Bug#795641: lintian: [PATCH] fix common license false positives in new-style copyright files
Package: lintian
Version: 2.5.35
Severity: normal
This patch fixes lack-of-common-license-reference false positives in
new-style copyright files when a license refers to one of these common
licenses.
It includes a test for this against all common licenses.
All testsuite tests pass.
The patch is against the debcheckout of lintian.
-- System Information:
Debian Release: jessie/sid
APT prefers vivid-updates
APT policy: (500, 'vivid-updates'), (500, 'vivid-security'), (500, 'vivid'), (100, 'vivid-backports'), (1, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.19.0-25-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages lintian depends on:
ii binutils 2.25-5ubuntu7
ii bzip2 1.0.6-7
ii diffstat 1.59-1
ii file 1:5.20-1ubuntu2
ii gettext 0.19.2-2ubuntu1
ii hardening-includes 2.7ubuntu1
ii intltool-debian 0.35.0+20060710.1
ii libapt-pkg-perl 0.1.29build2
ii libarchive-zip-perl 1.39-1
ii libclass-accessor-perl 0.34-1
ii libclone-perl 0.37-1build1
ii libdpkg-perl 1.17.25ubuntu1
ii libemail-valid-perl 1.195-1
ii libfile-basedir-perl 0.03-1fakesync1
ii libipc-run-perl 0.92-1
ii liblist-moreutils-perl 0.33-2build1
ii libparse-debianchangelog-perl 1.2.0-1.1
ii libtext-levenshtein-perl 0.11-1
ii libtimedate-perl 2.3000-2
ii liburi-perl 1.64-1
ii man-db 2.7.0.2-5
ii patchutils 0.3.3-1
ii perl [libdigest-sha-perl] 5.20.2-2
ii t1utils 1.38-4
ii xz-utils 5.1.1alpha+20120614-2ubuntu2
Versions of packages lintian recommends:
ii dpkg 1.18.2
ii libautodie-perl 2.25-1
ii libperlio-gzip-perl 0.18-3build1
ii perl 5.20.2-2
ii perl-modules [libautodie-perl] 5.20.2-2
Versions of packages lintian suggests:
pn binutils-multiarch <none>
ii dpkg-dev 1.17.25ubuntu1
ii libhtml-parser-perl 3.71-1build2
ii libtext-template-perl 1.46-1
ii libyaml-perl 1.13-1
-- no debconf information
>From 441f44c5be0fe70d9a86b3ee0cec49430b0c2a9d Mon Sep 17 00:00:00 2001
From: Rafael Kitover <rkitover@gmail.com>
Date: Sat, 15 Aug 2015 17:50:34 -0400
Subject: [PATCH] fix common lic. false pos. in new-style copyright
Fix false positives for lack of common license references in new-style
copyright files when a license refers to another license, by trying to
parse the file and then checking both the names of the licenses and the
texts.
Add new test for references to common licenses as well.
The test suite passes with these changes.
---
checks/copyright-file.pm | 106 +++++++++++++++++++--
.../debian/debian/control.in | 94 ++++++++++++++++++
.../debian/copyright-mentions-apache.copyright | 13 +++
.../debian/copyright-mentions-apache2.copyright | 13 +++
.../debian/copyright-mentions-apache3.copyright | 13 +++
.../debian/copyright-mentions-gfdl.copyright | 13 +++
.../debian/debian/copyright-mentions-gpl.copyright | 14 +++
.../debian/copyright-mentions-lgpl.copyright | 13 +++
.../debian/copyright-mentions-lgpl2.copyright | 13 +++
.../debian/copyright-mentions-perl.copyright | 13 +++
t/tests/copyright-file-non-common-license/desc | 12 +++
t/tests/copyright-file-non-common-license/tags | 0
12 files changed, 310 insertions(+), 7 deletions(-)
create mode 100644 t/tests/copyright-file-non-common-license/debian/debian/control.in
create mode 100644 t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-apache.copyright
create mode 100644 t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-apache2.copyright
create mode 100644 t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-apache3.copyright
create mode 100644 t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-gfdl.copyright
create mode 100644 t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-gpl.copyright
create mode 100644 t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-lgpl.copyright
create mode 100644 t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-lgpl2.copyright
create mode 100644 t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-perl.copyright
create mode 100644 t/tests/copyright-file-non-common-license/desc
create mode 100644 t/tests/copyright-file-non-common-license/tags
diff --git a/checks/copyright-file.pm b/checks/copyright-file.pm
index c6e35ef..09b664e 100644
--- a/checks/copyright-file.pm
+++ b/checks/copyright-file.pm
@@ -40,7 +40,8 @@ use List::MoreUtils qw(any);
use Lintian::Check qw(check_spelling spelling_tag_emitter);
use Lintian::Data ();
use Lintian::Tags qw(tag);
-use Lintian::Util qw(slurp_entire_file file_is_encoded_in_non_utf8);
+use Lintian::Util
+ qw(slurp_entire_file file_is_encoded_in_non_utf8 read_dpkg_control);
our $KNOWN_ESSENTIAL = Lintian::Data->new('fields/essential');
