diff options
| author | Karen Arutyunov <karen@codesynthesis.com> | 2020-07-02 17:06:24 +0300 |
|---|---|---|
| committer | Karen Arutyunov <karen@codesynthesis.com> | 2020-07-02 19:38:37 +0300 |
| commit | 594a3bc993cd1d0df054ccc1ff06f5c047827fe6 (patch) | |
| tree | ab57f26a2048df35d84b8b0f1a631f36de98323f | |
| parent | 2791fa36fb6a3688461ca6c5a07d003fba711ddc (diff) | |
Verify that package license has no scheme or 'other' scheme
| -rw-r--r-- | libbpkg/manifest.cxx | 18 | ||||
| -rw-r--r-- | tests/manifest/testscript | 43 |
2 files changed, 61 insertions, 0 deletions
diff --git a/libbpkg/manifest.cxx b/libbpkg/manifest.cxx index 4a104f4..3df1726 100644 --- a/libbpkg/manifest.cxx +++ b/libbpkg/manifest.cxx @@ -2006,7 +2006,25 @@ namespace bpkg list_parser lp (vc.first.begin (), vc.first.end ()); for (string lv (lp.next ()); !lv.empty (); lv = lp.next ()) + { + // Reserve the license schemes for the future use and only recognize + // the 'other' scheme for now, if specified. By default, the 'spdx' + // scheme is implied. + // + // Note that if the substring that precedes ':' contains the + // 'DocumentRef-' substring, then this is not a license scheme but + // the license is a SPDX License Expression (see SPDX user defined + // license reference for details). + // + size_t p (lv.find (':')); + + if (p != string::npos && + lv.find ("DocumentRef-") > p && + lv.compare (0, p, "other") != 0) + bad_value ("invalid package license scheme"); + l.push_back (move (lv)); + } if (l.empty ()) bad_value ("empty package license specification"); diff --git a/tests/manifest/testscript b/tests/manifest/testscript index a271a74..3d6b060 100644 --- a/tests/manifest/testscript +++ b/tests/manifest/testscript @@ -102,6 +102,49 @@ EOE } + : license + : + { + : no-scheme + : + $* <<EOF >>EOF + : 1 + name: libfoo + version: 2.0.0 + summary: Modern C++ parser + license: MIT + EOF + + : other-scheme + : + $* <<EOF >>EOF + : 1 + name: libfoo + version: 2.0.0 + summary: Modern C++ parser + license: other:proprietary + EOF + + : user-defined + : + $* <<EOF >>EOF + : 1 + name: libfoo + version: 2.0.0 + summary: Modern C++ parser + license: DocumentRef-spdx-tool-1.2:LicenseRef-MIT-Style-2; MIT-alike + EOF + + : invalid-scheme + : + $* <<EOI 2>>EOE != 0 + : 1 + license: custom:proprietary + EOI + stdin:2:10: error: invalid package license scheme + EOE + } + : topics : { |