summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCarlo Landmeter <clandmeter@alpinelinux.org>2018-01-02 10:26:51 +0000
committerCarlo Landmeter <clandmeter@alpinelinux.org>2018-04-11 14:07:36 +0000
commite6ce1f11514d2d00e051e59b82fd15bd0992763e (patch)
tree96fca95325a88d911a77503a409e01e013f95d34
parent4501a6cc5eb5542c5172ae391ae54377b440e1bf (diff)
downloadabuild-e6ce1f11514d2d00e051e59b82fd15bd0992763e.tar.gz
abuild-e6ce1f11514d2d00e051e59b82fd15bd0992763e.tar.bz2
abuild-e6ce1f11514d2d00e051e59b82fd15bd0992763e.tar.xz
abuild-e6ce1f11514d2d00e051e59b82fd15bd0992763e.zip
abuild: check license for valid SPDX license identifiers
licenses will be checked against the license.lst file provided by the spdx-licenses-list package when installed except when explicitly disabled by the !spdx options flag.
-rw-r--r--abuild.in16
1 files changed, 16 insertions, 0 deletions
diff --git a/abuild.in b/abuild.in
index 16c4bee..e3a6f20 100644
--- a/abuild.in
+++ b/abuild.in
@@ -233,6 +233,7 @@ default_sanitycheck() {
[ -n "$checkdepend" ] && spell_error checkdepend checkdepends
check_maintainer || die "Provide a valid RFC822 maintainer address"
+ check_license || warning "Please use valid SPDX license identifiers found at: https://spdx.org/licenses"
check_depends_dev || warning "depends_dev found but no development subpackage found"
check_secfixes_comment || return 1
@@ -837,6 +838,21 @@ check_maintainer() {
fi
}
+check_license() {
+ local ret=0
+ local license_list=/usr/share/spdx/license.lst
+ if options_has "!spdx" || ! [ -f "$license_list" ]; then
+ return 0
+ fi
+ local i; for i in $license; do
+ if ! grep -q -w -F "$i" "$license_list"; then
+ ret=1
+ warning "\"$i\" is not a known license"
+ fi
+ done
+ return $ret
+}
+
check_secfixes_comment() {
local c=$(sed -E -n -e '/^# secfixes:/,/(^[^#]|^$)/p' $APKBUILD | grep '^#')
local invalid=$(echo "$c" \