diff options
author | RishabhBhatnagar <bhatnagarrishabh4@gmail.com> | 2020-01-09 20:39:55 +0530 |
---|---|---|
committer | RishabhBhatnagar <bhatnagarrishabh4@gmail.com> | 2020-01-09 21:04:37 +0530 |
commit | cd59ee66408a908f7ef94548814514f6bc9fc906 (patch) | |
tree | 550b146d4de0cc00a4784147f7d8f2a7bc93cffe /tvsaver | |
parent | f4fef41a45620391fca6481f4700b89de170ab88 (diff) | |
download | spdx-tools-cd59ee66408a908f7ef94548814514f6bc9fc906.tar.gz |
Create Go Module
- Unpack directory v0 to move all the content to the root directory.
- ./v0/* converted to ./*
- all the test cases were fixed to remove one directory less indexing for test files
- add go.mod
- go version 1.13 is used to have a relatively stable versioning system
Signed-off-by: RishabhBhatnagar <bhatnagarrishabh4@gmail.com>
Diffstat (limited to 'tvsaver')
21 files changed, 2191 insertions, 0 deletions
diff --git a/tvsaver/saver2v1/save_annotation.go b/tvsaver/saver2v1/save_annotation.go new file mode 100644 index 0000000..f46ed4a --- /dev/null +++ b/tvsaver/saver2v1/save_annotation.go @@ -0,0 +1,30 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "fmt" + "io" + + "github.com/spdx/tools-golang/spdx" +) + +func renderAnnotation2_1(ann *spdx.Annotation2_1, w io.Writer) error { + if ann.Annotator != "" && ann.AnnotatorType != "" { + fmt.Fprintf(w, "Annotator: %s: %s\n", ann.AnnotatorType, ann.Annotator) + } + if ann.AnnotationDate != "" { + fmt.Fprintf(w, "AnnotationDate: %s\n", ann.AnnotationDate) + } + if ann.AnnotationType != "" { + fmt.Fprintf(w, "AnnotationType: %s\n", ann.AnnotationType) + } + if ann.AnnotationSPDXIdentifier != "" { + fmt.Fprintf(w, "SPDXREF: %s\n", ann.AnnotationSPDXIdentifier) + } + if ann.AnnotationComment != "" { + fmt.Fprintf(w, "AnnotationComment: %s\n", textify(ann.AnnotationComment)) + } + + return nil +} diff --git a/tvsaver/saver2v1/save_annotation_test.go b/tvsaver/saver2v1/save_annotation_test.go new file mode 100644 index 0000000..077e9f8 --- /dev/null +++ b/tvsaver/saver2v1/save_annotation_test.go @@ -0,0 +1,112 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "bytes" + "testing" + + "github.com/spdx/tools-golang/spdx" +) + +// ===== Annotation section Saver tests ===== +func TestSaver2_1AnnotationSavesTextForPerson(t *testing.T) { + ann := &spdx.Annotation2_1{ + Annotator: "John Doe", + AnnotatorType: "Person", + AnnotationDate: "2018-10-10T17:52:00Z", + AnnotationType: "REVIEW", + AnnotationSPDXIdentifier: "SPDXRef-DOCUMENT", + AnnotationComment: "This is an annotation about the SPDX document", + } + + // what we want to get, as a buffer of bytes + // no trailing blank newline + want := bytes.NewBufferString(`Annotator: Person: John Doe +AnnotationDate: 2018-10-10T17:52:00Z +AnnotationType: REVIEW +SPDXREF: SPDXRef-DOCUMENT +AnnotationComment: This is an annotation about the SPDX document +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderAnnotation2_1(ann, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1AnnotationSavesTextForOrganization(t *testing.T) { + ann := &spdx.Annotation2_1{ + Annotator: "John Doe, Inc.", + AnnotatorType: "Organization", + AnnotationDate: "2018-10-10T17:52:00Z", + AnnotationType: "REVIEW", + AnnotationSPDXIdentifier: "SPDXRef-DOCUMENT", + AnnotationComment: "This is an annotation about the SPDX document", + } + + // what we want to get, as a buffer of bytes + // no trailing blank newline + want := bytes.NewBufferString(`Annotator: Organization: John Doe, Inc. +AnnotationDate: 2018-10-10T17:52:00Z +AnnotationType: REVIEW +SPDXREF: SPDXRef-DOCUMENT +AnnotationComment: This is an annotation about the SPDX document +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderAnnotation2_1(ann, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1AnnotationSavesTextForTool(t *testing.T) { + ann := &spdx.Annotation2_1{ + Annotator: "magictool-1.1", + AnnotatorType: "Tool", + AnnotationDate: "2018-10-10T17:52:00Z", + AnnotationType: "REVIEW", + AnnotationSPDXIdentifier: "SPDXRef-DOCUMENT", + AnnotationComment: "This is an annotation about the SPDX document", + } + + // what we want to get, as a buffer of bytes + // no trailing blank newline + want := bytes.NewBufferString(`Annotator: Tool: magictool-1.1 +AnnotationDate: 2018-10-10T17:52:00Z +AnnotationType: REVIEW +SPDXREF: SPDXRef-DOCUMENT +AnnotationComment: This is an annotation about the SPDX document +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderAnnotation2_1(ann, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +// note that the annotation has no optional or multiple fields diff --git a/tvsaver/saver2v1/save_creation_info.go b/tvsaver/saver2v1/save_creation_info.go new file mode 100644 index 0000000..1592923 --- /dev/null +++ b/tvsaver/saver2v1/save_creation_info.go @@ -0,0 +1,57 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "fmt" + "io" + + "github.com/spdx/tools-golang/spdx" +) + +func renderCreationInfo2_1(ci *spdx.CreationInfo2_1, w io.Writer) error { + if ci.SPDXVersion != "" { + fmt.Fprintf(w, "SPDXVersion: %s\n", ci.SPDXVersion) + } + if ci.DataLicense != "" { + fmt.Fprintf(w, "DataLicense: %s\n", ci.DataLicense) + } + if ci.SPDXIdentifier != "" { + fmt.Fprintf(w, "SPDXID: %s\n", ci.SPDXIdentifier) + } + if ci.DocumentName != "" { + fmt.Fprintf(w, "DocumentName: %s\n", ci.DocumentName) + } + if ci.DocumentNamespace != "" { + fmt.Fprintf(w, "DocumentNamespace: %s\n", ci.DocumentNamespace) + } + for _, s := range ci.ExternalDocumentReferences { + fmt.Fprintf(w, "ExternalDocumentRef: %s\n", s) + } + if ci.LicenseListVersion != "" { + fmt.Fprintf(w, "LicenseListVersion: %s\n", ci.LicenseListVersion) + } + for _, s := range ci.CreatorPersons { + fmt.Fprintf(w, "Creator: Person: %s\n", s) + } + for _, s := range ci.CreatorOrganizations { + fmt.Fprintf(w, "Creator: Organization: %s\n", s) + } + for _, s := range ci.CreatorTools { + fmt.Fprintf(w, "Creator: Tool: %s\n", s) + } + if ci.Created != "" { + fmt.Fprintf(w, "Created: %s\n", ci.Created) + } + if ci.CreatorComment != "" { + fmt.Fprintf(w, "CreatorComment: %s\n", textify(ci.CreatorComment)) + } + if ci.DocumentComment != "" { + fmt.Fprintf(w, "DocumentComment: %s\n", textify(ci.DocumentComment)) + } + + // add blank newline b/c end of a main section + fmt.Fprintf(w, "\n") + + return nil +} diff --git a/tvsaver/saver2v1/save_creation_info_test.go b/tvsaver/saver2v1/save_creation_info_test.go new file mode 100644 index 0000000..45db057 --- /dev/null +++ b/tvsaver/saver2v1/save_creation_info_test.go @@ -0,0 +1,153 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "bytes" + "testing" + + "github.com/spdx/tools-golang/spdx" +) + +// ===== Creation Info section Saver tests ===== +func TestSaver2_1CISavesText(t *testing.T) { + ci := &spdx.CreationInfo2_1{ + SPDXVersion: "SPDX-2.1", + DataLicense: "CC0-1.0", + SPDXIdentifier: "SPDXRef-DOCUMENT", + DocumentName: "spdx-go-0.0.1.abcdef", + DocumentNamespace: "https://github.com/swinslow/spdx-docs/spdx-go/spdx-go-0.0.1.abcdef.whatever", + ExternalDocumentReferences: []string{ + "DocumentRef-spdx-go-0.0.1a https://github.com/swinslow/spdx-docs/spdx-go/spdx-go-0.0.1a.cdefab.whatever SHA1:0123456701234567012345670123456701234567", + "DocumentRef-time-1.2.3 https://github.com/swinslow/spdx-docs/time/time-1.2.3.cdefab.whatever SHA1:0123456701234567012345670123456701234568", + }, + LicenseListVersion: "2.0", + CreatorPersons: []string{ + "John Doe", + "Jane Doe (janedoe@example.com)", + }, + CreatorOrganizations: []string{ + "John Doe, Inc.", + "Jane Doe LLC", + }, + CreatorTools: []string{ + "magictool1-1.0", + "magictool2-1.0", + "magictool3-1.0", + }, + Created: "2018-10-10T06:20:00Z", + CreatorComment: "this is a creator comment", + DocumentComment: "this is a document comment", + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`SPDXVersion: