Skip to content

Commit 75b63f9

Browse files
eclipse-apoapsis-botmnonnenmacher
eclipse-apoapsis-bot
authored and
mnonnenmacher
committed
deps!: update org.ossreviewtoolkit:version-catalog to v73
The `licenseSource` property of `RuleViolation` was replaced with a set of `licenseSources` in ORT [1], so adapt the server model accordingly. As this requires a breaking change to the API anyway, also take the chance and add `LicenseSource` enums to the backend and API models. [1]: oss-review-toolkit/ort#11154
1 parent d408685 commit 75b63f9

File tree

21 files changed

+167
-49
lines changed

21 files changed

+167
-49
lines changed

api/v1/mapping/src/commonMain/kotlin/ApiMappings.kt

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,7 @@ import org.eclipse.apoapsis.ortserver.api.v1.model.JobStatus as ApiJobStatus
4343
import org.eclipse.apoapsis.ortserver.api.v1.model.JobSummaries as ApiJobSummaries
4444
import org.eclipse.apoapsis.ortserver.api.v1.model.JobSummary as ApiJobSummary
4545
import org.eclipse.apoapsis.ortserver.api.v1.model.Jobs as ApiJobs
46+
import org.eclipse.apoapsis.ortserver.api.v1.model.LicenseSource as ApiLicenseSource
4647
import org.eclipse.apoapsis.ortserver.api.v1.model.LogLevel as ApiLogLevel
4748
import org.eclipse.apoapsis.ortserver.api.v1.model.LogSource as ApiLogSource
4849
import org.eclipse.apoapsis.ortserver.api.v1.model.NotifierJob as ApiNotifierJob
@@ -139,6 +140,7 @@ import org.eclipse.apoapsis.ortserver.model.VulnerabilityWithDetails
139140
import org.eclipse.apoapsis.ortserver.model.authentication.OidcConfig
140141
import org.eclipse.apoapsis.ortserver.model.runs.Identifier
141142
import org.eclipse.apoapsis.ortserver.model.runs.Issue
143+
import org.eclipse.apoapsis.ortserver.model.runs.LicenseSource
142144
import org.eclipse.apoapsis.ortserver.model.runs.Package
143145
import org.eclipse.apoapsis.ortserver.model.runs.PackageFilters
144146
import org.eclipse.apoapsis.ortserver.model.runs.PackageManagerConfiguration
@@ -619,14 +621,20 @@ fun RuleViolation.mapToApi() = ApiRuleViolation(
619621
rule = rule,
620622
id = id?.mapToApi(),
621623
license = license,
622-
licenseSource = licenseSource,
624+
licenseSources = licenseSources.mapTo(mutableSetOf()) { it.mapToApi() },
623625
severity = severity.mapToApi(),
624626
message = message,
625627
howToFix = howToFix,
626628
resolutions = resolutions.map { it.mapToApi() },
627629
purl = purl
628630
)
629631

632+
fun LicenseSource.mapToApi() = when (this) {
633+
LicenseSource.CONCLUDED -> ApiLicenseSource.CONCLUDED
634+
LicenseSource.DECLARED -> ApiLicenseSource.DECLARED
635+
LicenseSource.DETECTED -> ApiLicenseSource.DETECTED
636+
}
637+
630638
fun Identifier.mapToApi() = ApiIdentifier(type = type, namespace = namespace, name = name, version = version)
631639

632640
fun ApiIdentifier.mapToModel() = Identifier(type = type, namespace = namespace, name = name, version = version)

api/v1/model/src/commonMain/kotlin/LicenseSource.kt

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
/*
2+
* Copyright (C) 2025 The ORT Server Authors (See <https://github.com/eclipse-apoapsis/ort-server/blob/main/NOTICE>)
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* https://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*
16+
* SPDX-License-Identifier: Apache-2.0
17+
* License-Filename: LICENSE
18+
*/
19+
20+
package org.eclipse.apoapsis.ortserver.api.v1.model
21+
22+
/** The source where a license originates from. */
23+
enum class LicenseSource {
24+
/** Licenses which are part of the concluded license of a [Package]. */
25+
CONCLUDED,
26+
27+
/**
28+
* Licenses which are part of the [(processed)][Package.processedDeclaredLicense]
29+
* [declared licenses][Package.declaredLicenses] of a [Package].
30+
*/
31+
DECLARED,
32+
33+
/** Licenses which were detected by a license scanner. */
34+
DETECTED
35+
}

