written permission. For written permission, please contact \n andyc@cyberneko.net.\n\n5. Products derived from this software may not be called \"CyberNeko\",\n nor may \"CyberNeko\" appear in their name, without prior written\n permission of the author.\n\nTHIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED\nWARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\nOF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\nDISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR OTHER CONTRIBUTORS\nBE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, \nOR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT \nOF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR \nBUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, \nWHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE \nOR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, \nEVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", - LicenseIdentifier: "LicenseRef-3", - LicenseName: "CyberNeko License", - LicenseCrossReferences: []string{"http://people.apache.org/~andyc/neko/LICENSE", "http://justasample.url.com"}, - }, - { - ExtractedText: "This package includes the GRDDL parser developed by Hewlett Packard under the following license:\n� Copyright 2007 Hewlett-Packard Development Company, LP\n\nRedistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: \n\nRedistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. \nRedistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. \nThe name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. \nTHIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.", - LicenseIdentifier: "LicenseRef-2", - }, - { - ExtractedText: "/*\n * (c) Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Hewlett-Packard Development Company, LP\n * All rights reserved.\n *\n * Redistribution and use in source and binary forms, with or without\n * modification, are permitted provided that the following conditions\n * are met:\n * 1. Redistributions of source code must retain the above copyright\n * notice, this list of conditions and the following disclaimer.\n * 2. Redistributions in binary form must reproduce the above copyright\n * notice, this list of conditions and the following disclaimer in the\n * documentation and/or other materials provided with the distribution.\n * 3. The name of the author may not be used to endorse or promote products\n * derived from this software without specific prior written permission.\n *\n * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR\n * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES\n * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.\n * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,\n * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT\n * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF\n * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n*/", - LicenseIdentifier: "LicenseRef-1", - }, - }, - }, - wantErr: false, - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - got, err := Load2_2(tt.args.content) - if (err != nil) != tt.wantErr { - t.Errorf("Load2_2() error = %v, wantErr %v", err, tt.wantErr) - return - } - // check creation info - if !reflect.DeepEqual(got.CreationInfo, tt.want.CreationInfo) { - t.Errorf("Load2_2() = %v, want %v", got.CreationInfo, tt.want.CreationInfo) - } - // check annotations - for i := 0; i < len(tt.want.Annotations); i++ { - if !reflect.DeepEqual(got.Annotations[i], tt.want.Annotations[i]) { - t.Errorf("Load2_2() = %v, want %v", got.Annotations[i], tt.want.Annotations[i]) - } - } - // check relationships - for i := 0; i < len(got.Relationships); i++ { - if !reflect.DeepEqual(got.Relationships[i], tt.want.Relationships[i]) { - t.Errorf("Load2_2() = %v, want %v", got.Relationships[i], tt.want.Relationships[i]) - } - } - //check unpackaged files - for k, v := range tt.want.UnpackagedFiles { - if !reflect.DeepEqual(got.UnpackagedFiles[k], v) { - t.Errorf("Load2_2() = %v, want %v", got.UnpackagedFiles[k], v) - } - } - // check packages - for