⚠ This page is served via a proxy. Original site: https://github.com
This service does not collect credentials or authentication data.
Skip to content

Perform SPDX license and copyright checks with reuse #81

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
lurtz wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Perform SPDX license and copyright checks with reuse #81

lurtz wants to merge 8 commits into from

Conversation

@lurtz
Copy link
Contributor

@lurtz lurtz commented Feb 9, 2026
edited
Loading

reuse is specialized to check for SPDX license and copyright information in source files. It is capable of checking way more file types than we currently check with opengrep and faster.

However it only checks for SPDX information and not the full mandatory copyright header. Therefore opengrep will still be used to check that, but SPDX information will be checked with reuse. If only SPDX information is needed we can trim the header and remove opengrep.

@lurtz
Perform SPDX license and copyright checks with reuse
5e35b9c 
reuse is specialized to check for SPDX license and copyright information
in source files. It is capable of checking way more file types than we
currently check with opengrep and faster. However it only checks for
SPDX information and not the full mandatory copyright header. Therefore
opengrep will still be used to check that, but SPDX information will be
checked with reuse.
lurtz
lurtz commented Feb 9, 2026
View reviewed changes
.pre-commit-config.yaml Outdated
Comment on lines 39 to 43
- repo: https://codeberg.org/fsfe/reuse-tool
rev: a1bb792acda6fd0724936b4ebbdbc8eceb9c0459 # v6.2.0
hooks:
- id: reuse-lint-file
exclude: devcontainer-lock.json|.*\.png
Copy link
Contributor Author

@lurtz lurtz Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the reviewer: reuse is added here

Copy link
Member

@AlexanderLanin AlexanderLanin Feb 9, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add it to some readme somewhere on how to use the tool (without precommit)? Where is the config?

Copy link
Contributor Author

@lurtz lurtz Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

at the moment there is no config. I will try your template proposal

Copy link
Contributor Author

@lurtz lurtz Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this enough?

https://github.com/elektrobit-contrib/eclipse-score_devcontainer/blob/90d00f48718d96ef8a515c33d1b9a0e03b50e3af/README.md?plain=1#L119-L125

@lurtz lurtz marked this pull request as ready for review February 9, 2026 10:59
AlexanderLanin
AlexanderLanin reviewed Feb 9, 2026
View reviewed changes
.github/workflows/ci.yaml Outdated
# terms of the Apache License Version 2.0 which is available at
# https://www.apache.org/licenses/LICENSE-2.0
#
# SPDX-FileCopyrightText: Copyright (c) 2026 Contributors to the Eclipse Foundation
Copy link
Member

@AlexanderLanin AlexanderLanin Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to figure out where this header came from and if this change is ok

.pre-commit-config.yaml Outdated
Comment on lines 39 to 43
- repo: https://codeberg.org/fsfe/reuse-tool
rev: a1bb792acda6fd0724936b4ebbdbc8eceb9c0459 # v6.2.0
hooks:
- id: reuse-lint-file
exclude: devcontainer-lock.json|.*\.png
Copy link
Member

@AlexanderLanin AlexanderLanin Feb 9, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add it to some readme somewhere on how to use the tool (without precommit)? Where is the config?

@AlexanderLanin
Copy link
Member

AlexanderLanin commented Feb 9, 2026

However it only checks for SPDX information and not the full mandatory copyright

Sure? https://reuse.readthedocs.io/en/stable/man/reuse-annotate.html#templates

lurtz
lurtz commented Feb 9, 2026
View reviewed changes
@lurtz
Copy link
Contributor Author

lurtz commented Feb 9, 2026

However it only checks for SPDX information and not the full mandatory copyright

Sure? https://reuse.readthedocs.io/en/stable/man/reuse-annotate.html#templates

I removed the opengrep solution now, but reuse still does not enforce the full header and only checks for SPDX lines. It fails when these are missing.

For example this CODEOWNERS file would be compliant, when running reuse lint:

# SPDX-FileCopyrightText: 2026 Contributors to the Eclipse Foundation
# SPDX-License-Identifier: Apache-2.0

* @opajonk @lurtz

However whenever reuse annotate is run via scripts/run_reuse_annotate.sh, reuse will apply the template and add the full header.

lurtz
lurtz commented Feb 9, 2026
View reviewed changes
LICENSES/Apache-2.0.txt
Copy link
Contributor Author

@lurtz lurtz Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

note the rename. Maybe we still need to keep a copy at LICENSE

AlexanderLanin
AlexanderLanin reviewed Feb 9, 2026
View reviewed changes
.pre-commit-config.yaml
Comment on lines +41 to +42
- id: reuse-lint-file
name: reuse-lint-file (fix with `./scripts/run_reuse_annotate.sh`)
Copy link
Member

@AlexanderLanin AlexanderLanin Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should pre-commit not run ./scripts/run_reuse_annotate.sh directly?

Copy link
Contributor Author

@lurtz lurtz Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would love to, but I did not find a way to achieve that. I might need to write a custom rule to do that

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AlexanderLanin AlexanderLanin AlexanderLanin left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lurtz @AlexanderLanin