Skip to content

Commit

Permalink
feat(ScanCodeResultParser): Warn about unsupported versions
Browse files Browse the repository at this point in the history
While parsing newer output format versions might not throw exceptions,
results may be incomplete (see [1] for the context). Avoid confusion by
warning in that case.

[1]: #6617

Signed-off-by: Sebastian Schuberth <sschuberth@gmail.com>
  • Loading branch information
sschuberth committed Mar 6, 2023
1 parent d2a6045 commit a7dd826
Show file tree
Hide file tree
Showing 2 changed files with 68 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,9 @@ import org.ossreviewtoolkit.model.Issue
import org.ossreviewtoolkit.model.LicenseFinding
import org.ossreviewtoolkit.model.ScanSummary
import org.ossreviewtoolkit.model.ScannerDetails
import org.ossreviewtoolkit.model.Severity
import org.ossreviewtoolkit.model.TextLocation
import org.ossreviewtoolkit.model.createAndLogIssue
import org.ossreviewtoolkit.model.utils.associateLicensesWithExceptions
import org.ossreviewtoolkit.utils.common.textValueOrEmpty
import org.ossreviewtoolkit.utils.spdx.SpdxConstants.LICENSE_REF_PREFIX
Expand All @@ -42,6 +44,8 @@ import org.ossreviewtoolkit.utils.spdx.toSpdxId

import org.semver4j.Semver

const val MAX_SUPPORTED_OUTPUT_FORMAT_MAJOR_VERSION = 2

internal val SCANCODE_TIMESTAMP_FORMATTER: DateTimeFormatter =
DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HHmmss.n").withZone(ZoneId.of("UTC"))

Expand Down Expand Up @@ -101,6 +105,22 @@ internal fun generateSummary(
): ScanSummary {
val header = result["headers"].single()

val issues = mutableListOf<Issue>()
val outputFormatVersion = header["output_format_version"]?.textValue()?.let { Semver(it) }
if (outputFormatVersion != null) {
val maxSupportedVersion = Semver.coerce(MAX_SUPPORTED_OUTPUT_FORMAT_MAJOR_VERSION.toString())
val diff = outputFormatVersion.diff(maxSupportedVersion)

if (outputFormatVersion > maxSupportedVersion && diff == Semver.VersionDiff.MAJOR) {
issues += ScanCode.createAndLogIssue(
source = ScanCode.SCANNER_NAME,
message = "The output format version $outputFormatVersion exceeds the supported major version " +
"$MAX_SUPPORTED_OUTPUT_FORMAT_MAJOR_VERSION. Results may be incomplete or incorrect.",
severity = Severity.WARNING
)
}
}

val startTimestamp = header["start_timestamp"].textValue()
val endTimestamp = header["end_timestamp"].textValue()

Expand All @@ -113,7 +133,7 @@ internal fun generateSummary(
packageVerificationCode = verificationCode,
licenseFindings = getLicenseFindings(result, detectedLicenseMapping, parseExpressions).toSortedSet(),
copyrightFindings = getCopyrightFindings(result).toSortedSet(),
issues = getIssues(result)
issues = issues + getIssues(result)
)
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,16 +28,21 @@ import io.kotest.matchers.Matcher
import io.kotest.matchers.collections.beEmpty
import io.kotest.matchers.collections.containExactlyInAnyOrder
import io.kotest.matchers.collections.shouldBeIn
import io.kotest.matchers.collections.shouldHaveSingleElement
import io.kotest.matchers.file.beRelative
import io.kotest.matchers.should
import io.kotest.matchers.shouldBe
import io.kotest.matchers.string.shouldContain

import java.io.File
import java.time.Instant

import org.ossreviewtoolkit.model.Issue
import org.ossreviewtoolkit.model.LicenseFinding
import org.ossreviewtoolkit.model.ScanSummary
import org.ossreviewtoolkit.model.Severity
import org.ossreviewtoolkit.model.TextLocation
import org.ossreviewtoolkit.model.jsonMapper
import org.ossreviewtoolkit.model.readTree
import org.ossreviewtoolkit.utils.spdx.SpdxConstants
import org.ossreviewtoolkit.utils.test.transformingCollectionMatcher
Expand Down Expand Up @@ -211,6 +216,48 @@ class ScanCodeResultParserTest : FreeSpec({
)
}
}

"for output format 3.0.0 should" - {
"create an issue about an unsupported version" {
val headers = """
{
"headers": [
{
"tool_name": "scancode-toolkit",
"tool_version": "some future version",
"options": {
"input": [
"."
],
"--copyright": true,
"--info": true,
"--json-pp": "scancode.json",
"--license": true,
"--processes": "3",
"--strip-root": true,
"--timeout": "300.0"
},
"start_timestamp": "2022-12-12T065635.691832",
"end_timestamp": "2022-12-12T065637.770792",
"output_format_version": "3.0.0"
}
]
}
""".trimIndent()

val result = jsonMapper.readTree(headers)

val summary = generateSummary(SpdxConstants.NONE, result)

summary.issues.map { it.copy(timestamp = Instant.EPOCH) } shouldHaveSingleElement Issue(
timestamp = Instant.EPOCH,
source = ScanCode.SCANNER_NAME,
message = "The output format version 3.0.0 exceeds the supported major version " +
"$MAX_SUPPORTED_OUTPUT_FORMAT_MAJOR_VERSION. Results may be incomplete or incorrect.",
severity = Severity.WARNING
)
}
}
}

"generateDetails()" - {
Expand Down

0 comments on commit a7dd826

Please sign in to comment.