api/v1/model/src/commonMain/kotlin/RuleViolation.kt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ data class RuleViolation(
2626
val rule: String,
2727
val id: Identifier? = null,
2828
val license: String?,
29-
val licenseSource: String?,
29+
val licenseSources: Set<LicenseSource>,
3030
val severity: Severity,
3131
val message: String,
3232
val howToFix: String,

core/src/main/kotlin/apiDocs/RunsDocs.kt

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@ import org.eclipse.apoapsis.ortserver.api.v1.model.FilterOperatorAndValue
3333
import org.eclipse.apoapsis.ortserver.api.v1.model.Identifier
3434
import org.eclipse.apoapsis.ortserver.api.v1.model.Issue
3535
import org.eclipse.apoapsis.ortserver.api.v1.model.JobSummaries
36+
import org.eclipse.apoapsis.ortserver.api.v1.model.LicenseSource
3637
import org.eclipse.apoapsis.ortserver.api.v1.model.Licenses
3738
import org.eclipse.apoapsis.ortserver.api.v1.model.LogLevel
3839
import org.eclipse.apoapsis.ortserver.api.v1.model.LogSource
@@ -365,7 +366,7 @@ val getRunRuleViolations: RouteConfig.() -> Unit = {
365366
"2.42"
366367
),
367368
"GPL-1.0-or-later",
368-
"DETECTED",
369+
setOf(LicenseSource.DECLARED),
369370
Severity.ERROR,
370371
"The declared license 'LPGL-2.1' could not be mapped to a valid SPDX expression.",
371372
"""

core/src/test/kotlin/api/OrganizationsRouteIntegrationTest.kt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1595,7 +1595,7 @@ class OrganizationsRouteIntegrationTest : AbstractIntegrationTest({
15951595
"rule1",
15961596
null,
15971597
null,
1598-
null,
1598+
emptySet(),
15991599
Severity.HINT,
16001600
"message",
16011601
"how-to-fix"

core/src/test/kotlin/api/ProductsRouteIntegrationTest.kt

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1193,7 +1193,7 @@ class ProductsRouteIntegrationTest : AbstractIntegrationTest({
11931193
"rule",
11941194
null,
11951195
null,
1196-
null,
1196+
emptySet(),
11971197
Severity.ERROR,
11981198
"message",
11991199
"how-to-fix"
@@ -1212,7 +1212,7 @@ class ProductsRouteIntegrationTest : AbstractIntegrationTest({
12121212
"rule1",
12131213
null,
12141214
null,
1215-
null,
1215+
emptySet(),
12161216
Severity.HINT,
12171217
"message",
12181218
"how-to-fix"
@@ -1357,7 +1357,7 @@ class ProductsRouteIntegrationTest : AbstractIntegrationTest({
13571357
"rule2",
13581358
null,
13591359
null,
1360-
null,
1360+
emptySet(),
13611361
Severity.ERROR,
13621362
"message",
13631363
"how-to-fix"

