abuild: check license for valid SPDX license identifiers

licenses will be checked against the license.lst file provided by
the spdx-licenses-list package when installed except when explicitly
disabled by the !spdx options flag.
This commit is contained in:
Carlo Landmeter 2018-01-02 10:26:51 +00:00
parent 4501a6cc5e
commit e6ce1f1151

View File

@ -233,6 +233,7 @@ default_sanitycheck() {
[ -n "$checkdepend" ] && spell_error checkdepend checkdepends
check_maintainer || die "Provide a valid RFC822 maintainer address"
check_license || warning "Please use valid SPDX license identifiers found at: https://spdx.org/licenses"
check_depends_dev || warning "depends_dev found but no development subpackage found"
check_secfixes_comment || return 1
@ -837,6 +838,21 @@ check_maintainer() {
fi
}
check_license() {
local ret=0
local license_list=/usr/share/spdx/license.lst
if options_has "!spdx" || ! [ -f "$license_list" ]; then
return 0
fi
local i; for i in $license; do
if ! grep -q -w -F "$i" "$license_list"; then
ret=1
warning "\"$i\" is not a known license"
fi
done
return $ret
}
check_secfixes_comment() {
local c=$(sed -E -n -e '/^# secfixes:/,/(^[^#]|^$)/p' $APKBUILD | grep '^#')
local invalid=$(echo "$c" \