our $KNOWN_COMMON_LICENSES
@@ -245,19 +246,71 @@ sub run {
|| $wrong_directory_detected
) {
# False positive or correct reference. Ignore.
- } elsif (m/GNU Free Documentation License/i or m/\bGFDL\b/) {
+ } elsif (
+ check_names_texts(
+ sub {
+ /\b(?:GFDL|gnu-free-documentation-license)\b/i;
+ },
+ sub {
+ /GNU Free Documentation License|(?-i:\bGFDL\b)/i
+ &&!m,usr/share/common-licenses/,;
+ },
+ $dcopy
+ )
+ ) {
tag 'copyright-should-refer-to-common-license-file-for-gfdl';
- } elsif (m/GNU (?:Lesser|Library) General Public License/i or m/\bLGPL\b/){
+ } elsif (
+ check_names_texts(
+ sub {
+ /\b(?:LGPL|gnu-(?:lesser|library)-general-public-license)\b/i;
+ },
+ sub {
+ /GNU (?:Lesser|Library) General Public License|(?-i:\bLGPL\b)/i
+ &&!m,usr/share/common-licenses/,;
+ },
+ $dcopy
+ )
+ ) {
tag 'copyright-should-refer-to-common-license-file-for-lgpl';
- } elsif (m/GNU General Public License/i or m/\bGPL\b/) {
+ } elsif (
+ check_names_texts(
+ sub {
+ /\b(?:GPL|gnu-general-public-license)\b/i;
+ },
+ sub {
+ /GNU General Public License|(?-i:\bGPL\b)/i
+ &&!m,usr/share/common-licenses/,;
+ },
+ $dcopy
+ )
+ ) {
tag 'copyright-should-refer-to-common-license-file-for-gpl';
$gpl = 1;
- } elsif (m/Apache License\s+,? Version 2\.0/i or m/\bApache-2(?:\.0)?\b/) {
+ } elsif (
+ check_names_texts(
+ sub {
+ /\bapache-2/i;
+ },
+ sub {
+ /\bApache License\s*,?\s*Version 2|\b(?-i:Apache)-2/i
+ &&!m,usr/share/common-licenses/,;
+ },
+ $dcopy
+ )
+ ) {
tag 'copyright-should-refer-to-common-license-file-for-apache-2';
}
- if (m,(?:under )?(?:the )?(?:same )?(?:terms )?as Perl itself,i
- && !m,usr/share/common-licenses/,) {
+ if (
+ check_names_texts(
+ sub { /\b(?:perl|artistic)\b/ },
+ sub {
+ /(?:under )?(?:the )?(?:same )?(?:terms )?as Perl itself\b/i
+ &&!m,usr/share/common-licenses/,;
+ },
+ $dcopy
+ )
+ ) {
tag 'copyright-file-lacks-pointer-to-perl-license';
}
@@ -373,6 +426,45 @@ sub check_cross_link {
return;
}
+# Checks the name and text of every license in the file against given name and
+# text check coderefs, if the file is in the new format, if the file is in the
+# old format only runs the text coderef against the whole file.
+sub check_names_texts {
+ my ($name_check, $text_check, $file) = @_;
+
+ local $@;
+ eval {
+ foreach my $paragraph (read_dpkg_control($file)) {
+ next
+ unless (keys %$paragraph == 1)
+ && ((keys %$paragraph)[0] =~ /^license$/i);
+
+ my ($license_name, $license_text)
+ = (values %$paragraph)[0] =~ /^([^\r\n]+)\r?\n(.*)\z/s;
+
+ my $matches = do {
+ local $_ = $license_name || '';
+ $name_check->($_);
+ }
+ && do {
+ local $_ = $license_text || '';
+ $text_check->($_);
+ };
+
+ die 'MATCH' if $matches;
+ }
+ };
+ if ($@)
+ { # match or parse error: copyright not in new format, just check text
+ return 1 if $@ =~ /^MATCH/;
+
+ local $_ = slurp_entire_file($file);
+ return $text_check->($_);
+ }
+
+ return; # did not match anything
+}
+
1;
# Local Variables:
diff --git a/t/tests/copyright-file-non-common-license/debian/debian/control.in b/t/tests/copyright-file-non-common-license/debian/debian/control.in
new file mode 100644
index 0000000..e80822d
--- /dev/null
+++ b/t/tests/copyright-file-non-common-license/debian/debian/control.in
@@ -0,0 +1,94 @@
+Source: {$source}
+Priority: extra
+Section: {$section}
+Maintainer: {$author}
+Standards-Version: {$standards_version}
+Build-Depends: debhelper (>= 9)
+
+Package: copyright-mentions-apache
+Architecture: all
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
+Description: checks against common license false positive for Apache
+ Tests against common license false positive for Apache.
