Metadata-Version: 2.3
Name: liscopelens
Version: 0.2.14
Summary: A tool to analyze the compatibility of licenses in a project.
Author: ZION
Author-email: liuza20@lzu.edu.cn
Requires-Python: >=3.11,<=3.14
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Requires-Dist: json5 (>=0.12.0,<0.13.0)
Requires-Dist: networkx (>=3.2.1,<4.0.0)
Requires-Dist: platformdirs (>=4.0.0,<5.0.0)
Requires-Dist: pydantic (>=2.11.7,<3.0.0)
Requires-Dist: requests (>=2.31.0,<3.0.0)
Requires-Dist: rich (>=14.0.0,<15.0.0)
Requires-Dist: textual (>=3.0.1,<4.0.0)
Requires-Dist: toml (>=0.10.2,<0.11.0)
Requires-Dist: tree-sitter (>=0.25.1,<0.26.0)
Requires-Dist: tree-sitter-cpp (>=0.23.4,<0.24.0)
Description-Content-Type: text/markdown

# compliance_license_compatibility


- [compliance\_license\_compatibility](#compliance_license_compatibility)
  - [介绍](#介绍)
  - [安装教程](#安装教程)
  - [使用说明](#使用说明)
    - [分析代码仓库的兼容性(请确保存在gn工具或者gn解析文件)](#分析代码仓库的兼容性请确保存在gn工具或者gn解析文件)
  - [已知问题](#已知问题)
  - [审查结果](#审查结果)
  - [参与贡献](#参与贡献)
  - [结果复现](#结果复现)


[English Version](README.en.md)

## 介绍

开源许可证兼容性分析工具，基于结构化的许可证信息和具体场景的依赖行为与构建设置，对目标中引入的开源许可证进行兼容性分析。

尽管我们会尽力确保该工具的准确性和可靠性，但**本项目的检查结果不构成任何法律建议**。使用者应自行审查和判断，以确定所采取的行动是否符合法律法规以及相关许可证的规定。

**注意：本项目当前仍处于早期版本，相关结果的准确性未进行验证，且迭代过程中各模块接口将会发生较大变化。**

## 安装教程

0. 确保已经安装 `python 3.11^`
1. clone 仓库
2. 进入仓库根目录 `pip install .`

**如果安装过 lict 版本，请先卸载旧版**

## 使用说明

确保工具安装后，终端输入指令 `liscopelens --help`

```shell
usage: liscopelens [-h] [-c CONFIG] project_path {clang,inspect,subgraph} ...

Software Compatibility Analysis Tool

positional arguments:
  project_path          project repository path to analyze
  {clang,inspect,subgraph}
    clang               This parser is used to parse the C/C++ repository and provide an include dependency graph for subsequent operations
    inspect             This parser is used to inspect the results of the others parser
    subgraph            This parser is used to export the subgraph of the C/C++ repository

options:
  -h, --help            show this help message and exit
  -c, --config CONFIG   compatible policy config file path
```

### 分析代码仓库的兼容性(请确保存在gn工具或者gn解析文件)

1. 获取 OpenHarmoy 源码
2. 安装 OpenHarmony 编译构建工具执行 
    `./build.sh --product-name {设备形态} --gn-flags="--ide=json" --gn-flags="--json-file-name=out.json"`
3. 确保在源码根目录下具有`OpenHarmony/out/{设备形态}/out.json` 存在
4. 使用 Scancode 扫描 OpenHarmony 许可证
5. 执行 liscopelens 进行兼容性扫描
    ```shell
    liscopelens cpp --gn_file OpenHarmony/out/{设备形态}/out.json --scancode-file path/to/scancode-res.json --output ./output
    ```
1. 查看 `output/results.json` 或则借助[审查工具](#审查结果)

其他参数可以，查看帮助 `liscopelens clang -h`，解释如下：
```shell
usage: liscopelens project_path clang [-h] --gn-file GN_FILE [--ignore-test] [--pass-sda] (--scancode-file SCANCODE_FILE | --scancode-dir SCANCODE_DIR) [--shadow-license SHADOW_LICENSE]
                                      [--rm-ref-lang] [--ignore-unk] [--save-kg] [--output OUTPUT] [--echo]

options:
  -h, --help            show this help message and exit
  --gn-file GN_FILE     path to the gn deps graph (JSON)
  --ignore-test         Ignore targets where `testonly` is true.
  --pass-sda            Enable Static Dependency Analysis
  --scancode-file SCANCODE_FILE
                        The path of the scancode's output in json format file
  --scancode-dir SCANCODE_DIR
                        The path of the directory that contain json files
  --shadow-license SHADOW_LICENSE
                        The file path which storage (node-license) pair. Shadow licenses to certain nodes in advance
  --rm-ref-lang         Automatically remove scancode ref prefix and language suffix from spdx ids
  --ignore-unk          Ignore unknown licenses
  --save-kg             Save new knowledge graph after infer parse
  --output OUTPUT       The outputs path
  --echo                Echo the final result of compatibility checking
```