SPDX-2.1 +DataLicense: CC0-1.0 +SPDXID: SPDXRef-DOCUMENT +DocumentName: spdx-go-0.0.1.abcdef +DocumentNamespace: https://github.com/swinslow/spdx-docs/spdx-go/spdx-go-0.0.1.abcdef.whatever +ExternalDocumentRef: DocumentRef-spdx-go-0.0.1a https://github.com/swinslow/spdx-docs/spdx-go/spdx-go-0.0.1a.cdefab.whatever SHA1:0123456701234567012345670123456701234567 +ExternalDocumentRef: DocumentRef-time-1.2.3 https://github.com/swinslow/spdx-docs/time/time-1.2.3.cdefab.whatever SHA1:0123456701234567012345670123456701234568 +LicenseListVersion: 2.0 +Creator: Person: John Doe +Creator: Person: Jane Doe (janedoe@example.com) +Creator: Organization: John Doe, Inc. +Creator: Organization: Jane Doe LLC +Creator: Tool: magictool1-1.0 +Creator: Tool: magictool2-1.0 +Creator: Tool: magictool3-1.0 +Created: 2018-10-10T06:20:00Z +CreatorComment: this is a creator comment +DocumentComment: this is a document comment + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderCreationInfo2_1(ci, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1CIOmitsOptionalFieldsIfEmpty(t *testing.T) { + // --- need at least one creator; do first for Persons --- + ci1 := &spdx.CreationInfo2_1{ + SPDXVersion: "SPDX-2.1", + DataLicense: "CC0-1.0", + SPDXIdentifier: "SPDXRef-DOCUMENT", + DocumentName: "spdx-go-0.0.1.abcdef", + DocumentNamespace: "https://github.com/swinslow/spdx-docs/spdx-go/spdx-go-0.0.1.abcdef.whatever", + CreatorPersons: []string{ + "John Doe", + }, + Created: "2018-10-10T06:20:00Z", + } + + // what we want to get, as a buffer of bytes + want1 := bytes.NewBufferString(`SPDXVersion: SPDX-2.1 +DataLicense: CC0-1.0 +SPDXID: SPDXRef-DOCUMENT +DocumentName: spdx-go-0.0.1.abcdef +DocumentNamespace: https://github.com/swinslow/spdx-docs/spdx-go/spdx-go-0.0.1.abcdef.whatever +Creator: Person: John Doe +Created: 2018-10-10T06:20:00Z + +`) + + // render as buffer of bytes + var got1 bytes.Buffer + err := renderCreationInfo2_1(ci1, &got1) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c1 := bytes.Compare(want1.Bytes(), got1.Bytes()) + if c1 != 0 { + t.Errorf("Expected %v, got %v", want1.String(), got1.String()) + } + + // --- need at least one creator; now switch to organization --- + ci2 := &spdx.CreationInfo2_1{ + SPDXVersion: "SPDX-2.1", + DataLicense: "CC0-1.0", + SPDXIdentifier: "SPDXRef-DOCUMENT", + DocumentName: "spdx-go-0.0.1.abcdef", + DocumentNamespace: "https://github.com/swinslow/spdx-docs/spdx-go/spdx-go-0.0.1.abcdef.whatever", + CreatorOrganizations: []string{ + "John Doe, Inc.", + }, + Created: "2018-10-10T06:20:00Z", + } + + // what we want to get, as a buffer of bytes + want2 := bytes.NewBufferString(`SPDXVersion: SPDX-2.1 +DataLicense: CC0-1.0 +SPDXID: SPDXRef-DOCUMENT +DocumentName: spdx-go-0.0.1.abcdef +DocumentNamespace: https://github.com/swinslow/spdx-docs/spdx-go/spdx-go-0.0.1.abcdef.whatever +Creator: Organization: John Doe, Inc. +Created: 2018-10-10T06:20:00Z + +`) + + // render as buffer of bytes + var got2 bytes.Buffer + err = renderCreationInfo2_1(ci2, &got2) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c2 := bytes.Compare(want2.Bytes(), got2.Bytes()) + if c2 != 0 { + t.Errorf("Expected %v, got %v", want2.String(), got2.String()) + } +} diff --git a/tvsaver/saver2v1/save_document.go b/tvsaver/saver2v1/save_document.go new file mode 100644 index 0000000..97891f5 --- /dev/null +++ b/tvsaver/saver2v1/save_document.go @@ -0,0 +1,65 @@ +// Package saver2v1 contains functions to render and write a tag-value +// formatted version of an in-memory SPDX document and its sections +// (version 2.1). +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +package saver2v1 + +import ( + "fmt" + "io" + + "github.com/spdx/tools-golang/spdx" +) + +// RenderDocument2_1 is the main entry point to take an SPDX in-memory +// Document (version 2.1), and render it to the received io.Writer. +// It is only exported in order to be available to the tvsaver package, +// and typically does not need to be called by client code. +func RenderDocument2_1(doc *spdx.Document2_1, w io.Writer) error { + if doc.CreationInfo == nil { + return fmt.Errorf("Document had nil CreationInfo section") + } + + renderCreationInfo2_1(doc.CreationInfo, w) + + for _, pkg := range doc.Packages { + if pkg.IsUnpackaged == true { + fmt.Fprintf(w, "##### Unpackaged files\n\n") + } else { + fmt.Fprintf(w, "##### Package: %s\n\n", pkg.PackageName) + } + renderPackage2_1(pkg, w) + } + + if len(doc.OtherLicenses) > 0 { + fmt.Fprintf(w, "##### Other Licenses\n\n") + for _, ol := range doc.OtherLicenses { + renderOtherLicense2_1(ol, w) + } + } + + if len(doc.Relationships) > 0 { + fmt.Fprintf(w, "##### Relationships\n\n") + for _, rln := range doc.Relationships { + renderRelationship2_1(rln, w) + } + fmt.Fprintf(w, "\n") + } + + if len(doc.Annotations) > 0 { + fmt.Fprintf(w, "##### Annotations\n\n") + for _, ann := range doc.Annotations { + renderAnnotation2_1(ann, w) + fmt.Fprintf(w, "\n") + } + } + + if len(doc.Reviews) > 0 { + fmt.Fprintf(w, "##### Reviews\n\n") + for _, rev := range doc.Reviews { + renderReview2_1(rev, w) + } + } + + return nil +} diff --git a/tvsaver/saver2v1/save_document_test.go b/tvsaver/saver2v1/save_document_test.go new file mode 100644 index 0000000..fd47b9c --- /dev/null +++ b/tvsaver/saver2v1/save_document_test.go @@ -0,0 +1,348 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "bytes" + "testing" + + "github.com/spdx/tools-golang/spdx" +) + +// ===== entire Document Saver tests ===== +func TestSaver2_1DocumentSavesText(t *testing.T) { + + // Creation Info section + ci := &spdx.CreationInfo2_1{ + SPDXVersion: "SPDX-2.1", + DataLicense: "CC0-1.0", + SPDXIdentifier: "SPDXRef-DOCUMENT", + DocumentName: "spdx-go-0.0.1.abcdef", + DocumentNamespace: "https://github.com/swinslow/spdx-docs/spdx-go/spdx-go-0.0.1.abcdef.whatever", + CreatorPersons: []string{ + "John Doe", + }, + Created: "2018-10-10T06:20:00Z", + } + + // Package 1: unpackaged files + f1 := &spdx.File2_1{ + FileName: "/tmp/whatever1.txt", + FileSPDXIdentifier: "SPDXRef-File1231", + FileChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983c", + LicenseConcluded: "Apache-2.0", + LicenseInfoInFile: []string{"Apache-2.0"}, + FileCopyrightText: "Copyright (c) Jane Doe", + } + + f2 := &spdx.File2_1{ + FileName: "/tmp/whatever2.txt", + FileSPDXIdentifier: "SPDXRef-File1232", + FileChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983d", + LicenseConcluded: "MIT", + LicenseInfoInFile: []string{"MIT"}, + FileCopyrightText: "Copyright (c) John Doe", + } + + pkgUn := &spdx.Package2_1{ + IsUnpackaged: true, + Files: []*spdx.File2_1{ + f1, + f2, + }, + } + + // Package 2: packaged files with snippets + sn1 := &spdx.Snippet2_1{ + SnippetSPDXIdentifier: "SPDXRef-Snippet19", + SnippetFromFileSPDXIdentifier: "SPDXRef-FileHasSnippets", + SnippetByteRangeStart: 17, + SnippetByteRangeEnd: 209, + SnippetLicenseConcluded: "GPL-2.0-or-later", + SnippetCopyrightText: "Copyright (c) John Doe 20x6", + } + + sn2 := &spdx.Snippet2_1{ + SnippetSPDXIdentifier: "SPDXRef-Snippet20", + SnippetFromFileSPDXIdentifier: "SPDXRef-FileHasSnippets", + SnippetByteRangeStart: 268, + SnippetByteRangeEnd: 309, + SnippetLicenseConcluded: "WTFPL", + SnippetCopyrightText: "NOASSERTION", + } + + f3 := &spdx.File2_1{ + FileName: "/tmp/file-with-snippets.txt", + FileSPDXIdentifier: "SPDXRef-FileHasSnippets", + FileChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983e", + LicenseConcluded: "GPL-2.0-or-later AND WTFPL", + LicenseInfoInFile: []string{ + "Apache-2.0", + "GPL-2.0-or-later", + "WTFPL", + }, + FileCopyrightText: "Copyright (c) Jane Doe", + Snippets: []*spdx.Snippet2_1{ + sn1, + sn2, + }, + } + + f4 := &spdx.File2_1{ + FileName: "/tmp/another-file.txt", + FileSPDXIdentifier: "SPDXRef-FileAnother", + FileChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983f", + LicenseConcluded: "BSD-3-Clause", + LicenseInfoInFile: []string{"BSD-3-Clause"}, + FileCopyrightText: "Copyright (c) Jane Doe LLC", + } + + pkgWith := &spdx.Package2_1{ + IsUnpackaged: false, + PackageName: "p1", + PackageSPDXIdentifier: "SPDXRef-p1", + PackageDownloadLocation: "http://example.com/p1/p1-0.1.0-master.tar.gz", + FilesAnalyzed: true, + IsFilesAnalyzedTagPresent: true, + PackageVerificationCode: "0123456789abcdef0123456789abcdef01234567", + PackageLicenseConcluded: "GPL-2.0-or-later AND BSD-3-Clause AND WTFPL", + PackageLicenseInfoFromFiles: []string{ + "Apache-2.0", + "GPL-2.0-or-later", + "WTFPL", + "BSD-3-Clause", + }, + PackageLicenseDeclared: "Apache-2.0 OR GPL-2.0-or-later", + PackageCopyrightText: "Copyright (c) John Doe, Inc.", + Files: []*spdx.File2_1{ + f3, + f4, + }, + } + + // Other Licenses 1 and 2 + ol1 := &spdx.OtherLicense2_1{ + LicenseIdentifier: "LicenseRef-1", + ExtractedText: `License 1 text +blah blah blah +blah blah blah blah`, + LicenseName: "License 1", + } + + ol2 := &spdx.OtherLicense2_1{ + LicenseIdentifier: "LicenseRef-2", + ExtractedText: `License 2 text - this is a license that does some stuff`, + LicenseName: "License 2", + } + + // Relationships + rln1 := &spdx.Relationship2_1{ + RefA: "SPDXRef-DOCUMENT", + RefB: "SPDXRef-p1", + Relationship: "DESCRIBES", + } + + rln2 := &spdx.Relationship2_1{ + RefA: "SPDXRef-DOCUMENT", + RefB: "SPDXRef-File1231", + Relationship: "DESCRIBES", + } + + rln3 := &spdx.Relationship2_1{ + RefA: "SPDXRef-DOCUMENT", + RefB: "SPDXRef-File1232", + Relationship: "DESCRIBES", + } + + // Annotations + ann1 := &spdx.Annotation2_1{ + Annotator: "John Doe", + AnnotatorType: "Person", + AnnotationDate: "2018-10-10T17:52:00Z", + AnnotationType: "REVIEW", + AnnotationSPDXIdentifier: "SPDXRef-DOCUMENT", + AnnotationComment: "This is an annotation about the SPDX document", + } + + ann2 := &spdx.Annotation2_1{ + Annotator: "John Doe, Inc.", + AnnotatorType: "Organization", + AnnotationDate: "2018-10-10T17:52:00Z", + AnnotationType: "REVIEW", + AnnotationSPDXIdentifier: "SPDXRef-p1", + AnnotationComment: "This is an annotation about Package p1", + } + + // Reviews + rev1 := &spdx.Review2_1{ + Reviewer: "John Doe", + ReviewerType: "Person", + ReviewDate: "2018-10-14T10:28:00Z", + } + rev2 := &spdx.Review2_1{ + Reviewer: "Jane Doe LLC", + ReviewerType: "Organization", + ReviewDate: "2018-10-14T10:28:00Z", + ReviewComment: "I have reviewed this SPDX document and it is awesome", + } + + // now, build the document + doc := &spdx.Document2_1{ + CreationInfo: ci, + Packages: []*spdx.Package2_1{ + pkgUn, + pkgWith, + }, + OtherLicenses: []*spdx.OtherLicense2_1{ + ol1, + ol2, + }, + Relationships: []*spdx.Relationship2_1{ + rln1, + rln2, + rln3, + }, + Annotations: []*spdx.Annotation2_1{ + ann1, + ann2, + }, + Reviews: []*spdx.Review2_1{ + rev1, + rev2, + }, + } + + want := bytes.NewBufferString(`SPDXVersion: SPDX-2.1 +DataLicense: CC0-1.0 +SPDXID: SPDXRef-DOCUMENT +DocumentName: spdx-go-0.0.1.abcdef +DocumentNamespace: https://github.com/swinslow/spdx-docs/spdx-go/spdx-go-0.0.1.abcdef.whatever +Creator: Person: John Doe +Created: 2018-10-10T06:20:00Z + +##### Unpackaged files + +FileName: /tmp/whatever1.txt +SPDXID: SPDXRef-File1231 +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +LicenseConcluded: Apache-2.0 +LicenseInfoInFile: Apache-2.0 +FileCopyrightText: Copyright (c) Jane Doe + +FileName: /tmp/whatever2.txt +SPDXID: SPDXRef-File1232 +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983d +LicenseConcluded: MIT +LicenseInfoInFile: MIT +FileCopyrightText: Copyright (c) John Doe + +##### Package: p1 + +PackageName: p1 +SPDXID: SPDXRef-p1 +PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz +FilesAnalyzed: true +PackageVerificationCode: 0123456789abcdef0123456789abcdef01234567 +PackageLicenseConcluded: GPL-2.0-or-later AND BSD-3-Clause AND WTFPL +PackageLicenseInfoFromFiles: Apache-2.0 +PackageLicenseInfoFromFiles: GPL-2.0-or-later +PackageLicenseInfoFromFiles: WTFPL +PackageLicenseInfoFromFiles: BSD-3-Clause +PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later +PackageCopyrightText: Copyright (c) John Doe, Inc. + +FileName: /tmp/file-with-snippets.txt +SPDXID: SPDXRef-FileHasSnippets +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983e +LicenseConcluded: GPL-2.0-or-later AND WTFPL +LicenseInfoInFile: Apache-2.0 +LicenseInfoInFile: GPL-2.0-or-later +LicenseInfoInFile: WTFPL +FileCopyrightText: Copyright (c) Jane Doe + +SnippetSPDXIdentifier: SPDXRef-Snippet19 +SnippetFromFileSPDXID: SPDXRef-FileHasSnippets +SnippetByteRange: 17:209 +SnippetLicenseConcluded: GPL-2.0-or-later +SnippetCopyrightText: Copyright (c) John Doe 20x6 + +SnippetSPDXIdentifier: SPDXRef-Snippet20 +SnippetFromFileSPDXID: SPDXRef-FileHasSnippets +SnippetByteRange: 268:309 +SnippetLicenseConcluded: WTFPL +SnippetCopyrightText: NOASSERTION + +FileName: /tmp/another-file.txt +SPDXID: SPDXRef-FileAnother +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983f +LicenseConcluded: BSD-3-Clause +LicenseInfoInFile: BSD-3-Clause +FileCopyrightText: Copyright (c) Jane Doe LLC + +##### Other Licenses + +LicenseID: LicenseRef-1 +ExtractedText: <text>License 1 text +blah blah blah +blah blah blah blah</text> +LicenseName: License 1 + +LicenseID: LicenseRef-2 +ExtractedText: License 2 text - this is a license that does some stuff +LicenseName: License 2 + +##### Relationships + +Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-p1 +Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-File1231 +Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-File1232 + +##### Annotations + +Annotator: Person: John Doe +AnnotationDate: 2018-10-10T17:52:00Z +AnnotationType: REVIEW +SPDXREF: SPDXRef-DOCUMENT +AnnotationComment: This is an annotation about the SPDX document + +Annotator: Organization: John Doe, Inc. +AnnotationDate: 2018-10-10T17:52:00Z +AnnotationType: REVIEW +SPDXREF: SPDXRef-p1 +AnnotationComment: This is an annotation about Package p1 + +##### Reviews + +Reviewer: Person: John Doe +ReviewDate: 2018-10-14T10:28:00Z + +Reviewer: Organization: Jane Doe LLC +ReviewDate: 2018-10-14T10:28:00Z +ReviewComment: I have reviewed this SPDX document and it is awesome + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := RenderDocument2_1(doc, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected {{{%v}}}, got {{{%v}}}", want.String(), got.String()) + } + +} + +func TestSaver2_1DocumentReturnsErrorIfNilCreationInfo(t *testing.T) { + doc := &spdx.Document2_1{} + + var got bytes.Buffer + err := RenderDocument2_1(doc, &got) + if err == nil { + t.Errorf("Expected error, got nil") + } +} diff --git a/tvsaver/saver2v1/save_file.go b/tvsaver/saver2v1/save_file.go new file mode 100644 index 0000000..a8b50f0 --- /dev/null +++ b/tvsaver/saver2v1/save_file.go @@ -0,0 +1,73 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "fmt" + "io" + + "github.com/spdx/tools-golang/spdx" +) + +func renderFile2_1(f *spdx.File2_1, w io.Writer) error { + if f.FileName != "" { + fmt.Fprintf(w, "FileName: %s\n", f.FileName) + } + if f.FileSPDXIdentifier != "" { + fmt.Fprintf(w, "SPDXID: %s\n", f.FileSPDXIdentifier) + } + for _, s := range f.FileType { + fmt.Fprintf(w, "FileType: %s\n", s) + } + if f.FileChecksumSHA1 != "" { + fmt.Fprintf(w, "FileChecksum: SHA1: %s\n", f.FileChecksumSHA1) + } + if f.FileChecksumSHA256 != "" { + fmt.Fprintf(w, "FileChecksum: SHA256: %s\n", f.FileChecksumSHA256) + } + if f.FileChecksumMD5 != "" { + fmt.Fprintf(w, "FileChecksum: MD5: %s\n", f.FileChecksumMD5) + } + if f.LicenseConcluded != "" { + fmt.Fprintf(w, "LicenseConcluded: %s\n", f.LicenseConcluded) + } + for _, s := range f.LicenseInfoInFile { + fmt.Fprintf(w, "LicenseInfoInFile: %s\n", s) + } + if f.LicenseComments != "" { + fmt.Fprintf(w, "LicenseComments: %s\n", f.LicenseComments) + } + if f.FileCopyrightText != "" { + fmt.Fprintf(w, "FileCopyrightText: %s\n", textify(f.FileCopyrightText)) + } + for _, aop := range f.ArtifactOfProjects { + fmt.Fprintf(w, "ArtifactOfProjectName: %s\n", aop.Name) + if aop.HomePage != "" { + fmt.Fprintf(w, "ArtifactOfProjectHomePage: %s\n", aop.HomePage) + } + if aop.URI != "" { + fmt.Fprintf(w, "ArtifactOfProjectURI: %s\n", aop.URI) + } + } + if f.FileComment != "" { + fmt.Fprintf(w, "FileComment: %s\n", f.FileComment) + } + if f.FileNotice != "" { + fmt.Fprintf(w, "FileNotice: %s\n", f.FileNotice) + } + for _, s := range f.FileContributor { + fmt.Fprintf(w, "FileContributor: %s\n", s) + } + for _, s := range f.FileDependencies { + fmt.Fprintf(w, "FileDependency: %s\n", s) + } + + fmt.Fprintf(w, "\n") + + // also render any snippets for this file + for _, s := range f.Snippets { + renderSnippet2_1(s, w) + } + + return nil +} diff --git a/tvsaver/saver2v1/save_file_test.go b/tvsaver/saver2v1/save_file_test.go new file mode 100644 index 0000000..7b9fb87 --- /dev/null +++ b/tvsaver/saver2v1/save_file_test.go @@ -0,0 +1,249 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "bytes" + "testing" + + "github.com/spdx/tools-golang/spdx" +) + +// ===== File section Saver tests ===== +func TestSaver2_1FileSavesText(t *testing.T) { + f := &spdx.File2_1{ + FileName: "/tmp/whatever.txt", + FileSPDXIdentifier: "SPDXRef-File123", + FileType: []string{ + "TEXT", + "DOCUMENTATION", + }, + FileChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983c", + FileChecksumSHA256: "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd", + FileChecksumMD5: "624c1abb3664f4b35547e7c73864ad24", + LicenseConcluded: "Apache-2.0", + LicenseInfoInFile: []string{ + "Apache-2.0", + "Apache-1.1", + }, + LicenseComments: "this is a license comment(s)", + FileCopyrightText: "Copyright (c) Jane Doe", + ArtifactOfProjects: []*spdx.ArtifactOfProject2_1{ + &spdx.ArtifactOfProject2_1{ + Name: "project1", + HomePage: "http://example.com/1/", + URI: "http://example.com/1/uri.whatever", + }, + &spdx.ArtifactOfProject2_1{ + Name: "project2", + }, + &spdx.ArtifactOfProject2_1{ + Name: "project3", + HomePage: "http://example.com/3/", + }, + &spdx.ArtifactOfProject2_1{ + Name: "project4", + URI: "http://example.com/4/uri.whatever", + }, + }, + FileComment: "this is a file comment", + FileNotice: "This file may be used under either Apache-2.0 or Apache-1.1.", + FileContributor: []string{ + "John Doe jdoe@example.com", + "EvilCorp", + }, + FileDependencies: []string{ + "f-1.txt", + "g.txt", + }, + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`FileName: /tmp/whatever.txt +SPDXID: SPDXRef-File123 +FileType: TEXT +FileType: DOCUMENTATION +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +FileChecksum: SHA256: 11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd +FileChecksum: MD5: 624c1abb3664f4b35547e7c73864ad24 +LicenseConcluded: Apache-2.0 +LicenseInfoInFile: Apache-2.0 +LicenseInfoInFile: Apache-1.1 +LicenseComments: this is a license comment(s) +FileCopyrightText: Copyright (c) Jane Doe +ArtifactOfProjectName: project1 +ArtifactOfProjectHomePage: http://example.com/1/ +ArtifactOfProjectURI: http://example.com/1/uri.whatever +ArtifactOfProjectName: project2 +ArtifactOfProjectName: project3 +ArtifactOfProjectHomePage: http://example.com/3/ +ArtifactOfProjectName: project4 +ArtifactOfProjectURI: http://example.com/4/uri.whatever +FileComment: this is a file comment +FileNotice: This file may be used under either Apache-2.0 or Apache-1.1. +FileContributor: John Doe jdoe@example.com +FileContributor: EvilCorp +FileDependency: f-1.txt +FileDependency: g.txt + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderFile2_1(f, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1FileSavesSnippetsAlso(t *testing.T) { + sn1 := &spdx.Snippet2_1{ + SnippetSPDXIdentifier: "SPDXRef-Snippet19", + SnippetFromFileSPDXIdentifier: "SPDXRef-File123", + SnippetByteRangeStart: 17, + SnippetByteRangeEnd: 209, + SnippetLicenseConcluded: "GPL-2.0-or-later", + SnippetCopyrightText: "Copyright (c) John Doe 20x6", + } + + sn2 := &spdx.Snippet2_1{ + SnippetSPDXIdentifier: "SPDXRef-Snippet20", + SnippetFromFileSPDXIdentifier: "SPDXRef-File123", + SnippetByteRangeStart: 268, + SnippetByteRangeEnd: 309, + SnippetLicenseConcluded: "WTFPL", + SnippetCopyrightText: "NOASSERTION", + } + + sns := []*spdx.Snippet2_1{ + sn1, + sn2, + } + + f := &spdx.File2_1{ + FileName: "/tmp/whatever.txt", + FileSPDXIdentifier: "SPDXRef-File123", + FileChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983c", + LicenseConcluded: "Apache-2.0", + LicenseInfoInFile: []string{ + "Apache-2.0", + }, + FileCopyrightText: "Copyright (c) Jane Doe", + Snippets: sns, + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`FileName: /tmp/whatever.txt +SPDXID: SPDXRef-File123 +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +LicenseConcluded: Apache-2.0 +LicenseInfoInFile: Apache-2.0 +FileCopyrightText: Copyright (c) Jane Doe + +SnippetSPDXIdentifier: SPDXRef-Snippet19 +SnippetFromFileSPDXID: SPDXRef-File123 +SnippetByteRange: 17:209 +SnippetLicenseConcluded: GPL-2.0-or-later +SnippetCopyrightText: Copyright (c) John Doe 20x6 + +SnippetSPDXIdentifier: SPDXRef-Snippet20 +SnippetFromFileSPDXID: SPDXRef-File123 +SnippetByteRange: 268:309 +SnippetLicenseConcluded: WTFPL +SnippetCopyrightText: NOASSERTION + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderFile2_1(f, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1FileOmitsOptionalFieldsIfEmpty(t *testing.T) { + f := &spdx.File2_1{ + FileName: "/tmp/whatever.txt", + FileSPDXIdentifier: "SPDXRef-File123", + FileChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983c", + LicenseConcluded: "Apache-2.0", + LicenseInfoInFile: []string{ + "Apache-2.0", + }, + FileCopyrightText: "Copyright (c) Jane Doe", + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`FileName: /tmp/whatever.txt +SPDXID: SPDXRef-File123 +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +LicenseConcluded: Apache-2.0 +LicenseInfoInFile: Apache-2.0 +FileCopyrightText: Copyright (c) Jane Doe + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderFile2_1(f, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1FileWrapsCopyrightMultiLine(t *testing.T) { + f := &spdx.File2_1{ + FileName: "/tmp/whatever.txt", + FileSPDXIdentifier: "SPDXRef-File123", + FileChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983c", + LicenseConcluded: "Apache-2.0", + LicenseInfoInFile: []string{ + "Apache-2.0", + }, + FileCopyrightText: `Copyright (c) Jane Doe +Copyright (c) John Doe`, + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`FileName: /tmp/whatever.txt +SPDXID: SPDXRef-File123 +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +LicenseConcluded: Apache-2.0 +LicenseInfoInFile: Apache-2.0 +FileCopyrightText: <text>Copyright (c) Jane Doe +Copyright (c) John Doe</text> + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderFile2_1(f, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} diff --git a/tvsaver/saver2v1/save_other_license.go b/tvsaver/saver2v1/save_other_license.go new file mode 100644 index 0000000..ea48b80 --- /dev/null +++ b/tvsaver/saver2v1/save_other_license.go @@ -0,0 +1,32 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "fmt" + "io" + + "github.com/spdx/tools-golang/spdx" +) + +func renderOtherLicense2_1(ol *spdx.OtherLicense2_1, w io.Writer) error { + if ol.LicenseIdentifier != "" { + fmt.Fprintf(w, "LicenseID: %s\n", ol.LicenseIdentifier) + } + if ol.ExtractedText != "" { + fmt.Fprintf(w, "ExtractedText: %s\n", textify(ol.ExtractedText)) + } + if ol.LicenseName != "" { + fmt.Fprintf(w, "LicenseName: %s\n", ol.LicenseName) + } + for _, s := range ol.LicenseCrossReferences { + fmt.Fprintf(w, "LicenseCrossReference: %s\n", s) + } + if ol.LicenseComment != "" { + fmt.Fprintf(w, "LicenseComment: %s\n", textify(ol.LicenseComment)) + } + + fmt.Fprintf(w, "\n") + + return nil +} diff --git a/tvsaver/saver2v1/save_other_license_test.go b/tvsaver/saver2v1/save_other_license_test.go new file mode 100644 index 0000000..5feb96e --- /dev/null +++ b/tvsaver/saver2v1/save_other_license_test.go @@ -0,0 +1,83 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "bytes" + "testing" + + "github.com/spdx/tools-golang/spdx" +) + +// ===== Other License section Saver tests ===== +func TestSaver2_1OtherLicenseSavesText(t *testing.T) { + ol := &spdx.OtherLicense2_1{ + LicenseIdentifier: "LicenseRef-1", + ExtractedText: `License 1 text +blah blah blah +blah blah blah blah`, + LicenseName: "License 1", + LicenseCrossReferences: []string{ + "http://example.com/License1/", + "http://example.com/License1AnotherURL/", + }, + LicenseComment: "this is a license comment", + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`LicenseID: LicenseRef-1 +ExtractedText: <text>License 1 text +blah blah blah +blah blah blah blah</text> +LicenseName: License 1 +LicenseCrossReference: http://example.com/License1/ +LicenseCrossReference: http://example.com/License1AnotherURL/ +LicenseComment: this is a license comment + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderOtherLicense2_1(ol, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1OtherLicenseOmitsOptionalFieldsIfEmpty(t *testing.T) { + ol := &spdx.OtherLicense2_1{ + LicenseIdentifier: "LicenseRef-1", + ExtractedText: `License 1 text +blah blah blah +blah blah blah blah`, + LicenseName: "License 1", + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`LicenseID: LicenseRef-1 +ExtractedText: <text>License 1 text +blah blah blah +blah blah blah blah</text> +LicenseName: License 1 + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderOtherLicense2_1(ol, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} diff --git a/tvsaver/saver2v1/save_package.go b/tvsaver/saver2v1/save_package.go new file mode 100644 index 0000000..3c83547 --- /dev/null +++ b/tvsaver/saver2v1/save_package.go @@ -0,0 +1,118 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "fmt" + "io" + + "github.com/spdx/tools-golang/spdx" +) + +func renderPackage2_1(pkg *spdx.Package2_1, w io.Writer) error { + if pkg.IsUnpackaged == false { + if pkg.PackageName != "" { + fmt.Fprintf(w, "PackageName: %s\n", pkg.PackageName) + } + if pkg.PackageSPDXIdentifier != "" { + fmt.Fprintf(w, "SPDXID: %s\n", pkg.PackageSPDXIdentifier) + } + if pkg.PackageVersion != "" { + fmt.Fprintf(w, "PackageVersion: %s\n", pkg.PackageVersion) + } + if pkg.PackageFileName != "" { + fmt.Fprintf(w, "PackageFileName: %s\n", pkg.PackageFileName) + } + if pkg.PackageSupplierPerson != "" { + fmt.Fprintf(w, "PackageSupplier: Person: %s\n", pkg.PackageSupplierPerson) + } + if pkg.PackageSupplierOrganization != "" { + fmt.Fprintf(w, "PackageSupplier: Organization: %s\n", pkg.PackageSupplierOrganization) + } + if pkg.PackageSupplierNOASSERTION == true { + fmt.Fprintf(w, "PackageSupplier: NOASSERTION\n") + } + if pkg.PackageOriginatorPerson != "" { + fmt.Fprintf(w, "PackageOriginator: Person: %s\n", pkg.PackageOriginatorPerson) + } + if pkg.PackageOriginatorOrganization != "" { + fmt.Fprintf(w, "PackageOriginator: Organization: %s\n", pkg.PackageOriginatorOrganization) + } + if pkg.PackageOriginatorNOASSERTION == true { + fmt.Fprintf(w, "PackageOriginator: NOASSERTION\n") + } + if pkg.PackageDownloadLocation != "" { + fmt.Fprintf(w, "PackageDownloadLocation: %s\n", pkg.PackageDownloadLocation) + } + if pkg.FilesAnalyzed == true { + if pkg.IsFilesAnalyzedTagPresent == true { + fmt.Fprintf(w, "FilesAnalyzed: true\n") + } + } else { + fmt.Fprintf(w, "FilesAnalyzed: false\n") + } + if pkg.PackageVerificationCode != "" && pkg.FilesAnalyzed == true { + if pkg.PackageVerificationCodeExcludedFile == "" { + fmt.Fprintf(w, "PackageVerificationCode: %s\n", pkg.PackageVerificationCode) + } else { + fmt.Fprintf(w, "PackageVerificationCode: %s (excludes %s)\n", pkg.PackageVerificationCode, pkg.PackageVerificationCodeExcludedFile) + } + } + if pkg.PackageChecksumSHA1 != "" { + fmt.Fprintf(w, "PackageChecksum: SHA1: %s\n", pkg.PackageChecksumSHA1) + } + if pkg.PackageChecksumSHA256 != "" { + fmt.Fprintf(w, "PackageChecksum: SHA256: %s\n", pkg.PackageChecksumSHA256) + } + if pkg.PackageChecksumMD5 != "" { + fmt.Fprintf(w, "PackageChecksum: MD5: %s\n", pkg.PackageChecksumMD5) + } + if pkg.PackageHomePage != "" { + fmt.Fprintf(w, "PackageHomePage: %s\n", pkg.PackageHomePage) + } + if pkg.PackageSourceInfo != "" { + fmt.Fprintf(w, "PackageSourceInfo: %s\n", textify(pkg.PackageSourceInfo)) + } + if pkg.PackageLicenseConcluded != "" { + fmt.Fprintf(w, "PackageLicenseConcluded: %s\n", pkg.PackageLicenseConcluded) + } + if pkg.FilesAnalyzed == true { + for _, s := range pkg.PackageLicenseInfoFromFiles { + fmt.Fprintf(w, "PackageLicenseInfoFromFiles: %s\n", s) + } + } + if pkg.PackageLicenseDeclared != "" { + fmt.Fprintf(w, "PackageLicenseDeclared: %s\n", pkg.PackageLicenseDeclared) + } + if pkg.PackageLicenseComments != "" { + fmt.Fprintf(w, "PackageLicenseComments: %s\n", textify(pkg.PackageLicenseComments)) + } + if pkg.PackageCopyrightText != "" { + fmt.Fprintf(w, "PackageCopyrightText: %s\n", pkg.PackageCopyrightText) + } + if pkg.PackageSummary != "" { + fmt.Fprintf(w, "PackageSummary: %s\n", textify(pkg.PackageSummary)) + } + if pkg.PackageDescription != "" { + fmt.Fprintf(w, "PackageDescription: %s\n", textify(pkg.PackageDescription)) + } + if pkg.PackageComment != "" { + fmt.Fprintf(w, "PackageComment: %s\n", textify(pkg.PackageComment)) + } + for _, s := range pkg.PackageExternalReferences { + fmt.Fprintf(w, "ExternalRef: %s %s %s\n", s.Category, s.RefType, s.Locator) + if s.ExternalRefComment != "" { + fmt.Fprintf(w, "ExternalRefComment: %s\n", s.ExternalRefComment) + } + } + + fmt.Fprintf(w, "\n") + } + + // also render any files for this package, even if unpackaged + for _, f := range pkg.Files { + renderFile2_1(f, w) + } + + return nil +} diff --git a/tvsaver/saver2v1/save_package_test.go b/tvsaver/saver2v1/save_package_test.go new file mode 100644 index 0000000..deb80a8 --- /dev/null +++ b/tvsaver/saver2v1/save_package_test.go @@ -0,0 +1,488 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "bytes" + "testing" + + "github.com/spdx/tools-golang/spdx" +) + +// ===== Package section Saver tests ===== +func TestSaver2_1PackageSavesTextCombo1(t *testing.T) { + // include package external refs + // test Supplier:Organization, Originator:Person + // FilesAnalyzed true, IsFilesAnalyzedTagPresent true + // PackageVerificationCodeExcludedFile has string + + // NOTE, this is an entirely made up CPE and the format is likely invalid + per1 := &spdx.PackageExternalReference2_1{ + Category: "SECURITY", + RefType: "cpe22Type", + Locator: "cpe:/a:john_doe_inc:p1:0.1.0", + ExternalRefComment: "this is an external ref comment #1", + } + + // NOTE, this is an entirely made up NPM + per2 := &spdx.PackageExternalReference2_1{ + Category: "PACKAGE-MANAGER", + RefType: "npm", + Locator: "p1@0.1.0", + // no ExternalRefComment for this one + } + + per3 := &spdx.PackageExternalReference2_1{ + Category: "OTHER", + RefType: "anything", + Locator: "anything-without-spaces-can-go-here", + // no ExternalRefComment for this one + } + + pkg := &spdx.Package2_1{ + IsUnpackaged: false, + PackageName: "p1", + PackageSPDXIdentifier: "SPDXRef-p1", + PackageVersion: "0.1.0", + PackageFileName: "p1-0.1.0-master.tar.gz", + PackageSupplierOrganization: "John Doe, Inc.", + PackageOriginatorPerson: "John Doe", + PackageDownloadLocation: "http://example.com/p1/p1-0.1.0-master.tar.gz", + FilesAnalyzed: true, + IsFilesAnalyzedTagPresent: