From 9104bad82004d908e1fe66a425f8ca78f975045d Mon Sep 17 00:00:00 2001 From: Max Mehl Date: Fri, 5 Jul 2024 14:09:32 +0200 Subject: [PATCH] reuse: switch to REUSE 3.2 and REUSE.toml - remove scripts/copyright.pl Closes #14107 --- .reuse/dep5 | 89 ----------------- REUSE.toml | 53 ++++++++++ docs/CONTRIBUTE.md | 4 +- scripts/copyright.pl | 233 ------------------------------------------- 4 files changed, 55 insertions(+), 324 deletions(-) delete mode 100644 .reuse/dep5 create mode 100644 REUSE.toml delete mode 100755 scripts/copyright.pl diff --git a/.reuse/dep5 b/.reuse/dep5 deleted file mode 100644 index 0715ee38e..000000000 --- a/.reuse/dep5 +++ /dev/null @@ -1,89 +0,0 @@ -Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ -Upstream-Name: curl -Upstream-Contact: Daniel Stenberg -Source: https://curl.se - -# Tests -Files: tests/data/test* tests/certs/* tests/stunnel.pem tests/valgrind.supp -Copyright: Daniel Stenberg, , et al. -License: curl - -# Docs in docs/ -Files: docs/FAQ docs/INSTALL docs/KNOWN_BUGS docs/MAIL-ETIQUETTE docs/THANKS docs/TODO docs/libcurl/symbols-in-versions docs/options-in-versions -Copyright: Daniel Stenberg, , et al. -License: curl - -# Windows -Files: projects/Windows/* -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: libcurl.def -Copyright: Daniel Stenberg, , et al. -License: curl - -# Single files we do not want to edit directly -Files: CHANGES -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: GIT-INFO.md -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: RELEASE-NOTES -Copyright: Daniel Stenberg, , et al. -License: curl - -# checksrc control files -Files: lib/.checksrc src/.checksrc docs/examples/.checksrc tests/libtest/.checksrc -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: lib/libcurl.vers.in -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: packages/OS400/README.OS400 -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: packages/vms/build_vms.com -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: packages/vms/curl_release_note_start.txt -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: packages/vms/curlmsg.sdl -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: packages/vms/macro32_exactcase.patch -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: packages/vms/readme -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: plan9/README -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: projects/wolfssl_override.props -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: README -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: renovate.json -Copyright: Daniel Stenberg, , et al. -License: curl - -Files: .mailmap -Copyright: Daniel Stenberg, , et al. -License: curl diff --git a/REUSE.toml b/REUSE.toml new file mode 100644 index 000000000..a3c5a3284 --- /dev/null +++ b/REUSE.toml @@ -0,0 +1,53 @@ +# SPDX-License-Identifier: curl +# SPDX-FileCopyrightText: Daniel Stenberg, , et al. + +# This file describes the licensing and copyright situation for files that +# cannot be annotated directly, for example because of being simply +# uncommentable. Unless this is the case, a file should be annotated directly. +# +# This follows the REUSE specification: https://reuse.software/spec-3.2/#reusetoml + +version = 1 +SPDX-PackageName = "curl" +SPDX-PackageDownloadLocation = "https://curl.se/" + +[[annotations]] +path = [ + ".mailmap", + "CHANGES", + "docs/FAQ", + "docs/INSTALL", + "docs/KNOWN_BUGS", + "docs/libcurl/symbols-in-versions", + "docs/MAIL-ETIQUETTE", + "docs/options-in-versions", + "docs/THANKS", + "docs/TODO", + "GIT-INFO.md", + "lib/libcurl.vers.in", + "libcurl.def", + "packages/OS400/README.OS400", + "packages/vms/build_vms.com", + "packages/vms/curl_release_note_start.txt", + "packages/vms/curlmsg.sdl", + "packages/vms/macro32_exactcase.patch", + "packages/vms/readme", + "plan9/README", + "projects/Windows/**", "projects/wolfssl_override.props", + "README", + "RELEASE-NOTES", + "renovate.json", + "tests/certs/**", + "tests/data/test**", + "tests/stunnel.pem", + "tests/valgrind.supp", + # checksrc control files + "docs/examples/.checksrc", + "lib/.checksrc", + "src/.checksrc", + "tests/libtest/.checksrc", +] +SPDX-FileCopyrightText = "Daniel Stenberg, , et al." +SPDX-License-Identifier = "curl" +# If there is licensing/copyright information in or next to these files, perfer that +precedence = "closest" diff --git a/docs/CONTRIBUTE.md b/docs/CONTRIBUTE.md index bffcd5a94..156ea0bef 100644 --- a/docs/CONTRIBUTE.md +++ b/docs/CONTRIBUTE.md @@ -316,8 +316,8 @@ fine. This means that all files need to have their license and copyright information clearly stated. Ideally by having the standard curl source code header, with the SPDX-License-Identifier included. If the header does not work, you can use a -smaller header or add the information for a specific file to the `.reuse/dep5` +smaller header or add the information for a specific file to the `REUSE.toml` file. You can manually verify the copyright and compliance status by running the -`./scripts/copyright.pl` script in the root of the git repository. +[REUSE helper tool](https://github.com/fsfe/reuse-tool): `reuse lint` diff --git a/scripts/copyright.pl b/scripts/copyright.pl deleted file mode 100755 index 376f023e7..000000000 --- a/scripts/copyright.pl +++ /dev/null @@ -1,233 +0,0 @@ -#!