feat(ScanCodeResultParser): Warn about unsupported versions

While parsing newer output format versions might not throw exceptions, results may be incomplete (see #6617 for the context). Avoid confusion by warning in that case. Signed-off-by: Sebastian Schuberth <sschuberth@gmail.com>
oss-review-toolkit · Mar 6, 2023 · f8a3567 · f8a3567
1 parent 56400c1
commit f8a3567
Show file tree

Hide file tree

Showing 2 changed files with 63 additions and 1 deletion.
diff --git a/scanner/src/main/kotlin/scanners/scancode/ScanCodeResultParser.kt b/scanner/src/main/kotlin/scanners/scancode/ScanCodeResultParser.kt
@@ -33,7 +33,9 @@ import org.ossreviewtoolkit.model.Issue
 import org.ossreviewtoolkit.model.LicenseFinding
 import org.ossreviewtoolkit.model.ScanSummary
 import org.ossreviewtoolkit.model.ScannerDetails
+import org.ossreviewtoolkit.model.Severity
 import org.ossreviewtoolkit.model.TextLocation
+import org.ossreviewtoolkit.model.createAndLogIssue
 import org.ossreviewtoolkit.model.utils.associateLicensesWithExceptions
 import org.ossreviewtoolkit.utils.common.textValueOrEmpty
 import org.ossreviewtoolkit.utils.spdx.SpdxConstants.LICENSE_REF_PREFIX
@@ -42,6 +44,8 @@ import org.ossreviewtoolkit.utils.spdx.toSpdxId
 
 import org.semver4j.Semver
 
+const val MAX_SUPPORTED_OUTPUT_FORMAT_VERSION = "2.0.0"
+
 internal val SCANCODE_TIMESTAMP_FORMATTER: DateTimeFormatter =
     DateTimeFormatter.ofPattern("yyyy-MM-dd'T'HHmmss.n").withZone(ZoneId.of("UTC"))
 
@@ -101,6 +105,17 @@ internal fun generateSummary(
 ): ScanSummary {
     val header = result["headers"].single()
 
+    val issues = mutableListOf<Issue>()
+    val outputFormatVersion = header["output_format_version"]?.textValue()?.let { Semver(it) }
+    if (outputFormatVersion != null && outputFormatVersion > Semver(MAX_SUPPORTED_OUTPUT_FORMAT_VERSION)) {
+        issues += ScanCode.createAndLogIssue(
+            source = ScanCode.SCANNER_NAME,
+            message = "The output format version $outputFormatVersion exceeds the supported version " +
+                    "$MAX_SUPPORTED_OUTPUT_FORMAT_VERSION. Results may be incomplete or incorrect.",
+            severity = Severity.WARNING
+        )
+    }
+
     val startTimestamp = header["start_timestamp"].textValue()
     val endTimestamp = header["end_timestamp"].textValue()
 
@@ -113,7 +128,7 @@ internal fun generateSummary(
         packageVerificationCode = verificationCode,
         licenseFindings = getLicenseFindings(result, detectedLicenseMapping, parseExpressions).toSortedSet(),
         copyrightFindings = getCopyrightFindings(result).toSortedSet(),
-        issues = getIssues(result)
+        issues = issues + getIssues(result)
     )
 }
 

diff --git a/scanner/src/test/kotlin/scanners/scancode/ScanCodeResultParserTest.kt b/scanner/src/test/kotlin/scanners/scancode/ScanCodeResultParserTest.kt
@@ -28,16 +28,21 @@ import io.kotest.matchers.Matcher
 import io.kotest.matchers.collections.beEmpty
 import io.kotest.matchers.collections.containExactlyInAnyOrder
 import io.kotest.matchers.collections.shouldBeIn
+import io.kotest.matchers.collections.shouldHaveSingleElement
 import io.kotest.matchers.file.beRelative
 import io.kotest.matchers.should
 import io.kotest.matchers.shouldBe
 import io.kotest.matchers.string.shouldContain
 
 import java.io.File
+import java.time.Instant
 
+import org.ossreviewtoolkit.model.Issue
 import org.ossreviewtoolkit.model.LicenseFinding
 import org.ossreviewtoolkit.model.ScanSummary
+import org.ossreviewtoolkit.model.Severity
 import org.ossreviewtoolkit.model.TextLocation
+import org.ossreviewtoolkit.model.jsonMapper
 import org.ossreviewtoolkit.model.readTree
 import org.ossreviewtoolkit.utils.spdx.SpdxConstants
 import org.ossreviewtoolkit.utils.test.transformingCollectionMatcher
@@ -211,6 +216,48 @@ class ScanCodeResultParserTest : FreeSpec({
                 )
             }
         }
+
+        "for output format 3.0.0 should" - {
+            "create an issue about an unsupported version" {
+                val headers = """
+                    {
+                      "headers": [
+                        {
+                          "tool_name": "scancode-toolkit",
+                          "tool_version": "some future version",
+                          "options": {
+                            "input": [
+                              "."
+                            ],
+                            "--copyright": true,
+                            "--info": true,
+                            "--json-pp": "scancode.json",
+                            "--license": true,
+                            "--processes": "3",
+                            "--strip-root": true,
+                            "--timeout": "300.0"
+                          },
+                          "start_timestamp": "2022-12-12T065635.691832",
+                          "end_timestamp": "2022-12-12T065637.770792",
+                          "output_format_version": "3.0.0"
+                        }
+                      ]
+                    }
+                """.trimIndent()
+
+                val result = jsonMapper.readTree(headers)
+
+                val summary = generateSummary(SpdxConstants.NONE, result)
+
+                summary.issues.map { it.copy(timestamp = Instant.EPOCH) } shouldHaveSingleElement Issue(
+                    timestamp = Instant.EPOCH,
+                    source = ScanCode.SCANNER_NAME,
+                    message = "The output format version 3.0.0 exceeds the supported version 2.0.0. Results may be " +
+                            "incomplete or incorrect.",
+                    severity = Severity.WARNING
+                )
+            }
+        }
     }
 
     "generateDetails()" - {