k, v := range tt.want.Packages { - if !reflect.DeepEqual(got.Packages[k], v) { - t.Errorf("Load2_2() = %v, want %v", got.Packages[k], v) - } - } - // check other licenses - for i := 0; i < len(got.OtherLicenses); i++ { - if !reflect.DeepEqual(got.OtherLicenses[i], tt.want.OtherLicenses[i]) { - t.Errorf("Load2_2() = %v, want %v", got.OtherLicenses[i], tt.want.OtherLicenses[i]) - } - } - // check reviews - for i := 0; i < len(got.Reviews); i++ { - if !reflect.DeepEqual(got.Reviews[i], tt.want.Reviews[i]) { - t.Errorf("Load2_2() = %v, want %v", got.Reviews[i], tt.want.Reviews[i]) - } - } - - }) - } -} diff --git a/jsonloader/parser2v2/types.go b/jsonloader/parser2v2/types.go deleted file mode 100644 index b85b23e..0000000 --- a/jsonloader/parser2v2/types.go +++ /dev/null @@ -1,9 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import "github.com/spdx/tools-golang/spdx" - -type spdxDocument2_2 spdx.Document2_2 - -type JSONSpdxDocument map[string]interface{} diff --git a/jsonloader/parser2v2/util.go b/jsonloader/parser2v2/util.go deleted file mode 100644 index 6676846..0000000 --- a/jsonloader/parser2v2/util.go +++ /dev/null @@ -1,115 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later - -package parser2v2 - -import ( - "fmt" - "strings" - - "github.com/spdx/tools-golang/spdx" -) - -// used to extract key / value from embedded substrings -// returns subkey, subvalue, nil if no error, or "", "", error otherwise -func extractSubs(value string) (string, string, error) { - // parse the value to see if it's a valid subvalue format - sp := strings.SplitN(value, ":", 2) - if len(sp) == 1 { - return "", "", fmt.Errorf("invalid subvalue format for %s (no colon found)", value) - } - - subkey := strings.TrimSpace(sp[0]) - subvalue := strings.TrimSpace(sp[1]) - - return subkey, subvalue, nil -} - -// used to extract DocumentRef and SPDXRef values from an SPDX Identifier -// which can point either to this document or to a different one -func extractDocElementID(value string) (spdx.DocElementID, error) { - docRefID := "" - idStr := value - - // check prefix to see if it's a DocumentRef ID - if strings.HasPrefix(idStr, "DocumentRef-") { - // extract the part that comes between "DocumentRef-" and ":" - strs := strings.Split(idStr, ":") - // should be exactly two, part before and part after - if len(strs) < 2 { - return spdx.DocElementID{}, fmt.Errorf("no colon found although DocumentRef- prefix present") - } - if len(strs) > 2 { - return spdx.DocElementID{}, fmt.Errorf("more than one colon found") - } - - // trim the prefix and confirm non-empty - docRefID = strings.TrimPrefix(strs[0], "DocumentRef-") - if docRefID == "" { - return spdx.DocElementID{}, fmt.Errorf("document identifier has nothing after prefix") - } - // and use remainder for element ID parsing - idStr = strs[1] - } - - // check prefix to confirm it's got the right prefix for element IDs - if !strings.HasPrefix(idStr, "SPDXRef-") { - return spdx.DocElementID{}, fmt.Errorf("missing SPDXRef- prefix for element identifier") - } - - // make sure no colons are present - if strings.Contains(idStr, ":") { - // we know this means there was no DocumentRef- prefix, because - // we would have handled multiple colons above if it was - return spdx.DocElementID{}, fmt.Errorf("invalid colon in element identifier") - } - - // trim the prefix and confirm non-empty - eltRefID := strings.TrimPrefix(idStr, "SPDXRef-") - if eltRefID == "" { - return spdx.DocElementID{}, fmt.Errorf("element identifier has nothing after prefix") - } - - // we're good - return spdx.DocElementID{DocumentRefID: docRefID, ElementRefID: spdx.ElementID(eltRefID)}, nil -} - -// used to extract SPDXRef values from an SPDX Identifier, OR "special" strings -// from a specified set of permitted values. The primary use case for this is -// the right-hand side of Relationships, where beginning in SPDX 2.2 the values -// "NONE" and "NOASSERTION" are permitted. If the value does not match one of -// the specified permitted values, it will fall back to