true, + PackageVerificationCode: "0123456789abcdef0123456789abcdef01234567", + PackageVerificationCodeExcludedFile: "p1-0.1.0.spdx", + PackageChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983c", + PackageChecksumSHA256: "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd", + PackageChecksumMD5: "624c1abb3664f4b35547e7c73864ad24", + PackageHomePage: "http://example.com/p1", + PackageSourceInfo: "this is a source comment", + PackageLicenseConcluded: "GPL-2.0-or-later", + PackageLicenseInfoFromFiles: []string{ + "Apache-1.1", + "Apache-2.0", + "GPL-2.0-or-later", + }, + PackageLicenseDeclared: "Apache-2.0 OR GPL-2.0-or-later", + PackageLicenseComments: "this is a license comment(s)", + PackageCopyrightText: "Copyright (c) John Doe, Inc.", + PackageSummary: "this is a summary comment", + PackageDescription: "this is a description comment", + PackageComment: "this is a comment comment", + PackageExternalReferences: []*spdx.PackageExternalReference2_1{ + per1, + per2, + per3, + }, + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`PackageName: p1 +SPDXID: SPDXRef-p1 +PackageVersion: 0.1.0 +PackageFileName: p1-0.1.0-master.tar.gz +PackageSupplier: Organization: John Doe, Inc. +PackageOriginator: Person: John Doe +PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz +FilesAnalyzed: true +PackageVerificationCode: 0123456789abcdef0123456789abcdef01234567 (excludes p1-0.1.0.spdx) +PackageChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +PackageChecksum: SHA256: 11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd +PackageChecksum: MD5: 624c1abb3664f4b35547e7c73864ad24 +PackageHomePage: http://example.com/p1 +PackageSourceInfo: this is a source comment +PackageLicenseConcluded: GPL-2.0-or-later +PackageLicenseInfoFromFiles: Apache-1.1 +PackageLicenseInfoFromFiles: Apache-2.0 +PackageLicenseInfoFromFiles: GPL-2.0-or-later +PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later +PackageLicenseComments: this is a license comment(s) +PackageCopyrightText: Copyright (c) John Doe, Inc. +PackageSummary: this is a summary comment +PackageDescription: this is a description comment +PackageComment: this is a comment comment +ExternalRef: SECURITY cpe22Type cpe:/a:john_doe_inc:p1:0.1.0 +ExternalRefComment: this is an external ref comment #1 +ExternalRef: PACKAGE-MANAGER npm p1@0.1.0 +ExternalRef: OTHER anything anything-without-spaces-can-go-here + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderPackage2_1(pkg, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1PackageSavesTextCombo2(t *testing.T) { + // no package external refs + // test Supplier:NOASSERTION, Originator:Organization + // FilesAnalyzed true, IsFilesAnalyzedTagPresent false + // PackageVerificationCodeExcludedFile is empty + + pkg := &spdx.Package2_1{ + IsUnpackaged: false, + PackageName: "p1", + PackageSPDXIdentifier: "SPDXRef-p1", + PackageVersion: "0.1.0", + PackageFileName: "p1-0.1.0-master.tar.gz", + PackageSupplierNOASSERTION: true, + PackageOriginatorOrganization: "John Doe, Inc.", + PackageDownloadLocation: "http://example.com/p1/p1-0.1.0-master.tar.gz", + FilesAnalyzed: true, + IsFilesAnalyzedTagPresent: false, + PackageVerificationCode: "0123456789abcdef0123456789abcdef01234567", + PackageChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983c", + PackageChecksumSHA256: "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd", + PackageChecksumMD5: "624c1abb3664f4b35547e7c73864ad24", + PackageHomePage: "http://example.com/p1", + PackageSourceInfo: "this is a source comment", + PackageLicenseConcluded: "GPL-2.0-or-later", + PackageLicenseInfoFromFiles: []string{ + "Apache-1.1", + "Apache-2.0", + "GPL-2.0-or-later", + }, + PackageLicenseDeclared: "Apache-2.0 OR GPL-2.0-or-later", + PackageLicenseComments: "this is a license comment(s)", + PackageCopyrightText: "Copyright (c) John Doe, Inc.", + PackageSummary: "this is a summary comment", + PackageDescription: "this is a description comment", + PackageComment: "this is a comment comment", + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`PackageName: p1 +SPDXID: SPDXRef-p1 +PackageVersion: 0.1.0 +PackageFileName: p1-0.1.0-master.tar.gz +PackageSupplier: NOASSERTION +PackageOriginator: Organization: John Doe, Inc. +PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz +PackageVerificationCode: 0123456789abcdef0123456789abcdef01234567 +PackageChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +PackageChecksum: SHA256: 11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd +PackageChecksum: MD5: 624c1abb3664f4b35547e7c73864ad24 +PackageHomePage: http://example.com/p1 +PackageSourceInfo: this is a source comment +PackageLicenseConcluded: GPL-2.0-or-later +PackageLicenseInfoFromFiles: Apache-1.1 +PackageLicenseInfoFromFiles: Apache-2.0 +PackageLicenseInfoFromFiles: GPL-2.0-or-later +PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later +PackageLicenseComments: this is a license comment(s) +PackageCopyrightText: Copyright (c) John Doe, Inc. +PackageSummary: this is a summary comment +PackageDescription: this is a description comment +PackageComment: this is a comment comment + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderPackage2_1(pkg, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1PackageSavesTextCombo3(t *testing.T) { + // no package external refs + // test Supplier:Person, Originator:NOASSERTION + // FilesAnalyzed false, IsFilesAnalyzedTagPresent true + // PackageVerificationCodeExcludedFile is empty + + pkg := &spdx.Package2_1{ + IsUnpackaged: false, + PackageName: "p1", + PackageSPDXIdentifier: "SPDXRef-p1", + PackageVersion: "0.1.0", + PackageFileName: "p1-0.1.0-master.tar.gz", + PackageSupplierPerson: "John Doe", + PackageOriginatorNOASSERTION: true, + PackageDownloadLocation: "http://example.com/p1/p1-0.1.0-master.tar.gz", + FilesAnalyzed: false, + IsFilesAnalyzedTagPresent: true, + // NOTE that verification code MUST be omitted from output + // since FilesAnalyzed is false + PackageVerificationCode: "0123456789abcdef0123456789abcdef01234567", + PackageChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983c", + PackageChecksumSHA256: "11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd", + PackageChecksumMD5: "624c1abb3664f4b35547e7c73864ad24", + PackageHomePage: "http://example.com/p1", + PackageSourceInfo: "this is a source comment", + PackageLicenseConcluded: "GPL-2.0-or-later", + // NOTE that license info from files MUST be omitted from output + // since FilesAnalyzed is false + PackageLicenseInfoFromFiles: []string{ + "Apache-1.1", + "Apache-2.0", + "GPL-2.0-or-later", + }, + PackageLicenseDeclared: "Apache-2.0 OR GPL-2.0-or-later", + PackageLicenseComments: "this is a license comment(s)", + PackageCopyrightText: "Copyright (c) John Doe, Inc.", + PackageSummary: "this is a summary comment", + PackageDescription: "this is a description comment", + PackageComment: "this is a comment comment", + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`PackageName: p1 +SPDXID: SPDXRef-p1 +PackageVersion: 0.1.0 +PackageFileName: p1-0.1.0-master.tar.gz +PackageSupplier: Person: John Doe +PackageOriginator: NOASSERTION +PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz +FilesAnalyzed: false +PackageChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +PackageChecksum: SHA256: 11b6d3ee554eedf79299905a98f9b9a04e498210b59f15094c916c91d150efcd +PackageChecksum: MD5: 624c1abb3664f4b35547e7c73864ad24 +PackageHomePage: http://example.com/p1 +PackageSourceInfo: this is a source comment +PackageLicenseConcluded: GPL-2.0-or-later +PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later +PackageLicenseComments: this is a license comment(s) +PackageCopyrightText: Copyright (c) John Doe, Inc. +PackageSummary: this is a summary comment +PackageDescription: this is a