Commit 2ec2d27b authored by thc's avatar thc

initial upload

parent e3662360
\ No newline at end of file
# licensechecker
wrapper for the oss-review-tool. becomes a fire and forget application
\ No newline at end of file
### Desciption ###
Uses the [OSR]( to check for inherent licenses in a given project. Compares them to a given target license that you want so put on the given project.
### Requirements ###
From [OSR](
In addition to Java (version >= 8), for some of the supported package managers and Version Control Systems additional
tools need to be installed. In the context of this tutorial the following tools are required:
* Git (any recent version will do)
* [Node.js]( 8.*
* [NPM]( 5.5.* - 6.4.*
* [Yarn]( 1.9.* - 1.17.*
### Running ###
run will use the oss review toolkit by heremaps
it expects the docker daemon running
make sure to se the env variables to a place outside the project
// Use this rule like:
// $ ort evaluate -i scanner/src/funTest/assets/file-counter-expected-output-for-analyzer-result.yml --rules-resource /rules/no_gpl_declared.kts
// Define a custom rule matcher.
fun PackageRule.LicenseRule.isGpl() =
object : RuleMatcher {
override val description = "isGpl($license)"
override fun matches() = license.contains("GPL")
// Define the rule set.
val ruleSet = ruleSet(ortResult) {
// Define a rule that is executed for each package.
packageRule("NO_GPL") {
// Define a rule that is executed for each license of the package.
licenseRule("NO_GPL", LicenseView.All) {
require {
"The package '${}' has the ${} license '$license'.",
"Remove the dependency on this package."
// Populate the list of errors to return.
ruleViolations += ruleSet.violations
\ No newline at end of file
#!/usr/bin/env bash
# change to path of this script
cd $( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )
# path were ort is downloaded to
# path back to this files folder relative from $ORT
PROJECT=$(readlink -f "$1")
# license to check against
if ! [ -d "$PROJECT" ]; then
echo "Error: project directory not found"
exit 1
if ! [ -f rulesets/"$TARGETLICENSE".kts ]; then
echo "Error: targeted license not found"
echo "available licenses:"
for file in rulesets/*.kts; do
echo "$(basename "$file")" | cut -f 1 -d '.'
exit 1
## clear ort dir if not empty
rm -rf "$ORT"
## download ort
git clone --recurse-submodules $ORT
## copy own rulesets
cp rulesets/"$TARGETLICENSE".kts "$ORT"/evaluator/src/main/resources/rules
## build ort docker version
cd $ORT
## run analyzer
docker/ "-v $PROJECT:/project" --info analyze --allow-dynamic-versions -i /project -o /project/meta/inherent_licenses/ort/analyzer
## run scanner
docker/ "-v $PROJECT:/project" --info scan --scopes devDependencies -a /project/meta/inherent_licenses/ort/analyzer/analyzer-result.yml -o /project/meta/inherent_licenses/ort/scanner
## run evaluator
docker/ "-v $PROJECT:/project" --info evaluate --rules-resource rules/"$TARGETLICENSE".kts -i /project/meta/inherent_licenses/ort/scanner/scan-result.yml -o /project/meta/inherent_licenses/ort/evaluator
## run reporter
docker/ "-v $PROJECT:/project" --info report -f StaticHtml,Notice,Excel,WebApp -i /project/meta/inherent_licenses/ort/evaluator/evaluation-result.yml -o /project/meta/inherent_licenses/ort/reporter
## clean up tmp files from ort
mv -f "$PROJECT"/meta/inherent_licenses/ort/reporter/scan-report.html "$PROJECT"/meta/inherent_licenses/"$TARGETLICENSE"_compatibility_static.html
mv -f "$PROJECT"/meta/inherent_licenses/ort/reporter/scan-report-web-app.html "$PROJECT"/meta/inherent_licenses/"$TARGETLICENSE"_compatibility_app.html
mv -f "$PROJECT"/meta/inherent_licenses/ort/reporter/scan-report.xlsx "$PROJECT"/meta/inherent_licenses/"$TARGETLICENSE"_compatibility.xlsx
mv -f "$PROJECT"/meta/inherent_licenses/ort/reporter/NOTICE "$PROJECT"/meta/inherent_licenses/"$TARGETLICENSE"_compatibility.txt
rm -rf "$PROJECT"/meta/inherent_licenses/ort
##leave note
echo 'generated by' > "$PROJECT"/meta/inherent_licenses/readme
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment