From b09c6d56832eb1718c07d74abf3bc6ae3fe4e030 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 28 Apr 2024 14:36:04 +0200
Subject: Adding upstream version 1.1.0.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .github/workflows/compliance/check-licenses.sh | 72 ++++++++++++++++++++++++++
 1 file changed, 72 insertions(+)
 create mode 100755 .github/workflows/compliance/check-licenses.sh

(limited to '.github/workflows/compliance/check-licenses.sh')

diff --git a/.github/workflows/compliance/check-licenses.sh b/.github/workflows/compliance/check-licenses.sh
new file mode 100755
index 0000000..63ff76f
--- /dev/null
+++ b/.github/workflows/compliance/check-licenses.sh
@@ -0,0 +1,72 @@
+#!/bin/bash
+
+set -eo pipefail
+
+find_license_file() {
+  MOD_NAME="$1"
+  LICENSE_DIR="vendor/$MOD_NAME"
+  LICENSE_FILES=({,../}{,UN}LICENSE{,.txt,.md})
+
+  for LICENSE_FILE in "${LICENSE_FILES[@]}"; do
+    LICENSE_FILE="${LICENSE_DIR}/$LICENSE_FILE"
+
+    if [ -e "$LICENSE_FILE" ]; then
+      echo "$LICENSE_FILE"
+      return
+    fi
+  done
+
+  echo "Module ${MOD_NAME}: license file missing in ${LICENSE_DIR}. Tried:" "${LICENSE_FILES[@]}" >&2
+  false
+}
+
+list_all_deps() {
+  for MAIN_MOD in ./cmd/*; do
+    go list -deps "$MAIN_MOD"
+  done
+}
+
+COMPATIBLE_LINE=$(($LINENO + 2))
+
+COMPATIBLE=(
+  # public domain
+  3cee2c43614ad4572d9d594c81b9348cf45ed5ac # vendor/github.com/vbauerster/mpb/v6/UNLICENSE
+  # MIT
+  66d504eb2f162b9cbf11b07506eeed90c6edabe1 # vendor/github.com/cespare/xxhash/v2/LICENSE.txt
+  1513ff663e946fdcadb630bed670d253b8b22e1e # vendor/github.com/davecgh/go-spew/spew/../LICENSE
+  90a1030e6314df9a898e5bfbdb4c6176d0a1f81c # vendor/github.com/jmoiron/sqlx/LICENSE
+  # BSD-2
+  8762249b76928cb6995b98a95a9396c5aaf104f3 # vendor/github.com/go-redis/redis/v8/LICENSE
+  d550c89174b585d03dc67203952b38372b4ce254 # vendor/github.com/pkg/errors/LICENSE
+  # BSD-3
+  b23b967bba92ea3c5ccde9962027cd70400865eb # vendor/github.com/google/uuid/LICENSE
+  604b38b184689a3db06a0617216d52a95aea10d8 # vendor/github.com/pmezard/go-difflib/difflib/../LICENSE
+  # MPLv2
+  0a2b84dd9b124c4d95dd24418c3e84fd870cc0ac # vendor/github.com/go-sql-driver/mysql/LICENSE
+)
+
+MY_DIR="$(dirname "$0")"
+
+go mod vendor
+
+for MOD_NAME in $(list_all_deps | "${MY_DIR}/ls-deps.pl"); do
+  LICENSE_FILE="$(find_license_file "$MOD_NAME")"
+
+  "${MY_DIR}/anonymize-license.pl" "$LICENSE_FILE"
+  tr -d ., <"$LICENSE_FILE" | tr \\n\\t ' ' | sponge "$LICENSE_FILE"
+  perl -p0 -i -e 's/  +/ /g; s/ +$//; $_ = lc' "$LICENSE_FILE"
+
+  for SHA1 in "${COMPATIBLE[@]}"; do
+    if sha1sum -c <<<"$SHA1  $LICENSE_FILE" >/dev/null 2>&1; then
+      continue 2
+    fi
+  done
+
+  echo "Module ${MOD_NAME}: unknown license. Run 'go mod vendor' (or see below), verify by yourself whether" \
+    "$LICENSE_FILE is GPLv2 compatible and (if yes) update the license text hashes list at ${0}:$COMPATIBLE_LINE" \
+    "and eventually .github/workflows/compliance/anonymize-license.pl:7" >&2
+
+  sha1sum "$LICENSE_FILE"
+  head "$LICENSE_FILE"
+  false
+done
-- 
cgit v1.2.3