Skip license matches which do not belong to the current file. (#291)

* Skip license matches which do not belong to the current file. * Update release notes.
devonfw · Dec 2, 2024 · 1c6e286 · 1c6e286
1 parent 0724414
commit 1c6e286
Show file tree

Hide file tree

Showing 2 changed files with 66 additions and 55 deletions.
diff --git a/...onfw/tools/solicitor/componentinfo/scancode/FilteredScancodeV32ComponentInfoProvider.java b/...onfw/tools/solicitor/componentinfo/scancode/FilteredScancodeV32ComponentInfoProvider.java
@@ -254,64 +254,74 @@ private ScancodeComponentInfo mapScancodeJson(String packageUrl, JsonNode scanco
         for (JsonNode ma : ld.get("matches")) {
 
           String licenseExpression = ma.get("spdx_license_expression").asText();
-          String[] spdxIds = spdxIdsFromExpression(licenseExpression);
-          for (String spdxId : spdxIds) {
-            LicenseCuration.NewLicenseData effective = getEffectiveLicenseInfoWithCuration(path, ma, spdxId,
-                licenseCurations);
-            if (effective == null) {
-              // license finding to be REMOVED via finding
-              // this is a curation operation, so set the status
-              componentScancodeInfos.setDataStatus(DataStatusValue.CURATED);
-              continue;
-            }
-            if (effective.license != null || effective.url != null) {
-              // license or url are altered due to curation, so set the status
-              componentScancodeInfos.setDataStatus(DataStatusValue.CURATED);
-            }
-            String licenseName = effective.license != null ? effective.license : spdxId;
-            String effectiveLicenseName = spdxIdMap.get(licenseName);
-            if (effectiveLicenseName == null) {
-              // not contained in map --> this must be the Classpath-exception-2.0
-              continue;
-            } else {
-              licenseName = effectiveLicenseName;
-            }
-            // get the default license Url
-            String licenseDefaultUrl = null;
-            JsonNode licenseReference = licenseReferencesMap.get(spdxId);
-            if (licenseReference != null) {
-              licenseDefaultUrl = licenseReference.get("scancode_url").asText();
-            }
-            if (effective.url != null) {
-              licenseDefaultUrl = effective.url;
-            }
-            licenseDefaultUrl = normalizeLicenseUrl(packageUrl, licenseDefaultUrl);
-            double score = ma.get("score").asDouble();
-            String licenseUrl = path;
-            int startLine = ma.get("start_line").asInt();
-            int endLine = ma.get("end_line").asInt();
-            if (!takeCompleteFile) {
-              licenseUrl += "#L" + startLine;
-              if (endLine != startLine) {
-                licenseUrl += "-L" + endLine;
+          String currentMatchPath = ma.get("from_file").asText();
+          if (!path.equals(currentMatchPath)) {
+            // the matches array might list matches which do not belong to the current path.
+            // We skip those items. Probably those matches are referenced files.
+            LOG.debug(
+                "The license expression match for '{}' in file '{}' "
+                    + "does not belong to the current path '{}' and will be ignored",
+                licenseExpression, currentMatchPath, path);
+          } else {
+            String[] spdxIds = spdxIdsFromExpression(licenseExpression);
+            for (String spdxId : spdxIds) {
+              LicenseCuration.NewLicenseData effective = getEffectiveLicenseInfoWithCuration(path, ma, spdxId,
+                  licenseCurations);
+              if (effective == null) {
+                // license finding to be REMOVED via finding
+                // this is a curation operation, so set the status
+                componentScancodeInfos.setDataStatus(DataStatusValue.CURATED);
+                continue;
+              }
+              if (effective.license != null || effective.url != null) {
+                // license or url are altered due to curation, so set the status
+                componentScancodeInfos.setDataStatus(DataStatusValue.CURATED);
+              }
+              String licenseName = effective.license != null ? effective.license : spdxId;
+              String effectiveLicenseName = spdxIdMap.get(licenseName);
+              if (effectiveLicenseName == null) {
+                // not contained in map --> this must be the Classpath-exception-2.0
+                continue;
+              } else {
+                licenseName = effectiveLicenseName;
+              }
+              // get the default license Url
+              String licenseDefaultUrl = null;
+              JsonNode licenseReference = licenseReferencesMap.get(spdxId);
+              if (licenseReference != null) {
+                licenseDefaultUrl = licenseReference.get("scancode_url").asText();
+              }
+              if (effective.url != null) {
+                licenseDefaultUrl = effective.url;
+              }
+              licenseDefaultUrl = normalizeLicenseUrl(packageUrl, licenseDefaultUrl);
+              double score = ma.get("score").asDouble();
+              String licenseUrl = path;
+              int startLine = ma.get("start_line").asInt();
+              int endLine = ma.get("end_line").asInt();
+              if (!takeCompleteFile) {
+                licenseUrl += "#L" + startLine;
+                if (endLine != startLine) {
+                  licenseUrl += "-L" + endLine;
+                }
+              }
+              if (effective.url != null) {
+                // curation redefined the license URL
+                licenseUrl = effective.url;
+                // enforce that the filescore always exceeds the threshold
+                startLine = 0;
+                endLine = Integer.MAX_VALUE;
               }
-            }
-            if (effective.url != null) {
-              // curation redefined the license URL
-              licenseUrl = effective.url;
-              // enforce that the filescore always exceeds the threshold
-              startLine = 0;
-              endLine = Integer.MAX_VALUE;
-            }
 
-            licenseUrl = normalizeLicenseUrl(packageUrl, licenseUrl);
-            String givenLicenseText = null;
-            if (licenseUrl != null) {
-              givenLicenseText = this.fileScancodeRawComponentInfoProvider.retrieveContent(packageUrl, licenseUrl);
-            }
+              licenseUrl = normalizeLicenseUrl(packageUrl, licenseUrl);
+              String givenLicenseText = null;
+              if (licenseUrl != null) {
+                givenLicenseText = this.fileScancodeRawComponentInfoProvider.retrieveContent(packageUrl, licenseUrl);
+              }
 
-            scancodeComponentInfoData.addLicense(licenseName, licenseName, licenseDefaultUrl, score, licenseUrl,
-                givenLicenseText, endLine - startLine);
+              scancodeComponentInfoData.addLicense(licenseName, licenseName, licenseDefaultUrl, score, licenseUrl,
+                  givenLicenseText, endLine - startLine);
+            }
           }
         }
 

diff --git a/documentation/master-solicitor.asciidoc b/documentation/master-solicitor.asciidoc
@@ -2152,6 +2152,7 @@ Spring beans implementing this interface will be called at certain points in the
 [appendix]
 == Release Notes
 Changes in 1.29.0::
+* https://github.com/devonfw/solicitor/pull/291: Fixed a bug in the processing of ScanCode V32 files.
 * https://github.com/devonfw/solicitor/pull/290: Fixed an incorrect documentation of a rule in the user guide.
 
 Changes in 1.28.0::