core/src/test/kotlin/api/RunsRouteIntegrationTest.kt

Lines changed: 11 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -116,6 +116,7 @@ import org.eclipse.apoapsis.ortserver.model.runs.AnalyzerConfiguration
116116
import org.eclipse.apoapsis.ortserver.model.runs.Environment
117117
import org.eclipse.apoapsis.ortserver.model.runs.Identifier
118118
import org.eclipse.apoapsis.ortserver.model.runs.Issue
119+
import org.eclipse.apoapsis.ortserver.model.runs.LicenseSource
119120
import org.eclipse.apoapsis.ortserver.model.runs.Package
120121
import org.eclipse.apoapsis.ortserver.model.runs.ProcessedDeclaredLicense
121122
import org.eclipse.apoapsis.ortserver.model.runs.Project
@@ -1720,7 +1721,7 @@ class RunsRouteIntegrationTest : AbstractIntegrationTest({
17201721
"2.14.0"
17211722
),
17221723
"License-1",
1723-
"CONCLUDED",
1724+
setOf(LicenseSource.CONCLUDED),
17241725
Severity.WARNING,
17251726
"Message-1",
17261727
"How_to_fix-1"
@@ -1735,7 +1736,7 @@ class RunsRouteIntegrationTest : AbstractIntegrationTest({
17351736
"2.9.6"
17361737
),
17371738
"License-2",
1738-
"DETECTED",
1739+
setOf(LicenseSource.DETECTED),
17391740
Severity.ERROR,
17401741
"Message-2",
17411742
"How_to_fix-2"
@@ -1750,7 +1751,7 @@ class RunsRouteIntegrationTest : AbstractIntegrationTest({
17501751
"2.20.0"
17511752
),
17521753
"License-3",
1753-
"CONCLUDED",
1754+
setOf(LicenseSource.CONCLUDED),
17541755
Severity.WARNING,
17551756
"Message-3",
17561757
"How_to_fix-3"
@@ -1760,7 +1761,7 @@ class RunsRouteIntegrationTest : AbstractIntegrationTest({
17601761
"a-Rule-4",
17611762
null,
17621763
"License-4",
1763-
"CONCLUDED",
1764+
setOf(LicenseSource.CONCLUDED),
17641765
Severity.WARNING,
17651766
"Message-4",
17661767
"How_to_fix-4"
@@ -1804,7 +1805,7 @@ class RunsRouteIntegrationTest : AbstractIntegrationTest({
18041805
"2.14.0"
18051806
),
18061807
"License-1-obsolete",
1807-
"CONCLUDED",
1808+
setOf(LicenseSource.CONCLUDED),
18081809
Severity.WARNING,
18091810
"Message-1-obsolete",
18101811
"How_to_fix-1-obsolete"
@@ -1813,7 +1814,7 @@ class RunsRouteIntegrationTest : AbstractIntegrationTest({
18131814
"Rule-2-obsolete",
18141815
null,
18151816
"License-2-obsolete",
1816-
"DETECTED",
1817+
setOf(LicenseSource.DETECTED),
18171818
Severity.ERROR,
18181819
"Message-2-obsolete",
18191820
"How_to_fix-2-obsolete"
@@ -2077,7 +2078,7 @@ class RunsRouteIntegrationTest : AbstractIntegrationTest({
20772078
"z-Rule-1",
20782079
Identifier("Maven", "com.example", "example", "1.0"),
20792080
"License-1",
2080-
"CONCLUDED",
2081+
setOf(LicenseSource.CONCLUDED),
20812082
Severity.WARNING,
20822083
"Message-1",
20832084
"How_to_fix-1"
@@ -2087,7 +2088,7 @@ class RunsRouteIntegrationTest : AbstractIntegrationTest({
20872088
"b-Rule-2",
20882089
Identifier("Maven", "com.example", "example", "1.0"),
20892090
"License-2",
2090-
"DETECTED",
2091+
setOf(LicenseSource.DETECTED),
20912092
Severity.ERROR,
20922093
"Message-2",
20932094
"How_to_fix-2"
@@ -2097,7 +2098,7 @@ class RunsRouteIntegrationTest : AbstractIntegrationTest({
20972098
"1-Rule-3",
20982099
Identifier("NPM", "com.example", "example2", "1.0"),
20992100
"License-3",
2100-
"CONCLUDED",
2101+
setOf(LicenseSource.CONCLUDED),
21012102
Severity.WARNING,
21022103
"Message-3",
21032104
"How_to_fix-3"
@@ -2107,7 +2108,7 @@ class RunsRouteIntegrationTest : AbstractIntegrationTest({
21072108
"a-Rule-4",
21082109
null,
21092110
"License-4",
2110-
"CONCLUDED",
2111+
setOf(LicenseSource.CONCLUDED),
21112112
Severity.WARNING,
21122113
"Message-4",
21132114
"How_to_fix-4"

dao/src/main/kotlin/repositories/evaluatorrun/RuleViolationsTable.kt

Lines changed: 18 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@ import org.eclipse.apoapsis.ortserver.dao.tables.shared.IdentifiersTable
2424
import org.eclipse.apoapsis.ortserver.dao.utils.SortableEntityClass
2525
import org.eclipse.apoapsis.ortserver.dao.utils.SortableTable
2626
import org.eclipse.apoapsis.ortserver.model.Severity
27+
import org.eclipse.apoapsis.ortserver.model.runs.LicenseSource
2728
import org.eclipse.apoapsis.ortserver.model.runs.RuleViolation
2829