/usr/bin/env perl -#*************************************************************************** -# _ _ ____ _ -# Project ___| | | | _ \| | -# / __| | | | |_) | | -# | (__| |_| | _ <| |___ -# \___|\___/|_| \_\_____| -# -# Copyright (C) Daniel Stenberg, , et al. -# -# This software is licensed as described in the file COPYING, which -# you should have received as part of this distribution. The terms -# are also available at https://curl.se/docs/copyright.html. -# -# You may opt to use, copy, modify, merge, publish, distribute and/or sell -# copies of the Software, and permit persons to whom the Software is -# furnished to do so, under the terms of the COPYING file. -# -# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY -# KIND, either express or implied. -# -# SPDX-License-Identifier: curl -# -########################################################################### -# -# Invoke script in the root of the git checkout. Scans all files in git unless -# given a specific single file. -# -# Usage: copyright.pl [file] -# - -my %skips; - -# file names -my %skiplist = ( - # REUSE-specific file - ".reuse/dep5" => "", - - # License texts - "LICENSES/BSD-3-Clause.txt" => "", - "LICENSES/BSD-4-Clause-UC.txt" => "", - "LICENSES/ISC.txt" => "", - "LICENSES/curl.txt" => "", - "COPYING" => "", - - ); - -sub scanfile { - my ($f) = @_; - my $line=1; - my $found = 0; - open(F, "<$f") || return -1; - while () { - chomp; - my $l = $_; - # check for a copyright statement and save the years - if($l =~ /.* ?copyright .* (\d\d\d\d|)/i) { - my $count = 0; - while($l =~ /([\d]{4})/g) { - push @copyright, { - year => $1, - line => $line, - col => index($l, $1), - code => $l - }; - $count++; - } - if(!$count) { - # year-less - push @copyright, { - year => -1, - line => $line, - col => index($l, $1), - code => $l - }; - $count++; - } - $found = $count; - } - if($l =~ /SPDX-License-Identifier:/) { - $spdx = 1; - } - # allow within the first 100 lines - if(++$line > 100) { - last; - } - } - close(F); - return $found; -} - -sub checkfile { - my ($file, $skipped, $pattern) = @_; - $spdx = 0; - my $found = scanfile($file); - - if($found < 1) { - if($skipped) { - # just move on - $skips{$pattern}++; - return 0; - } - if(!$found) { - print "$file:1: missing copyright range\n"; - return 2; - } - # this means the file couldn't open - it might not exist, consider - # that fine - return 1; - } - if(!$spdx) { - if($skipped) { - # move on - $skips{$pattern}++; - return 0; - } - print "$file:1: missing SPDX-License-Identifier\n"; - return 2; - } - - if($skipped) { - print "$file:1: ignored superfluously by $pattern\n" if($verbose); - $superf{$pattern}++; - } - - return 1; -} - -sub dep5 { - my ($file) = @_; - my @files; - my $copy; - open(F, "<$file") || die "can't open $file"; - my $line = 0; - while() { - $line++; - if(/^Files: (.*)/i) { - my @all = `git ls-files $1`; - if(!$all[0]) { - print STDERR "$1 matches no files\n"; - } - else { - push @files, @all; - } - } - elsif(/^Copyright: (.*)/i) { - $copy = $1; - } - elsif(/^License: (.*)/i) { - my $license = $1; - for my $f (@files) { - chomp $f; - if($f =~ /\.gitignore\z/) { - # ignore .gitignore - } - else { - if($skiplist{$f}) { - print STDERR "$f already skipped at $skiplist{$f}\n"; - } - $skiplist{$f} = "dep5:$line"; - } - } - undef @files; - } - } - close(F); -} - -dep5(".reuse/dep5"); - -my $checkall = 0; -my @all; -my $verbose; -if($ARGV[0] eq "-v") { - $verbose = 1; - shift @ARGV; -} -if($ARGV[0]) { - push @all, @ARGV; -} -else { - @all = `git ls-files`; - $checkall = 1; -} - -for my $f (@all) { - chomp $f; - my $skipped = 0; - my $miss; - my $wro; - my $pattern; - if($skiplist{$f}) { - $pattern = $skip; - $skiplisted++; - $skipped = 1; - $skip{$f}++; - } - - my $r = checkfile($f, $skipped, $pattern); - $mis=1 if($r == 2); - $wro=1 if(!$r); - - if(!$skipped) { - $missing += $mis; - $wrong += $wro; - } -} - -if($verbose) { - print STDERR "$missing files have no copyright\n" if($missing); - print STDERR "$wrong files have wrong copyright year\n" if ($wrong); - print STDERR "$skiplisted files are skipped\n" if ($skiplisted); - - for my $s (@skiplist) { - if(!$skips{$s}) { - printf ("Never skipped pattern: %s\n", $s); - } - if($superf{$s}) { - printf ("%s was skipped superfluously %u times and legitimately %u times\n", - $s, $superf{$s}, $skips{$s}); - } - } -} - -if($checkall) { - for(keys %skiplist) { - if(!$skip{$_}) { - printf STDERR "$_ is marked for SKIP but is missing!\n"; - } - } -} - -exit 1 if($missing || $wrong);