A tool to analyze the compatibility of licenses in a project.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ZionQAQ from gravatar.com ZionQAQ
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • Author: ZION
  • Requires: Python <=3.14, >=3.11
Classifiers
Report project as malware

Project description

compliance_license_compatibility

English Version

介绍

开源许可证兼容性分析工具,基于结构化的许可证信息和具体场景的依赖行为与构建设置,对目标中引入的开源许可证进行兼容性分析。

尽管我们会尽力确保该工具的准确性和可靠性,但本项目的检查结果不构成任何法律建议。使用者应自行审查和判断,以确定所采取的行动是否符合法律法规以及相关许可证的规定。

注意:本项目当前仍处于早期版本,相关结果的准确性未进行验证,且迭代过程中各模块接口将会发生较大变化。

安装教程

  1. 确保已经安装 python 3.11^
  2. clone 仓库
  3. 进入仓库根目录 pip install .

如果安装过 lict 版本,请先卸载旧版

使用说明

确保工具安装后,终端输入指令 liscopelens --help

usage: liscopelens [-h] [-c CONFIG] {sbom,cpp} ...

部件兼容性分析工具

positional arguments:
  {sbom,cpp}
    sbom                Software Bill of Materials (SBOM) parser, this parser only support for OH sbom format.
    cpp                 This parser is used to parse the C/C++ repository and provide an include dependency graph
                        for subsequent operations

options:
  -h, --help            show this help message and exit
  -c CONFIG, --config CONFIG
                        配置文件路径

分析代码仓库的兼容性(请确保存在gn工具或者gn解析文件)

  1. 获取 OpenHarmoy 源码
  2. 安装 OpenHarmony 编译构建工具执行 ./build.sh --product-name {设备形态} --gn-flags="--ide=json" --gn-flags="--json-file-name=out.json"
  3. 确保在源码根目录下具有OpenHarmony/out/{设备形态}/out.json 存在
  4. 使用 Scancode 扫描 OpenHarmony 许可证
  5. 执行 liscopelens 进行兼容性扫描 
    liscopelens cpp --gn_file OpenHarmony/out/{设备形态}/out.json --scancode-file path/to/scancode-res.json --output ./output
  6. 查看 output/results.json 或则借助审查工具

其他参数可以,查看帮助 liscopelens cpp -h,解释如下:

usage: liscopelens cpp [-h] (--gn_tool GN_TOOL | --gn_file GN_FILE)
                (--scancode-file SCANCODE_FILE | --scancode-dir SCANCODE_DIR) [--rm-ref-lang] [--save-kg]
                [--ignore-unk] [--out-gml OUT_GML] [--echo] [--out-echo OUT_ECHO]

options:
  -h, --help            show this help message and exit
  --gn_tool GN_TOOL     the path of the gn tool in executable form
  --gn_file GN_FILE     the path of the gn deps graph output file
  --scancode-file SCANCODE_FILE
                        The path of the scancode output in json format file
  --scancode-dir SCANCODE_DIR
                        The path of the directory that contain json files
  --rm-ref-lang         Automatically remove scancode ref prefix and language suffix from spdx ids
  --save-kg             Save new knowledge graph after infer parse
  --ignore-unk          Ignore unknown licenses
  --out-gml OUT_GML     The output path of the graph
  --echo                Echo the final result of compatibility checking
  --out-echo OUT_ECHO   The output path of the echo result

参数列表

参数 类型 说明 是否必须
cpp bool 指明检测C/C++代码仓库
--gn_tool str GN 工具的可执行文件路径
--gn_file str GN 依赖图输出文件路径
--scancode-file str Scancode 输出的 JSON 格式文件路径
--scancode-dir str 包含 JSON 文件的目录路径
--rm-ref-lang bool 自动移除 Scancode 引用前缀和语言后缀
--save-kg bool 在解析后保存新的知识图谱
--ignore-unk bool 忽略未知的许可证
--out-gml str 图谱的输出路径
--echo bool 回显兼容性检查的最终结果
--out-echo str 回显结果的输出路径

gn依赖图格式

{
  "build_settings": {
    "build_dir": "//out/hispark_taurus/ipcamera_hispark_taurus/",
    "default_toolchain": "//build/lite/toolchain:linux_x86_64_ohos_clang",
    "gen_input_files": [
      "//.gn",
      "//vendor/hisilicon/hispark_taurus/hdf_config/BUILD.gn",
      "//vendor/hisilicon/hispark_taurus/hdf_config/hdf_test/BUILD.gn"
    ],
    "root_path": "/home/dragon/oh"
  },
  "targets": {
    "//applications/sample/camera/cameraApp:cameraApp_hap": {
      "all_dependent_configs": [
        "//third_party/musl/scripts/build_lite:sysroot_flags"
      ],
      "deps": [
        "//applications/sample/camera/cameraApp:cameraApp",
        "//developtools/packing_tool:packing_tool",
        "//third_party/musl:sysroot_lite"
      ],
      "metadata": {
      },
      "outputs": [
        "//out/hispark_taurus/ipcamera_hispark_taurus/obj/applications/sample/camera/cameraApp/cameraApp_hap_build_log.txt"
      ],
      "public": "*",
      "script": "//build/lite/hap_pack.py",
      "testonly": false,
      "toolchain": "//build/lite/toolchain:linux_x86_64_ohos_clang",
      "type": "action",
      "visibility": [
        "*"
      ]
    },
    "//foundation/arkui/ace_engine_lite/frameworks/src/core/stylemgr/test/unittest:stylemgr_unittest": {
         "all_dependent_configs": [ "//third_party/musl/scripts/build_lite:sysroot_flags" ],
         "deps": [ "//foundation/arkui/ace_engine_lite/frameworks/src/core/stylemgr/test/unittest:js_frameworks_test_condition_arbitrator", "//foundation/arkui/ace_engine_lite/frameworks/src/core/stylemgr/test/unittest:js_frameworks_test_link_queue", "//foundation/arkui/ace_engine_lite/frameworks/src/core/stylemgr/test/unittest:js_frameworks_test_link_stack", "//foundation/arkui/ace_engine_lite/frameworks/src/core/stylemgr/test/unittest:js_frameworks_test_stylemgr", "//foundation/arkui/ace_engine_lite/frameworks/src/core/stylemgr/test/unittest:js_frameworks_test_stylemgr_media_query" ],
         "metadata": {

         },
         "public": "*",
         "testonly": false,
         "toolchain": "//build/lite/toolchain:linux_x86_64_ohos_clang",
         "type": "group",
         "visibility": [ "*" ]
      }
  }
}

已知问题

  1. poetry install | add 无响应或者报错提示包括 Failed to unlock the collection.
export PYTHON_KEYRING_BACKEND=keyring.backends.null.Keyring

审查结果

执行完成后审查冲突结果(请确保传入输出位置参数 liscopelens <command> ... --output path/to/output_dir

liscopelens query /path/to/output_dir

query演示

参与贡献

参见设计文档

结果复现

参见Reproduction and Data Acquisition

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for ZionQAQ from gravatar.com ZionQAQ
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • Author: ZION
  • Requires: Python <=3.14, >=3.11
Classifiers

Release history Release notifications | RSS feed

0.2.18

0.2.17.post1

0.2.17

0.2.16

0.2.15

0.2.14

0.2.13

0.2.12

0.2.11

0.2.10

This version

0.2.9

0.2.8

0.2.7

0.2.6

0.2.5

0.2.4

0.2.3

0.2.2

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

liscopelens-0.2.9.tar.gz (89.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

liscopelens-0.2.9-py3-none-any.whl (156.2 kB view details)

Uploaded Python 3

File details

Details for the file liscopelens-0.2.9.tar.gz.

File metadata

  • Download URL: liscopelens-0.2.9.tar.gz
  • Upload date:
  • Size: 89.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.1.4 CPython/3.13.7 Windows/11

File hashes

Hashes for liscopelens-0.2.9.tar.gz
Algorithm Hash digest
SHA256 0caa4042a2bfbf5e96085857a93f5c97276c00a7fe9c67af52d379f28a87c1c3
MD5 7bfbf289a5f050ea89ecc0162b72d86e
BLAKE2b-256 0c23effb1df138abb5c4a1d2094bf72762da0ead374ec76efcdc45e0653b1a3e

See more details on using hashes here.

File details

Details for the file liscopelens-0.2.9-py3-none-any.whl.

File metadata

  • Download URL: liscopelens-0.2.9-py3-none-any.whl
  • Upload date:
  • Size: 156.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.1.4 CPython/3.13.7 Windows/11

File hashes

Hashes for liscopelens-0.2.9-py3-none-any.whl
Algorithm Hash digest
SHA256 9ef1de13e7ef8ed4a2cc8cd0f30a245f6d7253fc720ca66105fe1d65b65afab3
MD5 204fe1e6cbac879b2b5bd81f8498c1eb
BLAKE2b-256 38d29ca7f499ea7b5f8c632c97cdc34bc974db81e408ec99fa8ef5d268a6f0ce

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page