2930
import org.jetbrains.exposed.dao.LongEntity
@@ -37,7 +38,7 @@ object RuleViolationsTable : SortableTable("rule_violations") {
3738
val rule = text("rule").sortable()
3839
val identifierId = reference("identifier_id", IdentifiersTable).nullable()
3940
val license = text("license").nullable()
40-
val licenseSource = text("license_source").nullable()
41+
val licenseSources = text("license_sources").nullable()
4142
val severity = enumerationByName<Severity>("severity", 128).sortable()
4243
val message = text("message")
4344
val howToFix = text("how_to_fix")
@@ -50,7 +51,7 @@ class RuleViolationDao(id: EntityID<Long>) : LongEntity(id) {
5051
rule = ruleViolation.rule
5152
identifierId = getIdentifierDaoOrNull(ruleViolation)
5253
license = ruleViolation.license
53-
licenseSource = ruleViolation.licenseSource
54+
licenseSources = ruleViolation.licenseSources
5455
severity = ruleViolation.severity
5556
message = ruleViolation.message
5657
howToFix = ruleViolation.howToFix
@@ -63,7 +64,7 @@ class RuleViolationDao(id: EntityID<Long>) : LongEntity(id) {
6364
RuleViolationsTable.rule eq ruleViolation.rule and
6465
(RuleViolationsTable.identifierId eq identifierDao?.id) and
6566
(RuleViolationsTable.license eq ruleViolation.license) and
66-
(RuleViolationsTable.licenseSource eq ruleViolation.licenseSource) and
67+
(RuleViolationsTable.licenseSources eq ruleViolation.licenseSources.mapToString()) and
6768
(RuleViolationsTable.severity eq ruleViolation.severity)
6869
}.find { it.message == ruleViolation.message && it.howToFix == ruleViolation.howToFix }
6970
}
@@ -80,7 +81,8 @@ class RuleViolationDao(id: EntityID<Long>) : LongEntity(id) {
8081
var rule by RuleViolationsTable.rule
8182
var identifierId by IdentifierDao optionalReferencedOn RuleViolationsTable.identifierId
8283
var license by RuleViolationsTable.license
83-
var licenseSource by RuleViolationsTable.licenseSource
84+
var licenseSources by RuleViolationsTable.licenseSources
85+
.transform({ it.mapToString() }, { it.mapToLicenseSources() })
8486
var severity by RuleViolationsTable.severity
8587
var message by RuleViolationsTable.message
8688
var howToFix by RuleViolationsTable.howToFix
@@ -89,9 +91,20 @@ class RuleViolationDao(id: EntityID<Long>) : LongEntity(id) {
8991
rule = rule,
9092
id = identifierId?.mapToModel(),
9193
license = license,
92-
licenseSource = licenseSource,
94+
licenseSources = licenseSources,
9395
severity = severity,
9496
message = message,
9597
howToFix = howToFix,
9698
)
9799
}
100+
101+
/**
102+
* Map a set of [LicenseSource] to a comma-separated [String], or `null` if the set is empty.
103+
*/
104+
private fun Set<LicenseSource>.mapToString() = takeIf { it.isNotEmpty() }?.joinToString(",") { it.name }
105+
106+
/**
107+
* Map a comma-separated [String] to a set of [LicenseSource], or an empty set if the string is `null`.
108+
*/
109+
private fun String?.mapToLicenseSources(): Set<LicenseSource> =
110+
this?.split(',')?.mapTo(mutableSetOf()) { enumValueOf<LicenseSource>(it) }.orEmpty()

dao/src/main/resources/db/migration/V120__renameLicenseSourceToLicenseSources.sql

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
ALTER TABLE rule_violations RENAME COLUMN license_source TO license_sources;

dao/src/testFixtures/kotlin/Fixtures.kt

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,7 @@ import org.eclipse.apoapsis.ortserver.model.runs.DependencyGraph
5959
import org.eclipse.apoapsis.ortserver.model.runs.Environment
6060
import org.eclipse.apoapsis.ortserver.model.runs.Identifier
6161
import org.eclipse.apoapsis.ortserver.model.runs.Issue
62+
import org.eclipse.apoapsis.ortserver.model.runs.LicenseSource
6263
import org.eclipse.apoapsis.ortserver.model.runs.Package
6364
import org.eclipse.apoapsis.ortserver.model.runs.ProcessedDeclaredLicense
6465
import org.eclipse.apoapsis.ortserver.model.runs.Project
@@ -239,7 +240,7 @@ class Fixtures(private val db: Database) {
239240
rule = "rule",
240241
id = identifier,
241242
license = "license",
242-
licenseSource = "license source",
243+
licenseSources = setOf(LicenseSource.CONCLUDED, LicenseSource.DECLARED),
243244
message = "message",
244245
severity = Severity.ERROR,
245246
howToFix = "how to fix"

0 commit comments

Comments
 (0)