1
0
Fork 0

Validate licenses correctly even when proprietary is combined with some other license, fixes #9144

pull/9170/head
Jordi Boggiano 2020-08-25 08:58:43 +02:00
parent 45246aca22
commit b847c4dc3a
No known key found for this signature in database
GPG Key ID: 7BBD42C429EC80BC
1 changed files with 20 additions and 18 deletions

View File

@ -111,25 +111,27 @@ class ValidatingArrayLoader implements LoaderInterface
if (is_array($this->config['license']) || is_string($this->config['license'])) { if (is_array($this->config['license']) || is_string($this->config['license'])) {
$licenses = (array) $this->config['license']; $licenses = (array) $this->config['license'];
// strip proprietary since it's not a valid SPDX identifier, but is accepted by composer
foreach ($licenses as $key => $license) {
if ('proprietary' === $license) {
unset($licenses[$key]);
}
}
$licenseValidator = new SpdxLicenses(); $licenseValidator = new SpdxLicenses();
if (count($licenses) === 1 && !$licenseValidator->validate($licenses) && $licenseValidator->validate(trim($licenses[0]))) { foreach ($licenses as $license) {
$this->warnings[] = sprintf( // replace proprietary by MIT for validation purposes since it's not a valid SPDX identifier, but is accepted by composer
'License %s must not contain extra spaces, make sure to trim it.', if ('proprietary' === $license) {
json_encode($this->config['license']) continue;
); }
} elseif (array() !== $licenses && !$licenseValidator->validate($licenses)) { $licenseToValidate = str_replace('proprietary', 'MIT', $license);
$this->warnings[] = sprintf( if (!$licenseValidator->validate($licenseToValidate)) {
'License %s is not a valid SPDX license identifier, see https://spdx.org/licenses/ if you use an open license.' . PHP_EOL . if ($licenseValidator->validate(trim($licenseToValidate))) {
'If the software is closed-source, you may use "proprietary" as license.', $this->warnings[] = sprintf(
json_encode($this->config['license']) 'License %s must not contain extra spaces, make sure to trim it.',
); json_encode($license)
);
} else {
$this->warnings[] = sprintf(
'License %s is not a valid SPDX license identifier, see https://spdx.org/licenses/ if you use an open license.' . PHP_EOL .
'If the software is closed-source, you may use "proprietary" as license.',
json_encode($license)
);
}
}
} }
} }
} }