Conversation
|
Need to fix spotless (license header in kotlin files) |
| * You should have received a copy of the Sonar Source-Available License | ||
| * along with this program; if not, see https://sonarsource.com/license/ssal/ | ||
| */ | ||
| package org.sonarsource.ruby.gradle |
There was a problem hiding this comment.
The package is correctly named org.sonarsource.ruby.gradle, however the files are located in a folder named org/sonarsource/scala/gradle.
rombirli
force-pushed
the
rombirli/license-packaging-standard
branch
from
013274c to
87f02cf
Compare
|
rombirli
force-pushed
the
rombirli/license-packaging-standard
branch
from
fc4e7dd to
91564bd
Compare
SummaryImplements SONAR license packaging standard by integrating a cloud-native license file generator plugin. Renames the root LICENSE file to LICENSE.txt, adds a new build-logic/common submodule containing shared Gradle plugins, and automatically generates/packages license files (main + third-party) into the plugin distribution. Workflow improvements make submodule initialization explicit and conditional based on test suite. What reviewers should knowStart with sonar-ruby-plugin/build.gradle to see the new license file generator plugin integration and configuration. The root LICENSE.txt rename is straightforward. The build-logic/common submodule is a new dependency that provides the license generation capability. Third-party license files in resources/licenses/THIRD_PARTY_LICENSES/ are generated automatically by the plugin—they're not manually added. Workflow changes in build.yml are infrastructure only: switching from conditional submodule cloning to explicit initialization steps.
|
SummaryImplements SonarSource license packaging standard by restructuring license files and improving submodule management. Renames LICENSE to LICENSE.txt, adds LICENSE_HEADER template for copyright notices, and includes third-party license documentation. Updates GitHub workflows to explicitly initialize required git submodules— What reviewers should knowStart with .gitmodules to see the new
|
SummaryImplements license packaging standard (ANALYZERS-74) by adding automated license file generation. Adds a new shared Gradle plugin (build-logic/common) to handle license packaging, updates CI/CD to explicitly initialize submodules, and renames the root LICENSE file to LICENSE.txt. License files (main + third-party) are now generated and packaged with the plugin. What reviewers should knowStart by reviewing settings.gradle to understand how the new plugin is included. Then check sonar-ruby-plugin/build.gradle to see the license-file-generator plugin configuration and how licenseGenerationConfig points to the LICENSE.txt file. The .github/workflows/build.yml changes replace dynamic submodule initialization with explicit git commands for better control. The license files in sonar-ruby-plugin/src/main/resources/licenses/ are auto-generated by the plugin. Key consideration: this adds a new external dependency (build-logic/common submodule) - verify the integration doesn't break local builds.
|
![sonar-review-alpha[bot]](https://avatars.githubusercontent.com/in/3025063?s=60&v=4){kind=small}
| @@ -0,0 +1,7 @@ | |||
| Copyright <YEAR> <COPYRIGHT HOLDER> | |||
There was a problem hiding this comment.
The copyright line contains unfilled template placeholders (<YEAR> and <COPYRIGHT HOLDER>). If this was generated automatically from the upstream library's own LICENSE file, then that upstream file has the same problem and this should be corrected manually — a license file with unfilled placeholders does not constitute valid attribution. The actual copyright holder is EclipseSource and the year should be filled in (check the library's repository or Maven POM for the correct values).
- Mark as noise
… Update submodule build-logic/common
SummaryAdopt standardized license packaging by integrating SonarSource's cloud-native-gradle-modules for consistent license metadata handling. Adds override for jsr305 dependency to correctly declare its BSD-3 license, and updates CI/CD workflows to properly initialize shared build logic. What reviewers should knowKey changes to review:
Start here: Review the license override logic in sonar-ruby-plugin/build.gradle around line 8-11 to understand the intent. Then check the build.yml workflow changes to confirm submodule initialization is correct for your CI environment.
|
LICENSE FOR com.google.code.findbugs:jsr305Similar to https://github.com/SonarSource/slang-enterprise/pull/597#issuecomment-4066470277 |
|
| @@ -0,0 +1,11 @@ | |||
| Copyright <YEAR> <COPYRIGHT HOLDER> | |||
There was a problem hiding this comment.
The BSD-3 license text here has literal <YEAR> and <COPYRIGHT HOLDER> placeholders that were never substituted. The whole point of this PR is to ship the correct license attribution for jsr305, so this file needs the actual copyright year and holder filled in. For jsr305 / JSR-305 annotations, the copyright holder is Google Inc. and the relevant year is 2007 (the original release). If this file is auto-generated by the license-file-generator plugin from the BSD-3.txt template in build-logic/common, that template itself contains the unfilled placeholders — verify whether the plugin is expected to substitute them at build time, or whether the override file needs to be provided with the values already filled in.
- Mark as noise
2 participants
No description provided.