description comment +PackageComment: this is a comment comment + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderPackage2_1(pkg, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1PackageSaveOmitsOptionalFieldsIfEmpty(t *testing.T) { + pkg := &spdx.Package2_1{ + IsUnpackaged: false, + PackageName: "p1", + PackageSPDXIdentifier: "SPDXRef-p1", + PackageDownloadLocation: "http://example.com/p1/p1-0.1.0-master.tar.gz", + FilesAnalyzed: false, + IsFilesAnalyzedTagPresent: true, + // NOTE that verification code MUST be omitted from output, + // even if present in model, since FilesAnalyzed is false + PackageLicenseConcluded: "GPL-2.0-or-later", + // NOTE that license info from files MUST be omitted from output + // even if present in model, since FilesAnalyzed is false + PackageLicenseInfoFromFiles: []string{ + "Apache-1.1", + "Apache-2.0", + "GPL-2.0-or-later", + }, + PackageLicenseDeclared: "Apache-2.0 OR GPL-2.0-or-later", + PackageCopyrightText: "Copyright (c) John Doe, Inc.", + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`PackageName: p1 +SPDXID: SPDXRef-p1 +PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz +FilesAnalyzed: false +PackageLicenseConcluded: GPL-2.0-or-later +PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later +PackageCopyrightText: Copyright (c) John Doe, Inc. + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderPackage2_1(pkg, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1PackageSavesFilesIfPresent(t *testing.T) { + f1 := &spdx.File2_1{ + FileName: "/tmp/whatever1.txt", + FileSPDXIdentifier: "SPDXRef-File1231", + FileChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983c", + LicenseConcluded: "Apache-2.0", + LicenseInfoInFile: []string{"Apache-2.0"}, + FileCopyrightText: "Copyright (c) Jane Doe", + } + + f2 := &spdx.File2_1{ + FileName: "/tmp/whatever2.txt", + FileSPDXIdentifier: "SPDXRef-File1232", + FileChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983d", + LicenseConcluded: "MIT", + LicenseInfoInFile: []string{"MIT"}, + FileCopyrightText: "Copyright (c) John Doe", + } + + pkg := &spdx.Package2_1{ + IsUnpackaged: false, + PackageName: "p1", + PackageSPDXIdentifier: "SPDXRef-p1", + PackageDownloadLocation: "http://example.com/p1/p1-0.1.0-master.tar.gz", + FilesAnalyzed: false, + IsFilesAnalyzedTagPresent: true, + // NOTE that verification code MUST be omitted from output, + // even if present in model, since FilesAnalyzed is false + PackageLicenseConcluded: "GPL-2.0-or-later", + // NOTE that license info from files MUST be omitted from output + // even if present in model, since FilesAnalyzed is false + PackageLicenseInfoFromFiles: []string{ + "Apache-1.1", + "Apache-2.0", + "GPL-2.0-or-later", + }, + PackageLicenseDeclared: "Apache-2.0 OR GPL-2.0-or-later", + PackageCopyrightText: "Copyright (c) John Doe, Inc.", + Files: []*spdx.File2_1{ + f1, + f2, + }, + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`PackageName: p1 +SPDXID: SPDXRef-p1 +PackageDownloadLocation: http://example.com/p1/p1-0.1.0-master.tar.gz +FilesAnalyzed: false +PackageLicenseConcluded: GPL-2.0-or-later +PackageLicenseDeclared: Apache-2.0 OR GPL-2.0-or-later +PackageCopyrightText: Copyright (c) John Doe, Inc. + +FileName: /tmp/whatever1.txt +SPDXID: SPDXRef-File1231 +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +LicenseConcluded: Apache-2.0 +LicenseInfoInFile: Apache-2.0 +FileCopyrightText: Copyright (c) Jane Doe + +FileName: /tmp/whatever2.txt +SPDXID: SPDXRef-File1232 +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983d +LicenseConcluded: MIT +LicenseInfoInFile: MIT +FileCopyrightText: Copyright (c) John Doe + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderPackage2_1(pkg, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1PackageSavesUnpackagedFilesIfPresent(t *testing.T) { + f1 := &spdx.File2_1{ + FileName: "/tmp/whatever1.txt", + FileSPDXIdentifier: "SPDXRef-File1231", + FileChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983c", + LicenseConcluded: "Apache-2.0", + LicenseInfoInFile: []string{"Apache-2.0"}, + FileCopyrightText: "Copyright (c) Jane Doe", + } + + f2 := &spdx.File2_1{ + FileName: "/tmp/whatever2.txt", + FileSPDXIdentifier: "SPDXRef-File1232", + FileChecksumSHA1: "85ed0817af83a24ad8da68c2b5094de69833983d", + LicenseConcluded: "MIT", + LicenseInfoInFile: []string{"MIT"}, + FileCopyrightText: "Copyright (c) John Doe", + } + + pkg := &spdx.Package2_1{ + IsUnpackaged: true, + Files: []*spdx.File2_1{ + f1, + f2, + }, + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`FileName: /tmp/whatever1.txt +SPDXID: SPDXRef-File1231 +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983c +LicenseConcluded: Apache-2.0 +LicenseInfoInFile: Apache-2.0 +FileCopyrightText: Copyright (c) Jane Doe + +FileName: /tmp/whatever2.txt +SPDXID: SPDXRef-File1232 +FileChecksum: SHA1: 85ed0817af83a24ad8da68c2b5094de69833983d +LicenseConcluded: MIT +LicenseInfoInFile: MIT +FileCopyrightText: Copyright (c) John Doe + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderPackage2_1(pkg, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1PackageSavesNothingIfUnpackagedAndNoFilesPresent(t *testing.T) { + pkg := &spdx.Package2_1{IsUnpackaged: true} + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString("") + + // render as buffer of bytes + var got bytes.Buffer + err := renderPackage2_1(pkg, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} diff --git a/tvsaver/saver2v1/save_relationship.go b/tvsaver/saver2v1/save_relationship.go new file mode 100644 index 0000000..0ba0670 --- /dev/null +++ b/tvsaver/saver2v1/save_relationship.go @@ -0,0 +1,21 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "fmt" + "io" + + "github.com/spdx/tools-golang/spdx" +) + +func renderRelationship2_1(rln *spdx.Relationship2_1, w io.Writer) error { + if rln.RefA != "" && rln.RefB != "" && rln.Relationship != "" { + fmt.Fprintf(w, "Relationship: %s %s %s\n", rln.RefA, rln.Relationship, rln.RefB) + } + if rln.RelationshipComment != "" { + fmt.Fprintf(w, "RelationshipComment: %s\n", rln.RelationshipComment) + } + + return nil +} diff --git a/tvsaver/saver2v1/save_relationship_test.go b/tvsaver/saver2v1/save_relationship_test.go new file mode 100644 index 0000000..9f4191a --- /dev/null +++ b/tvsaver/saver2v1/save_relationship_test.go @@ -0,0 +1,64 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "bytes" + "testing" + + "github.com/spdx/tools-golang/spdx" +) + +// ===== Relationship section Saver tests ===== +func TestSaver2_1RelationshipSavesText(t *testing.T) { + rln := &spdx.Relationship2_1{ + RefA: "SPDXRef-DOCUMENT", + RefB: "SPDXRef-2", + Relationship: "DESCRIBES", + RelationshipComment: "this is a comment", + } + + // what we want to get, as a buffer of bytes + // no trailing blank newline + want := bytes.NewBufferString(`Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-2 +RelationshipComment: this is a comment +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderRelationship2_1(rln, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1RelationshipOmitsOptionalFieldsIfEmpty(t *testing.T) { + rln := &spdx.Relationship2_1{ + RefA: "SPDXRef-DOCUMENT", + RefB: "SPDXRef-2", + Relationship: "DESCRIBES", + } + + // what we want to get, as a buffer of bytes + // no trailing blank newline + want := bytes.NewBufferString("Relationship: SPDXRef-DOCUMENT DESCRIBES SPDXRef-2\n") + + // render as buffer of bytes + var got bytes.Buffer + err := renderRelationship2_1(rln, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} diff --git a/tvsaver/saver2v1/save_review.go b/tvsaver/saver2v1/save_review.go new file mode 100644 index 0000000..8d192ba --- /dev/null +++ b/tvsaver/saver2v1/save_review.go @@ -0,0 +1,26 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "fmt" + "io" + + "github.com/spdx/tools-golang/spdx" +) + +func