You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is definitely better than no check at all, but notice that there is a tool already that checks the project's compliance for REUSE. pkgs.reuse is also available in nixpkgs. Although, manually running reuse lint for Ghaf project indicates a large number of issues, which we should resolve first if we would start using pkgs.reuse instead of the scripts in this PR.
Maybe we'll start with @mikatammi's scritps and possibly gradually move to reuse lint compliance later?
For reference, issues currently reported by reuse lint:
ghaf$ nix-shell -p reuse --run "reuse lint"
reuse.project - WARNING - Could not resolve SPDX License Identifier of LICENSES/LICENSE.Apache-2.0, resolving to LICENSE.Apache-2. Make sure the license is in the license list found at <https://spdx.org/licenses/> or that it starts with 'LicenseRef-', and that it has a file extension.
reuse.project - WARNING - Could not resolve SPDX License Identifier of LICENSES/LICENSE.CC-BY-SA-4.0, resolving to LICENSE.CC-BY-SA-4. Make sure the license is in the license list found at <https://spdx.org/licenses/> or that it starts with 'LicenseRef-', and that it has a file extension.
reuse._util - ERROR - Could not parse 'Apache-2.0" && exit 1)'
reuse.project - ERROR - 'scripts/spdx_nix_checker/check_file' holds an SPDX expression that cannot be parsed, skipping the file
# BAD LICENSES
'LICENSE.Apache-2' found in:
* LICENSES/LICENSE.Apache-2.0
'LICENSE.CC-BY-SA-4' found in:
* LICENSES/LICENSE.CC-BY-SA-4.0
# MISSING LICENSES
'Apache-2.0' found in:
* CONTRIBUTING.md
* README.md
* docs/doc.nix
* flake.nix
* hydrajobs.nix
* microvmConfigurations/netvm/default.nix
* modules/development/authentication.nix
* modules/development/intel-nuc-getty.nix
* modules/development/nix.nix
* modules/development/packages.nix
* modules/development/ssh.nix
* modules/graphics/weston.nix
* modules/hardware/nvidia-jetson-orin.nix
* modules/host/default.nix
* modules/host/microvm.nix
* modules/host/networking.nix
* targets/common-debug.nix
* targets/common-release.nix
* targets/common.nix
* targets/default.nix
* targets/intel-nuc.nix
* targets/nvidia-jetson-orin-flash-script.nix
* targets/nvidia-jetson-orin.nix
* targets/vm.nix
'CC-BY-SA-4.0' found in:
* CONTRIBUTING.md
* README.md
* docs/README.md
* docs/src/appendices/contributing_general.md
* docs/src/appendices/glossary.md
* docs/src/architecture/adr/minimal-host.md
* docs/src/architecture/adr.md
* docs/src/architecture/architecture.md
* docs/src/build_config/build_configurations.md
* docs/src/build_config/cross_compilation.md
* docs/src/build_config/passthrough/nvidia_agx_pt_uart.md
* docs/src/build_config/passthrough/passthrough.md
* docs/src/build_config/reference_implementations.md
* docs/src/index.md
* docs/src/research/passthrough/ethernet.md
* docs/src/research/research.md
* docs/src/scs/basics.md
* docs/src/scs/patching-automation.md
* docs/src/scs/pki.md
* docs/src/scs/sbom.md
* docs/src/scs/scs.md
* docs/src/scs/slsa-framework.md
* docs/src/technologies/technologies.md
# UNUSED LICENSES
The following licenses are not used:
* LICENSE.Apache-2
* LICENSE.CC-BY-SA-4
# MISSING COPYRIGHT AND LICENSING INFORMATION
The following files have no copyright and licensing information:
* .git-blame-ignore-revs
* .github/workflows/doc.yml
* .gitignore
* docs/book.toml
* docs/src/SUMMARY.md
* docs/src/architecture/adr/template.md
* docs/src/img/autopatching.drawio.png
* docs/src/img/ca_implementation.drawio.png
* docs/src/img/overview.png
* docs/src/img/threat_processing.drawio.png
* docs/src/img/threat_processing_1serv.drawio.png
* docs/src/img/threat_processing_2serv.drawio.png
* docs/src/research/passthrough/imx8qm-mek_conn-guest.dts
* docs/src/research/passthrough/imx8qm-mek_conn-host.dts
* docs/style_guide.md
* flake.lock
* scripts/spdx_nix_checker/check_file
The following files have no licensing information:
* .github/workflows/fmt-check.yml
* scripts/spdx_nix_checker/check_all
# SUMMARY
* Bad licenses: LICENSE.Apache-2, LICENSE.CC-BY-SA-4
* Deprecated licenses:
* Licenses without file extension:
* Missing licenses: Apache-2.0, CC-BY-SA-4.0
* Unused licenses: LICENSE.Apache-2, LICENSE.CC-BY-SA-4
* Used licenses: Apache-2.0, CC-BY-SA-4.0
* Read errors: 0
* Files with copyright information: 47 / 64
* Files with license information: 45 / 64
Unfortunately, your project is not compliant with version 3.0 of the REUSE Specification :-(
@jenninikko please let me know if you need help with reuse lint but let’s fix the debt of issues and then enable automated checks for PRs as @henrirosten proposed. That will provide extended coverage of automated checks over @mikatammi ’s gha PR for simple license check
This is definitely better than no check at all, but notice that there is a tool already that checks the project's compliance for REUSE.
pkgs.reuse
is also available in nixpkgs. Although, manually runningreuse lint
for Ghaf project indicates a large number of issues, which we should resolve first if we would start usingpkgs.reuse
instead of the scripts in this PR.Maybe we'll start with @mikatammi's scritps and possibly gradually move to
reuse lint
compliance later?For reference, issues currently reported by
reuse lint
:Originally posted by @henrirosten in #79 (comment)
The text was updated successfully, but these errors were encountered: