From 5286f23870889ec58d034b80549db0fb79e6850f Mon Sep 17 00:00:00 2001 From: Mike McQuaid Date: Thu, 17 Oct 2024 08:31:04 +0100 Subject: [PATCH] Improve/fix HOMEBREW_FORBIDDEN_LICENSES handling `HOMEBREW_FORBIDDEN_LICENSES` now actually checks for valid SPDX license identifiers rather than requiring the user to guess. When an identifier is invalid, it will be ignore and warned about instead. --- Library/Homebrew/env_config.rb | 2 +- Library/Homebrew/formula_installer.rb | 21 +++++++++++++++++++-- docs/Manpage.md | 4 ++-- manpages/brew.1 | 2 +- 4 files changed, 23 insertions(+), 6 deletions(-) diff --git a/Library/Homebrew/env_config.rb b/Library/Homebrew/env_config.rb index bb185001b30a5a..a3b3124e36f0fb 100644 --- a/Library/Homebrew/env_config.rb +++ b/Library/Homebrew/env_config.rb @@ -204,7 +204,7 @@ module EnvConfig "formula or cask if it or any of its dependencies is on this list.", }, HOMEBREW_FORBIDDEN_LICENSES: { - description: "A space-separated list of licenses. Homebrew will refuse to install a " \ + description: "A space-separated list of SPDX license identifiers. Homebrew will refuse to install a " \ "formula if it or any of its dependencies has a license on this list.", }, HOMEBREW_FORBIDDEN_OWNER: { diff --git a/Library/Homebrew/formula_installer.rb b/Library/Homebrew/formula_installer.rb index be3be998def583..8a9779ec05a5a0 100644 --- a/Library/Homebrew/formula_installer.rb +++ b/Library/Homebrew/formula_installer.rb @@ -1482,8 +1482,25 @@ def forbidden_license_check pattern = /#{s.to_s.tr("_", " ")}/i forbidden_licenses.sub!(pattern, s.to_s) end - forbidden_licenses = forbidden_licenses.split.to_h do |license| - [license, SPDX.license_version_info(license)] + + invalid_licenses = [] + forbidden_licenses = forbidden_licenses.split.each_with_object({}) do |license, hash| + unless SPDX.valid_license?(license) + invalid_licenses << license + next + end + + hash[license] = SPDX.license_version_info(license) + end + + if invalid_licenses.present? + opoo <<~EOS + HOMEBREW_FORBIDDEN_LICENSES contains invalid license identifiers: #{invalid_licenses.to_sentence} + These licenses will not be forbidden. See the valid SPDX license identifiers at: + #{Formatter.url("https://spdx.org/licenses/")} + And the licenses for a formula with: + brew info + EOS end return if forbidden_licenses.blank? diff --git a/docs/Manpage.md b/docs/Manpage.md index e73cd8b46a29bd..7c8b8bac0907e6 100644 --- a/docs/Manpage.md +++ b/docs/Manpage.md @@ -3798,8 +3798,8 @@ command execution e.g. `$(cat file)`. `HOMEBREW_FORBIDDEN_LICENSES` -: A space-separated list of licenses. Homebrew will refuse to install a formula - if it or any of its dependencies has a license on this list. +: A space-separated list of SPDX license identifiers. Homebrew will refuse to + install a formula if it or any of its dependencies has a license on this list. `HOMEBREW_FORBIDDEN_OWNER` diff --git a/manpages/brew.1 b/manpages/brew.1 index 129c37e8308bd8..872f971c09d1c7 100644 --- a/manpages/brew.1 +++ b/manpages/brew.1 @@ -2470,7 +2470,7 @@ A space\-separated list of casks\. Homebrew will refuse to install a cask if it A space\-separated list of formulae\. Homebrew will refuse to install a formula or cask if it or any of its dependencies is on this list\. .TP \fBHOMEBREW_FORBIDDEN_LICENSES\fP -A space\-separated list of licenses\. Homebrew will refuse to install a formula if it or any of its dependencies has a license on this list\. +A space\-separated list of SPDX license identifiers\. Homebrew will refuse to install a formula if it or any of its dependencies has a license on this list\. .TP \fBHOMEBREW_FORBIDDEN_OWNER\fP The person who has set any \fBHOMEBREW_FORBIDDEN_*\fP variables\.