clearlydefined · yashkohli88 · Nov 13, 2024 · Nov 13, 2024 · Nov 13, 2024 · Nov 15, 2024
diff --git a/providers/summary/clearlydefined.js b/providers/summary/clearlydefined.js
@@ -174,13 +174,7 @@ class ClearlyDescribedSummarizer {
     return urls
   }
 
-  addMavenData(result, data, coordinates) {
-    const urls = this.getMavenUrls(coordinates)
-
-    setIfValue(result, 'described.releaseDate', extractDate(data.releaseDate))
-    setIfValue(result, 'described.urls.registry', urls.registry)
-    setIfValue(result, 'described.urls.version', `${get(result, 'described.urls.registry')}/${coordinates.revision}`)
-    setIfValue(result, 'described.urls.download', urls.download)
+  getDeclaredLicenseMaven(data) {
     const projectSummaryLicenses =
       get(data, 'manifest.summary.licenses') || get(data, 'manifest.summary.project.licenses') // the project layer was removed in 1.2.0
     if (!projectSummaryLicenses) return
@@ -192,7 +186,18 @@ class ClearlyDescribedSummarizer {
     const licenseNames = uniq(flatten(licenseSummaries.map(license => license.name)))
     let licenses = licenseUrls.map(extractLicenseFromLicenseUrl).filter(x => x)
     if (!licenses.length) licenses = licenseNames.map(x => SPDX.lookupByName(x) || x).filter(x => x)
-    if (licenses.length) setIfValue(result, 'licensed.declared', SPDX.normalize(licenses.join(' OR ')))
+    return licenses
+  }
+
+  addMavenData(result, data, coordinates) {
+    const urls = this.getMavenUrls(coordinates)
+
+    setIfValue(result, 'described.releaseDate', extractDate(data.releaseDate))
+    setIfValue(result, 'described.urls.registry', urls.registry)
+    setIfValue(result, 'described.urls.version', `${get(result, 'described.urls.registry')}/${coordinates.revision}`)
+    setIfValue(result, 'described.urls.download', urls.download)
+    const licenses = this.getDeclaredLicenseMaven(data)
+    if (licenses?.length) setIfValue(result, 'licensed.declared', SPDX.normalize(licenses.join(' OR ')))
   }
 
   addCondaData(result, data, coordinates) {
@@ -239,6 +244,8 @@ class ClearlyDescribedSummarizer {
       'described.urls.download',
       `https://repo1.maven.org/maven2/${namespaceAsFolders}/${coordinates.name}/${coordinates.revision}/${coordinates.name}-${coordinates.revision}.jar`
     )
+    const licenses = this.getDeclaredLicenseMaven(data)
+    if (licenses?.length) setIfValue(result, 'licensed.declared', SPDX.normalize(licenses.join(' OR ')))
   }
 
   addNuGetData(result, data, coordinates) {

diff --git a/test/summary/clearlydefinedTests.js b/test/summary/clearlydefinedTests.js
@@ -544,6 +544,37 @@ describe('ClearlyDescribedSummarizer addNuGetData', () => {
   })
 })
 