the ordinary -// DocElementID extractor. -func extractDocElementSpecial(value string, permittedSpecial []string) (spdx.DocElementID, error) { - // check value against special set first - for _, sp := range permittedSpecial { - if sp == value { - return spdx.DocElementID{SpecialID: sp}, nil - } - } - // not found, fall back to regular search - return extractDocElementID(value) -} - -// used to extract SPDXRef values only from an SPDX Identifier which can point -// to this document only. Use extractDocElementID for parsing IDs that can -// refer either to this document or a different one. -func extractElementID(value string) (spdx.ElementID, error) { - // check prefix to confirm it's got the right prefix for element IDs - if !strings.HasPrefix(value, "SPDXRef-") { - return spdx.ElementID(""), fmt.Errorf("missing SPDXRef- prefix for element identifier") - } - - // make sure no colons are present - if strings.Contains(value, ":") { - return spdx.ElementID(""), fmt.Errorf("invalid colon in element identifier") - } - - // trim the prefix and confirm non-empty - eltRefID := strings.TrimPrefix(value, "SPDXRef-") - if eltRefID == "" { - return spdx.ElementID(""), fmt.Errorf("element identifier has nothing after prefix") - } - - // we're good - return spdx.ElementID(eltRefID), nil -} diff --git a/jsonloader/parser2v2/util_test.go b/jsonloader/parser2v2/util_test.go deleted file mode 100644 index e2f75d7..0000000 --- a/jsonloader/parser2v2/util_test.go +++ /dev/null @@ -1,156 +0,0 @@ -// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later -package parser2v2 - -import ( - "testing" - - "github.com/spdx/tools-golang/spdx" -) - -// ===== Helper function tests ===== - -func TestCanExtractSubvalues(t *testing.T) { - subkey, subvalue, err := extractSubs("SHA1: abc123") - if err != nil { - t.Errorf("got error when calling extractSubs: %v", err) - } - if subkey != "SHA1" { - t.Errorf("got %v for subkey", subkey) - } - if subvalue != "abc123" { - t.Errorf("got %v for subvalue", subvalue) - } -} - -func TestReturnsErrorForInvalidSubvalueFormat(t *testing.T) { - _, _, err := extractSubs("blah") - if err == nil { - t.Errorf("expected error when calling extractSubs for invalid format (0 colons), got nil") - } -} - -func TestCanExtractDocumentAndElementRefsFromID(t *testing.T) { - // test with valid ID in this document - helperForExtractDocElementID(t, "SPDXRef-file1", false, "", "file1") - // test with valid ID in another document - helperForExtractDocElementID(t, "DocumentRef-doc2:SPDXRef-file2", false, "doc2", "file2") - // test with invalid ID in this document - helperForExtractDocElementID(t, "a:SPDXRef-file1", true, "", "") - helperForExtractDocElementID(t, "file1", true, "", "") - helperForExtractDocElementID(t, "SPDXRef-", true, "", "") - helperForExtractDocElementID(t, "SPDXRef-file1:", true, "", "") - // test with invalid ID in another document - helperForExtractDocElementID(t, "DocumentRef-doc2", true, "", "") - helperForExtractDocElementID(t, "DocumentRef-doc2:", true, "", "") - helperForExtractDocElementID(t, "DocumentRef-doc2:SPDXRef-", true, "", "") - helperForExtractDocElementID(t, "DocumentRef-doc2:a", true, "", "") - helperForExtractDocElementID(t, "DocumentRef-:", true, "", "") - helperForExtractDocElementID(t, "DocumentRef-:SPDXRef-file1", true, "", "") - // test with invalid formats - helperForExtractDocElementID(t, "DocumentRef-doc2:SPDXRef-file1:file2", true, "", "") -} - -func helperForExtractDocElementID(t *testing.T, tst string, wantErr bool, wantDoc string, wantElt string) { - deID, err := extractDocElementID(tst) - if err != nil && wantErr == false { - t.Errorf("testing %v: expected nil error, got %v", tst, err) - } - if err == nil && wantErr == true { - t.Errorf("testing %v: expected non-nil error, got nil", tst) - } - if deID.DocumentRefID != wantDoc { - if wantDoc == "" { - t.Errorf("testing %v: want empty string for DocumentRefID, got %v", tst, deID.DocumentRefID) - } else { - t.Errorf("testing %v: want %v for DocumentRefID, got %v", tst, wantDoc, deID.DocumentRefID) - } - } - if deID.ElementRefID != spdx.ElementID(wantElt) { - if wantElt == "" { - t.Errorf("testing %v: want empty string for ElementRefID, got %v", tst, deID.ElementRefID) - } else { - t.Errorf("testing %v: want %v for ElementRefID, got %v", tst, wantElt, deID.ElementRefID) - } - } -} - -func TestCanExtractSpecialDocumentIDs(t *testing.T) { - permittedSpecial := []string{"NONE", "NOASSERTION"} - // test with valid special values - helperForExtractDocElementSpecial(t, permittedSpecial, "NONE", false, "", "", "NONE") - helperForExtractDocElementSpecial(t, permittedSpecial, "NOASSERTION", false, "", "", "NOASSERTION") - // test with valid regular IDs - helperForExtractDocElementSpecial(t, permittedSpecial, "SPDXRef-file1", false, "", "file1", "") - helperForExtractDocElementSpecial(t, permittedSpecial, "DocumentRef-doc2:SPDXRef-file2", false, "doc2", "file2", "") - helperForExtractDocElementSpecial(t, permittedSpecial, "a:SPDXRef-file1", true, "", "", "") - helperForExtractDocElementSpecial(t, permittedSpecial, "DocumentRef-doc2", true, "", "", "") - // test with invalid other words not on permitted list - helperForExtractDocElementSpecial(t, permittedSpecial, "FOO", true, "", "", "") -} - -func helperForExtractDocElementSpecial(t *testing.T, permittedSpecial []string, tst string, wantErr bool, wantDoc string, wantElt string, wantSpecial string) { - deID, err := extractDocElementSpecial(tst, permittedSpecial) - if err != nil && wantErr == false { - t.Errorf("testing %v: expected nil error, got %v", tst, err) - } - if err == nil && wantErr == true { - t.Errorf("testing %v: expected non-nil error, got nil", tst) - } - if deID.DocumentRefID != wantDoc { - if wantDoc == "" { - t.Errorf("testing %v: want empty string for DocumentRefID, got %v", tst, deID.DocumentRefID) - } else { - t.Errorf("testing %v: want %v for DocumentRefID, got %v", tst, wantDoc, deID.DocumentRefID) - } - } - if deID.ElementRefID != spdx.ElementID(wantElt) { - if wantElt == "" { - t.Errorf("testing %v: want empty string for ElementRefID, got %v", tst, deID.ElementRefID) - } else { - t.Errorf("testing %v: want %v for ElementRefID, got %v", tst, wantElt, deID.ElementRefID) - } - } - if deID.SpecialID != wantSpecial { - if wantSpecial == "" { - t.Errorf("testing %v: want empty string for SpecialID, got %v", tst, deID.SpecialID) - } else { - t.Errorf("testing %v: want %v for SpecialID, got %v", tst, wantSpecial, deID.SpecialID) - } - } -} - -func TestCanExtractElementRefsOnlyFromID(t *testing.T) { - // test with valid ID in this document - helperForExtractElementID(t, "SPDXRef-file1", false, "file1") - // test with valid ID in another document - helperForExtractElementID(t, "DocumentRef-doc2:SPDXRef-file2", true, "") - // test with invalid ID in this document - helperForExtractElementID(t, "a:SPDXRef-file1", true, "") - helperForExtractElementID(t, "file1", true, "") - helperForExtractElementID(t, "SPDXRef-", true, "") - helperForExtractElementID(t, "SPDXRef-file1:", true, "") - // test with invalid ID in another document - helperForExtractElementID(t, "DocumentRef-doc2", true, "") - helperForExtractElementID(t, "DocumentRef-doc2:", true, "") - helperForExtractElementID(t, "DocumentRef-doc2:SPDXRef-", true, "") - helperForExtractElementID(t, "DocumentRef-doc2:a", true, "") - helperForExtractElementID(t, "DocumentRef-:", true, "") - helperForExtractElementID(t, "DocumentRef-:SPDXRef-file1", true, "") -} - -func helperForExtractElementID(t *testing.T, tst string, wantErr bool, wantElt string) { - eID, err := extractElementID(tst) - if err != nil && wantErr == false { - t.Errorf("testing %v: expected nil error, got %v", tst, err) - } - if err == nil && wantErr == true { - t.Errorf("testing %v: expected non-nil error, got nil", tst) - } - if eID != spdx.ElementID(wantElt) { - if wantElt == "" { - t.Errorf("testing %v: want emptyString for ElementRefID, got %v", tst, eID) - } else { - t.Errorf("testing %v: want %v for ElementRefID, got %v", tst, wantElt, eID) - } - } -} |