Skip to content

chore(hfh):SP-4186 inclde licenses in hfh response #67

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
agustingroh merged 1 commit into from
Mar 26, 2026
Merged

chore(hfh):SP-4186 inclde licenses in hfh response #67

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased]

## [0.33.0] - 2026-03-26
### Added
- Added `License` nested message to `HFHResponse.Version` with `name`, `spdx_id`, `is_spdx_approved`, and `url` fields
- Added `licenses` repeated field to `HFHResponse.Version` to include license information in High precision Folder Hashing scan responses

## [0.32.1] - 2026-03-13
### Fixed
Expand Down Expand Up @@ -251,6 +255,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Vulnerabilities
- Added REST endpoint support for each service also

[0.33.0]: https://github.com/scanoss/papi/compare/v0.32.1...v0.33.0
[0.32.1]: https://github.com/scanoss/papi/compare/v0.32.0...v0.32.1
[0.32.0]: https://github.com/scanoss/papi/compare/v0.31.0...v0.32.0
[0.31.0]: https://github.com/scanoss/papi/compare/v0.30.0...v0.31.0
Expand Down
154 changes: 122 additions & 32 deletions api/scanningv2/scanoss-scanning.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions protobuf/scanoss/api/common/v2/scanoss-common.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -167,5 +167,7 @@ enum ErrorCode {
// Component version not found
VERSION_NOT_FOUND = 4;



}

46 changes: 42 additions & 4 deletions protobuf/scanoss/api/scanning/v2/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -93,11 +93,27 @@ Each component object contains:
"versions": [
{
"version": "1.30.0",
"score": 0.95
"score": 0.95,
"licenses": [
{
"name": "MIT License",
"spdx_id": "MIT",
"is_spdx_approved": true,
"url": "https://spdx.org/licenses/MIT.html"
}
]
},
{
"version": "1.29.0",
"score": 0.87
"score": 0.87,
"licenses": [
{
"name": "MIT License",
"spdx_id": "MIT",
"is_spdx_approved": true,
"url": "https://spdx.org/licenses/MIT.html"
}
]
}
],
"rank": 1,
Expand All @@ -110,7 +126,21 @@ Each component object contains:
"versions": [
{
"version": "2.1.0",
"score": 0.78
"score": 0.78,
"licenses": [
{
"name": "Apache License 2.0",
"spdx_id": "Apache-2.0",
"is_spdx_approved": true,
"url": "https://spdx.org/licenses/Apache-2.0.html"
},
{
"name": "MIT License",
"spdx_id": "MIT",
"is_spdx_approved": true,
"url": "https://spdx.org/licenses/MIT.html"
}
]
}
],
"rank": 3,
Expand All @@ -128,7 +158,15 @@ Each component object contains:
"versions": [
{
"version": "2.31.0",
"score": 0.92
"score": 0.92,
"licenses": [
{
"name": "Apache License 2.0",
"spdx_id": "Apache-2.0",
"is_spdx_approved": true,
"url": "https://spdx.org/licenses/Apache-2.0.html"
}
]
}
],
"rank": 1,
Expand Down
15 changes: 15 additions & 0 deletions protobuf/scanoss/api/scanning/v2/scanoss-scanning.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -124,10 +124,25 @@ message HFHRequest {
message HFHResponse {
// Component version details
message Version {

// Component license
message License {
// Full name of the license
string name = 1;
// SPDX license identifier. See https://spdx.org/licenses/
string spdx_id = 2 [json_name = "spdx_id"];
// Indicates whether this license is approved by the SPDX organization
bool is_spdx_approved = 3 [json_name = "is_spdx_approved"];
// URL pointing to the full license text
string url = 4;
}

// Component version
string version = 1;
// Component score (0-1)
float score = 2;
// Licenses
repeated License licenses = 3;
}
// Matched component details
message Component {
Expand Down
30 changes: 30 additions & 0 deletions protobuf/scanoss/api/scanning/v2/scanoss-scanning.swagger.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -210,10 +210,40 @@
"type": "number",
"format": "float",
"title": "Component score (0-1)"
},
"licenses": {
"type": "array",
"items": {
"type": "object",
"$ref": "#/definitions/HFHResponseVersionLicense"
},
"title": "Licenses"
}
},
"title": "Component version details"
},
"HFHResponseVersionLicense": {
"type": "object",
"properties": {
"name": {
"type": "string",
"title": "Full name of the license"
},
"spdx_id": {
"type": "string",
"title": "SPDX license identifier. See https://spdx.org/licenses/"
},
"is_spdx_approved": {
"type": "boolean",
"title": "Indicates whether this license is approved by the SPDX organization"
},
"url": {
"type": "string",
"title": "URL pointing to the full license text"
}
},
"title": "Component license"
},
"StatusResponseDB": {
"type": "object",
"properties": {
Expand Down
Loading