+describe('ClearlyDescribedSummarizer getDeclaredLicenseMaven', () => {
+  const data = new Map([
+    [[{ name: ['Apache-2.0'], url: ['https://opensource.org/licenses/Apache-2.0'] }], ['Apache-2.0']],
+    [[{ name: ['The MIT License (MIT)'], url: ['http://opensource.org/licenses/MIT'] }], ['MIT']],
+    [
+      [
+        { name: ['LGPL 2.1'], url: ['https://www.gnu.org/licenses/lgpl-2.1.html'] },
+        { name: ['Apache License 2.0'], url: ['https://www.apache.org/licenses/LICENSE-2.0'] }
+      ],
+      ['LGPL-2.1', 'Apache-2.0']
+    ],
+    [
+      [{ name: ['CDDL + GPLv2 with classpath exception'], url: ['https://oss.oracle.com/licenses/CDDL+GPL-1.1'] }],
+      ['CDDL + GPLv2 with classpath exception']
+    ],
+    [[{ name: ['NOASSERTION'], url: ['https://something.com'] }], ['NOASSERTION']],
+    [[{ name: [''], url: [''] }], []]
+  ])
+
+  it('should return licenses extracted from manifest.summary', () => {
+    data.forEach((expected, license) => {
+      const licenses = summarizer.getDeclaredLicenseMaven({ manifest: { summary: { licenses: [{ license }] } } })
+      const licenseProject = summarizer.getDeclaredLicenseMaven({
+        manifest: { summary: { project: { licenses: [{ license }] } } }
+      })
+      assert.deepEqual(licenses, expected)
+      assert.deepEqual(licenseProject, expected)
+    })
+  })
+})
+
 describe('ClearlyDescribedSummarizer addMavenData', () => {
   const expectedUrls = {
     download: 'https://repo1.maven.org/maven2/io/clearlydefined/test/1.0/test-1.0.jar',
@@ -614,6 +645,7 @@ describe('ClearlyDescribedSummarizer addMavenData', () => {
     version: 'https://maven.google.com/web/index.html#io.clearlydefined:test:1.0/1.0'
   }
   const expectedResult = { described: { urls: expectedUrls } }
+
   it('should set declared license from manifest licenseUrl', () => {
     const data = {
       'https://opensource.org/licenses/MIT': 'MIT',
@@ -670,14 +702,17 @@ describe('ClearlyDescribedSummarizer addMavenData', () => {
 })
 
 describe('ClearlyDescribedSummarizer addSourceArchiveData', () => {
+  const sourceArchiveTestCoordinates = EntityCoordinates.fromString(
+    'sourcearchive/mavencentral/io.clearlydefined/test/1.0'
+  )
   const expectedUrls = {
     download: 'https://repo1.maven.org/maven2/io/clearlydefined/test/1.0/test-1.0.jar',
     registry: 'https://repo1.maven.org/maven2/io/clearlydefined/test',
     version: 'https://repo1.maven.org/maven2/io/clearlydefined/test/1.0'
   }
-
   const expectedResult = { described: { urls: expectedUrls } }
-  it('should set the correct urls', () => {
+
+  it('should set the correct urls and license', () => {
     const data = {
       'https://opensource.org/licenses/MIT': 'MIT'
     }
@@ -687,15 +722,51 @@ describe('ClearlyDescribedSummarizer addSourceArchiveData', () => {
       summarizer.addSourceArchiveData(
         result,
         { manifest: { summary: { project: { licenses: [{ license: { url } }] } } } },
-        testCoordinates
+        sourceArchiveTestCoordinates
       )
       if (data[url])
         assert.deepEqual(result, {
-          ...expectedResult
+          ...expectedResult,
+          licensed: { declared: data[url] }
         })
       else assert.deepEqual(result, expectedResult)
     }
   })
+
+  it('should set the correct urls and no license when data section is empty', () => {
+    let result = {}
+    summarizer.addSourceArchiveData(result, {}, testCoordinates)
+    assert.deepEqual(result, expectedResult)
+  })
+
+  it('should set declared license from manifest license name and URL', () => {
+    const data = new Map([
+      [[{ name: ['Apache-2.0'], url: ['https://opensource.org/licenses/Apache-2.0'] }], 'Apache-2.0'],
+      [[{ name: ['The MIT License (MIT)'], url: ['http://opensource.org/licenses/MIT'] }], 'MIT'],
+      [
+        [
+          { name: ['LGPL 2.1'], url: ['https://www.gnu.org/licenses/lgpl-2.1.html'] },
+          { name: ['Apache License 2.0'], url: ['https://www.apache.org/licenses/LICENSE-2.0'] }
+        ],
+        'LGPL-2.1 OR Apache-2.0'
+      ],
+      [
+        [{ name: ['CDDL + GPLv2 with classpath exception'], url: ['https://oss.oracle.com/licenses/CDDL+GPL-1.1'] }],
+        'NOASSERTION'
+      ]
+    ])
+
+    data.forEach((expected, license) => {
+      let result = {}
+      summarizer.addSourceArchiveData(
+        result,
+        { manifest: { summary: { licenses: [{ license }] } } },
+        sourceArchiveTestCoordinates
+      )
+      if (expected) assert.deepEqual(result, { described: { urls: expectedUrls }, licensed: { declared: expected } })
+      else assert.deepEqual(result, expectedResult)
+    })
+  })
 })
 
 describe('ClearlyDescribedSummarizer addDebData', () => {