renderReview2_1(rev *spdx.Review2_1, w io.Writer) error { + if rev.Reviewer != "" && rev.ReviewerType != "" { + fmt.Fprintf(w, "Reviewer: %s: %s\n", rev.ReviewerType, rev.Reviewer) + } + if rev.ReviewDate != "" { + fmt.Fprintf(w, "ReviewDate: %s\n", rev.ReviewDate) + } + if rev.ReviewComment != "" { + fmt.Fprintf(w, "ReviewComment: %s\n", rev.ReviewComment) + } + + fmt.Fprintf(w, "\n") + + return nil +} diff --git a/tvsaver/saver2v1/save_review_test.go b/tvsaver/saver2v1/save_review_test.go new file mode 100644 index 0000000..d780467 --- /dev/null +++ b/tvsaver/saver2v1/save_review_test.go @@ -0,0 +1,67 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "bytes" + "testing" + + "github.com/spdx/tools-golang/spdx" +) + +// ===== Review section Saver tests ===== +func TestSaver2_1ReviewSavesText(t *testing.T) { + rev := &spdx.Review2_1{ + Reviewer: "John Doe", + ReviewerType: "Person", + ReviewDate: "2018-10-14T10:28:00Z", + ReviewComment: "this is a review comment", + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`Reviewer: Person: John Doe +ReviewDate: 2018-10-14T10:28:00Z +ReviewComment: this is a review comment + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderReview2_1(rev, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1ReviewOmitsOptionalFieldsIfEmpty(t *testing.T) { + rev := &spdx.Review2_1{ + Reviewer: "John Doe", + ReviewerType: "Person", + ReviewDate: "2018-10-14T10:28:00Z", + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`Reviewer: Person: John Doe +ReviewDate: 2018-10-14T10:28:00Z + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderReview2_1(rev, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} diff --git a/tvsaver/saver2v1/save_snippet.go b/tvsaver/saver2v1/save_snippet.go new file mode 100644 index 0000000..d42282b --- /dev/null +++ b/tvsaver/saver2v1/save_snippet.go @@ -0,0 +1,47 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "fmt" + "io" + + "github.com/spdx/tools-golang/spdx" +) + +func renderSnippet2_1(sn *spdx.Snippet2_1, w io.Writer) error { + if sn.SnippetSPDXIdentifier != "" { + fmt.Fprintf(w, "SnippetSPDXIdentifier: %s\n", sn.SnippetSPDXIdentifier) + } + if sn.SnippetFromFileSPDXIdentifier != "" { + fmt.Fprintf(w, "SnippetFromFileSPDXID: %s\n", sn.SnippetFromFileSPDXIdentifier) + } + if sn.SnippetByteRangeStart != 0 && sn.SnippetByteRangeEnd != 0 { + fmt.Fprintf(w, "SnippetByteRange: %d:%d\n", sn.SnippetByteRangeStart, sn.SnippetByteRangeEnd) + } + if sn.SnippetLineRangeStart != 0 && sn.SnippetLineRangeEnd != 0 { + fmt.Fprintf(w, "SnippetLineRange: %d:%d\n", sn.SnippetLineRangeStart, sn.SnippetLineRangeEnd) + } + if sn.SnippetLicenseConcluded != "" { + fmt.Fprintf(w, "SnippetLicenseConcluded: %s\n", sn.SnippetLicenseConcluded) + } + for _, s := range sn.LicenseInfoInSnippet { + fmt.Fprintf(w, "LicenseInfoInSnippet: %s\n", s) + } + if sn.SnippetLicenseComments != "" { + fmt.Fprintf(w, "SnippetLicenseComments: %s\n", textify(sn.SnippetLicenseComments)) + } + if sn.SnippetCopyrightText != "" { + fmt.Fprintf(w, "SnippetCopyrightText: %s\n", sn.SnippetCopyrightText) + } + if sn.SnippetComment != "" { + fmt.Fprintf(w, "SnippetComment: %s\n", textify(sn.SnippetComment)) + } + if sn.SnippetName != "" { + fmt.Fprintf(w, "SnippetName: %s\n", sn.SnippetName) + } + + fmt.Fprintf(w, "\n") + + return nil +} diff --git a/tvsaver/saver2v1/save_snippet_test.go b/tvsaver/saver2v1/save_snippet_test.go new file mode 100644 index 0000000..e4c76e9 --- /dev/null +++ b/tvsaver/saver2v1/save_snippet_test.go @@ -0,0 +1,92 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "bytes" + "testing" + + "github.com/spdx/tools-golang/spdx" +) + +// ===== Snippet section Saver tests ===== +func TestSaver2_1SnippetSavesText(t *testing.T) { + sn := &spdx.Snippet2_1{ + SnippetSPDXIdentifier: "SPDXRef-Snippet17", + SnippetFromFileSPDXIdentifier: "SPDXRef-File292", + SnippetByteRangeStart: 17, + SnippetByteRangeEnd: 209, + SnippetLineRangeStart: 3, + SnippetLineRangeEnd: 8, + SnippetLicenseConcluded: "GPL-2.0-or-later", + LicenseInfoInSnippet: []string{ + "GPL-2.0-or-later", + "MIT", + }, + SnippetLicenseComments: "this is a comment(s) about the snippet license", + SnippetCopyrightText: "Copyright (c) John Doe 20x6", + SnippetComment: "this is a snippet comment", + SnippetName: "from John's program", + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`SnippetSPDXIdentifier: SPDXRef-Snippet17 +SnippetFromFileSPDXID: SPDXRef-File292 +SnippetByteRange: 17:209 +SnippetLineRange: 3:8 +SnippetLicenseConcluded: GPL-2.0-or-later +LicenseInfoInSnippet: GPL-2.0-or-later +LicenseInfoInSnippet: MIT +SnippetLicenseComments: this is a comment(s) about the snippet license +SnippetCopyrightText: Copyright (c) John Doe 20x6 +SnippetComment: this is a snippet comment +SnippetName: from John's program + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderSnippet2_1(sn, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} + +func TestSaver2_1SnippetOmitsOptionalFieldsIfEmpty(t *testing.T) { + sn := &spdx.Snippet2_1{ + SnippetSPDXIdentifier: "SPDXRef-Snippet17", + SnippetFromFileSPDXIdentifier: "SPDXRef-File292", + SnippetByteRangeStart: 17, + SnippetByteRangeEnd: 209, + SnippetLicenseConcluded: "GPL-2.0-or-later", + SnippetCopyrightText: "Copyright (c) John Doe 20x6", + } + + // what we want to get, as a buffer of bytes + want := bytes.NewBufferString(`SnippetSPDXIdentifier: SPDXRef-Snippet17 +SnippetFromFileSPDXID: SPDXRef-File292 +SnippetByteRange: 17:209 +SnippetLicenseConcluded: GPL-2.0-or-later +SnippetCopyrightText: Copyright (c) John Doe 20x6 + +`) + + // render as buffer of bytes + var got bytes.Buffer + err := renderSnippet2_1(sn, &got) + if err != nil { + t.Errorf("Expected nil error, got %v", err) + } + + // check that they match + c := bytes.Compare(want.Bytes(), got.Bytes()) + if c != 0 { + t.Errorf("Expected %v, got %v", want.String(), got.String()) + } +} diff --git a/tvsaver/saver2v1/util.go b/tvsaver/saver2v1/util.go new file mode 100644 index 0000000..e206449 --- /dev/null +++ b/tvsaver/saver2v1/util.go @@ -0,0 +1,16 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "fmt" + "strings" +) + +func textify(s string) string { + if strings.Contains(s, "\n") { + return fmt.Sprintf("<text>%s</text>", s) + } + + return s +} diff --git a/tvsaver/saver2v1/util_test.go b/tvsaver/saver2v1/util_test.go new file mode 100644 index 0000000..aceccb7 --- /dev/null +++ b/tvsaver/saver2v1/util_test.go @@ -0,0 +1,32 @@ +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later + +package saver2v1 + +import ( + "testing" +) + +// ===== Utility function tests ===== +func TestTextifyWrapsStringWithNewline(t *testing.T) { + s := `this text has +a newline in it` + want := `<text>this text has +a newline in it</text>` + + got := textify(s) + + if want != got { + t.Errorf("Expected %s, got %s", want, got) + } +} + +func TestTextifyDoesNotWrapsStringWithNoNewline(t *testing.T) { + s := `this text has no newline in it` + want := s + + got := textify(s) + + if want != got { + t.Errorf("Expected %s, got %s", want, got) + } +} diff --git a/tvsaver/tvsaver.go b/tvsaver/tvsaver.go new file mode 100644 index 0000000..3f09d91 --- /dev/null +++ b/tvsaver/tvsaver.go @@ -0,0 +1,18 @@ +// Package tvsaver is used to save tools-golang data structures +// as SPDX tag-value documents. +// SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later +package tvsaver + +import ( + "io" + + "github.com/spdx/tools-golang/spdx" + "github.com/spdx/tools-golang/tvsaver/saver2v1" +) + +// Save2_1 takes an io.Writer and an SPDX Document (version 2.1), +// and writes it to the writer in tag-value format. It returns error +// if any error is encountered. +func Save2_1(doc *spdx.Document2_1, w io.Writer) error { + return saver2v1.RenderDocument2_1(doc, w) +} |