+ .
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package. It may
+ be an empty package.
+
+Package: copyright-mentions-apache2
+Architecture: all
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
+Description: checks against common license false positive for Apache (2)
+ Tests against common license false positive for Apache (2).
+ .
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package. It may
+ be an empty package.
+
+Package: copyright-mentions-apache3
+Architecture: all
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
+Description: checks against common license false positive for Apache (3)
+ Tests against common license false positive for Apache (3).
+ .
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package. It may
+ be an empty package.
+
+Package: copyright-mentions-gfdl
+Architecture: all
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
+Description: checks against common license false positive for gfdl
+ Tests against common license false positive for gfdl.
+ .
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package. It may
+ be an empty package.
+
+Package: copyright-mentions-gpl
+Architecture: all
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
+Description: checks against common license false positive for gpl
+ Tests against common license false positive for gpl.
+ .
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package. It may
+ be an empty package.
+
+Package: copyright-mentions-lgpl
+Architecture: all
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
+Description: checks against common license false positive for lgpl
+ Tests against common license false positive for lgpl.
+ .
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package. It may
+ be an empty package.
+
+Package: copyright-mentions-lgpl2
+Architecture: all
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
+Description: checks against common license false positive for lgpl (2)
+ Tests against common license false positive for lgpl (2).
+ .
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package. It may
+ be an empty package.
+
+Package: copyright-mentions-perl
+Architecture: all
+Depends: $\{shlibs:Depends\}, $\{misc:Depends\}
+Description: checks against common license false positive for perl
+ Tests against common license false positive for perl.
+ .
+ This is a test package designed to exercise some feature or tag of
+ Lintian. It is part of the Lintian test suite and may do very odd
+ things. It should not be installed like a regular package. It may
+ be an empty package.
diff --git a/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-apache.copyright b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-apache.copyright
new file mode 100644
index 0000000..b4fe499
--- /dev/null
+++ b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-apache.copyright
@@ -0,0 +1,13 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: lintian
+Upstream-Contact: Lintian Maintainers <debian-lint-maint@lists.debian.org>
+Source: http://git.debian.org/?p=lintian/lintian.git
+
+Files: *
+Copyright: 2015 Lintian Maintainers <debian-lint-maint@lists.debian.org>
+License: Mentions-Other-License
+
+License: Mentions-Other-License
+ lorem ipsum
+ lorem ipsum Apache License , Version 2.0 lorem ipsum
+ lorem ipsum
diff --git a/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-apache2.copyright b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-apache2.copyright
new file mode 100644
index 0000000..035ee22
--- /dev/null
+++ b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-apache2.copyright
@@ -0,0 +1,13 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: lintian
+Upstream-Contact: Lintian Maintainers <debian-lint-maint@lists.debian.org>
+Source: http://git.debian.org/?p=lintian/lintian.git
+
+Files: *
+Copyright: 2015 Lintian Maintainers <debian-lint-maint@lists.debian.org>
+License: Mentions-Other-License
+
+License: Mentions-Other-License
+ lorem ipsum
+ lorem ipsum Apache License Version 2.0 lorem ipsum
+ lorem ipsum
diff --git a/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-apache3.copyright b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-apache3.copyright
new file mode 100644
index 0000000..dab0d47
--- /dev/null
+++ b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-apache3.copyright
@@ -0,0 +1,13 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: lintian
+Upstream-Contact: Lintian Maintainers <debian-lint-maint@lists.debian.org>
+Source: http://git.debian.org/?p=lintian/lintian.git
+
+Files: *
+Copyright: 2015 Lintian Maintainers <debian-lint-maint@lists.debian.org>
+License: Mentions-Other-License
+
+License: Mentions-Other-License
+ lorem ipsum
+ lorem ipsum Apache-2 License lorem ipsum
+ lorem ipsum
diff --git a/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-gfdl.copyright b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-gfdl.copyright
new file mode 100644
index 0000000..5a8f46b
--- /dev/null
+++ b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-gfdl.copyright
@@ -0,0 +1,13 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: lintian
+Upstream-Contact: Lintian Maintainers <debian-lint-maint@lists.debian.org>
+Source: http://git.debian.org/?p=lintian/lintian.git
+
+Files: *
+Copyright: 2015 Lintian Maintainers <debian-lint-maint@lists.debian.org>
+License: Mentions-Other-License
+
+License: Mentions-Other-License
+ lorem ipsum
+ lorem ipsum GNU Free Documentation License (GFDL) lorem ipsum
+ lorem ipsum
diff --git a/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-gpl.copyright b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-gpl.copyright
new file mode 100644
index 0000000..248debf
--- /dev/null
+++ b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-gpl.copyright
@@ -0,0 +1,14 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: lintian
+Upstream-Contact: Lintian Maintainers <debian-lint-maint@lists.debian.org>
+Source: http://git.debian.org/?p=lintian/lintian.git
+
+Files: *
+Copyright: 2015 Lintian Maintainers <debian-lint-maint@lists.debian.org>
+License: Mentions-Other-License
+
+License: Mentions-Other-License
+ lorem ipsum
+ lorem ipsum GNU General Public License (GPL) applies to the changes,
+ .