#### 参数列表

| 参数            | 类型 | 说明                                 | 是否必须 |
| --------------- | ---- | ------------------------------------ | -------- |
| cpp             | bool | 指明检测C/C++代码仓库                | 是       |
| --gn_tool       | str  | GN 工具的可执行文件路径              | 是       |
| --gn_file       | str  | GN 依赖图输出文件路径                | 是       |
| --scancode-file | str  | Scancode 输出的 JSON 格式文件路径    | 是       |
| --scancode-dir  | str  | 包含 JSON 文件的目录路径             | 是       |
| --rm-ref-lang   | bool | 自动移除 Scancode 引用前缀和语言后缀 | 否       |
| --save-kg       | bool | 在解析后保存新的知识图谱             | 否       |
| --ignore-unk    | bool | 忽略未知的许可证                     | 否       |
| --out-gml       | str  | 图谱的输出路径                       | 否       |
| --echo          | bool | 回显兼容性检查的最终结果             | 否       |
| --out-echo      | str  | 回显结果的输出路径                   | 否       |

#### gn依赖图格式

```json
{
  "build_settings": {
    "build_dir": "//out/hispark_taurus/ipcamera_hispark_taurus/",
    "default_toolchain": "//build/lite/toolchain:linux_x86_64_ohos_clang",
    "gen_input_files": [
      "//.gn",
      "//vendor/hisilicon/hispark_taurus/hdf_config/BUILD.gn",
      "//vendor/hisilicon/hispark_taurus/hdf_config/hdf_test/BUILD.gn"
    ],
    "root_path": "/home/dragon/oh"
  },
  "targets": {
    "//applications/sample/camera/cameraApp:cameraApp_hap": {
      "all_dependent_configs": [
        "//third_party/musl/scripts/build_lite:sysroot_flags"
      ],
      "deps": [
        "//applications/sample/camera/cameraApp:cameraApp",
        "//developtools/packing_tool:packing_tool",
        "//third_party/musl:sysroot_lite"
      ],
      "metadata": {
      },
      "outputs": [
        "//out/hispark_taurus/ipcamera_hispark_taurus/obj/applications/sample/camera/cameraApp/cameraApp_hap_build_log.txt"
      ],
      "public": "*",
      "script": "//build/lite/hap_pack.py",
      "testonly": false,
      "toolchain": "//build/lite/toolchain:linux_x86_64_ohos_clang",
      "type": "action",
      "visibility": [
        "*"
      ]
    },
    "//foundation/arkui/ace_engine_lite/frameworks/src/core/stylemgr/test/unittest:stylemgr_unittest": {
         "all_dependent_configs": [ "//third_party/musl/scripts/build_lite:sysroot_flags" ],
         "deps": [ "//foundation/arkui/ace_engine_lite/frameworks/src/core/stylemgr/test/unittest:js_frameworks_test_condition_arbitrator", "//foundation/arkui/ace_engine_lite/frameworks/src/core/stylemgr/test/unittest:js_frameworks_test_link_queue", "//foundation/arkui/ace_engine_lite/frameworks/src/core/stylemgr/test/unittest:js_frameworks_test_link_stack", "//foundation/arkui/ace_engine_lite/frameworks/src/core/stylemgr/test/unittest:js_frameworks_test_stylemgr", "//foundation/arkui/ace_engine_lite/frameworks/src/core/stylemgr/test/unittest:js_frameworks_test_stylemgr_media_query" ],
         "metadata": {

         },
         "public": "*",
         "testonly": false,
         "toolchain": "//build/lite/toolchain:linux_x86_64_ohos_clang",
         "type": "group",
         "visibility": [ "*" ]
      }
  }
}

```

## 已知问题

1. `poetry install | add` 无响应或者报错提示包括 `Failed to unlock the collection`.


```shell
export PYTHON_KEYRING_BACKEND=keyring.backends.null.Keyring
```

## 审查结果

执行完成后审查冲突结果（请确保传入输出位置参数 `liscopelens <command> ... --output path/to/output_dir`）

```shell
liscopelens query /path/to/output_dir
```

![query演示](assets/example.gif)

## 参与贡献

参见[设计文档](doc/设计文档.md#开发手册)

## 结果复现

参见[Reproduction and Data Acquisition](README.en.md#Reproduction-and-Data-Acquisition)