+ lorem ipsum
diff --git a/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-lgpl.copyright b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-lgpl.copyright
new file mode 100644
index 0000000..89c5e79
--- /dev/null
+++ b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-lgpl.copyright
@@ -0,0 +1,13 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: lintian
+Upstream-Contact: Lintian Maintainers <debian-lint-maint@lists.debian.org>
+Source: http://git.debian.org/?p=lintian/lintian.git
+
+Files: *
+Copyright: 2015 Lintian Maintainers <debian-lint-maint@lists.debian.org>
+License: Mentions-Other-License
+
+License: Mentions-Other-License
+ lorem ipsum
+ lorem ipsum GNU Lesser General Public License (LGPL) lorem ipsum
+ lorem ipsum
diff --git a/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-lgpl2.copyright b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-lgpl2.copyright
new file mode 100644
index 0000000..291c0e6
--- /dev/null
+++ b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-lgpl2.copyright
@@ -0,0 +1,13 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: lintian
+Upstream-Contact: Lintian Maintainers <debian-lint-maint@lists.debian.org>
+Source: http://git.debian.org/?p=lintian/lintian.git
+
+Files: *
+Copyright: 2015 Lintian Maintainers <debian-lint-maint@lists.debian.org>
+License: Mentions-Other-License
+
+License: Mentions-Other-License
+ lorem ipsum
+ lorem ipsum GNU Library General Public License (LGPL) lorem ipsum
+ lorem ipsum
diff --git a/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-perl.copyright b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-perl.copyright
new file mode 100644
index 0000000..b2c896a
--- /dev/null
+++ b/t/tests/copyright-file-non-common-license/debian/debian/copyright-mentions-perl.copyright
@@ -0,0 +1,13 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: lintian
+Upstream-Contact: Lintian Maintainers <debian-lint-maint@lists.debian.org>
+Source: http://git.debian.org/?p=lintian/lintian.git
+
+Files: *
+Copyright: 2015 Lintian Maintainers <debian-lint-maint@lists.debian.org>
+License: Mentions-Other-License
+
+License: Mentions-Other-License
+ lorem ipsum
+ lorem ipsum under the same terms as Perl itself lorem ipsum
+ lorem ipsum
diff --git a/t/tests/copyright-file-non-common-license/desc b/t/tests/copyright-file-non-common-license/desc
new file mode 100644
index 0000000..c652192
--- /dev/null
+++ b/t/tests/copyright-file-non-common-license/desc
@@ -0,0 +1,12 @@
+Testname: copyright-file-non-common-license
+Sequence: 6000
+Version: 1.0
+Description: Test for false positive for a common license
+Skeleton: pedantic
+Options: -IE --pedantic
+Test-Against:
+ copyright-should-refer-to-common-license-file-for-gpl
+ copyright-should-refer-to-common-license-file-for-gfdl
+ copyright-should-refer-to-common-license-file-for-lgpl
+ copyright-should-refer-to-common-license-file-for-apache-2
+ copyright-file-lacks-pointer-to-perl-license
diff --git a/t/tests/copyright-file-non-common-license/tags b/t/tests/copyright-file-non-common-license/tags
new file mode 100644
index 0000000..e69de29
--
2.1.4
Reply to: