2011-12-03 23:16:15 +00:00
|
|
|
# These aren't actually used anywhere that I can tell
|
|
|
|
# They may be in the future (or are used by someone else
|
|
|
|
# For completion sake, I've updated them
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "AAL Adobe AFL-1.2 AFL-2.0 AFL-2.1 AFL-3.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "AGPL-3.0 ANTLR-PD Apache-1.0 Apache-1.1 Apache-2.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "APL-1.0 APSL-1.0 APSL-1.1 APSL-1.2 APSL-2.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "Artistic-1.0 Artistic-2.0 BitstreamVera BSD"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "BSD-2-Clause BSD-3-Clause BSD-4-Clause BSL-1.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "CATOSL-1.1 CC0-1.0 CC-BY-1.0 CC-BY-2.0 CC-BY-2.5"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "CC-BY-3.0 CC-BY-NC-1.0 CC-BY-NC-2.0 CC-BY-NC-2.5"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "CC-BY-NC-3.0 CC-BY-NC-ND-1.0 CC-BY-NC-ND-2.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "CC-BY-NC-ND-2.5 CC-BY-NC-ND-3.0 CC-BY-NC-SA-1.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "CC-BY-NC-SA-2.0 CC-BY-NC-SA-2.5 CC-BY-NC-SA-3.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "CC-BY-ND-1.0 CC-BY-ND-2.0 CC-BY-ND-2.5 CC-BY-ND-3.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "CC-BY-SA-1.0 CC-BY-SA-2.0 CC-BY-SA-2.5 CC-BY-SA-3.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "CDDL-1.0 CECILL-1.0 CECILL-2.0 CECILL-B CECILL-C"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "ClArtistic CPAL-1.0 CPL-1.0 CUA-OPL-1.0 DSSSL"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "ECL-1.0 ECL-2.0 eCos-2.0 EDL-1.0 EFL-1.0 EFL-2.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "Elfutils-Exception Entessa EPL-1.0 ErlPL-1.1"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "EUDatagrid EUPL-1.0 EUPL-1.1 Fair Frameworx-1.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "FreeType GFDL-1.1 GFDL-1.2 GFDL-1.3 GPL-1.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "GPL-2.0 GPL-2.0-with-autoconf-exception"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "GPL-2.0-with-classpath-exception"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "GPL-2.0-with-font-exception"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "GPL-2.0-with-GCC-exception"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "GPL-2-with-bison-exception GPL-3.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "GPL-3.0-with-autoconf-exception"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "GPL-3.0-with-GCC-exception"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "gSOAP-1 gSOAP-1.3b HPND IPA IPL-1.0 ISC LGPL-2.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "LGPL-2.1 LGPL-3.0 Libpng LPL-1.02 LPPL-1.0 LPPL-1.1"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "LPPL-1.2 LPPL-1.3c MirOS MIT Motosoto MPL-1.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "MPL-1.1 MS-PL MS-RL Multics NASA-1.3 Nauman NCSA"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "NGPL Nokia NPOSL-3.0 NTP OASIS OCLC-2.0 ODbL-1.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "OFL-1.1 OGTSL OLDAP-2.8 OpenSSL OSL-1.0 OSL-2.0"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "OSL-3.0 PD PHP-3.0 PostgreSQL Proprietary"
|
|
|
|
SRC_DISTRIBUTE_LICENSES += "Python-2.0 QPL-1.0 RHeCos-1 RHeCos-1.1 RPL-1.5"
|
2013-06-13 08:49:17 +00:00
|
|
|
SRC_DISTRIBUTE_LICENSES += "RPSL-1.0 RSCPL Ruby SAX-PD SGI-1 Simple-2.0 Sleepycat"
|
2012-02-28 15:02:45 +00:00
|
|
|
SRC_DISTRIBUTE_LICENSES += "SPL-1.0 SugarCRM-1 SugarCRM-1.1.3 UCB VSL-1.0 W3C"
|
2015-06-11 05:50:38 +00:00
|
|
|
SRC_DISTRIBUTE_LICENSES += "Watcom-1.0 WXwindows XFree86-1.0 XFree86-1.1 Xnet XSL YPL-1.1"
|
2011-12-03 23:16:15 +00:00
|
|
|
SRC_DISTRIBUTE_LICENSES += "Zimbra-1.3 Zlib ZPL-1.1 ZPL-2.0 ZPL-2.1"
|
2005-08-31 10:45:47 +00:00
|
|
|
|
2012-09-26 21:50:09 +00:00
|
|
|
# Standards are great! Everyone has their own. In an effort to standardize licensing
|
|
|
|
# names, common-licenses will use the SPDX standard license names. In order to not
|
|
|
|
# break the non-standardized license names that we find in LICENSE, we'll set
|
|
|
|
# up a bunch of VarFlags to accomodate non-SPDX license names.
|
|
|
|
#
|
|
|
|
# We should really discuss standardizing this field, but that's a longer term goal.
|
|
|
|
# For now, we can do this and it should grab the most common LICENSE naming variations.
|
|
|
|
#
|
|
|
|
# We should NEVER have a GPL/LGPL without a version!!!!
|
|
|
|
# Any mapping to MPL/LGPL/GPL should be fixed
|
|
|
|
|
2014-05-10 03:22:00 +00:00
|
|
|
# AGPL variations
|
|
|
|
SPDXLICENSEMAP[AGPL-3] = "AGPL-3.0"
|
|
|
|
SPDXLICENSEMAP[AGPLv3] = "AGPL-3.0"
|
|
|
|
SPDXLICENSEMAP[AGPLv3.0] = "AGPL-3.0"
|
|
|
|
|
2012-09-26 21:50:09 +00:00
|
|
|
# GPL variations
|
|
|
|
SPDXLICENSEMAP[GPL-1] = "GPL-1.0"
|
|
|
|
SPDXLICENSEMAP[GPLv1] = "GPL-1.0"
|
|
|
|
SPDXLICENSEMAP[GPLv1.0] = "GPL-1.0"
|
|
|
|
SPDXLICENSEMAP[GPL-2] = "GPL-2.0"
|
|
|
|
SPDXLICENSEMAP[GPLv2] = "GPL-2.0"
|
|
|
|
SPDXLICENSEMAP[GPLv2.0] = "GPL-2.0"
|
|
|
|
SPDXLICENSEMAP[GPL-3] = "GPL-3.0"
|
|
|
|
SPDXLICENSEMAP[GPLv3] = "GPL-3.0"
|
|
|
|
SPDXLICENSEMAP[GPLv3.0] = "GPL-3.0"
|
|
|
|
|
|
|
|
#LGPL variations
|
|
|
|
SPDXLICENSEMAP[LGPLv2] = "LGPL-2.0"
|
|
|
|
SPDXLICENSEMAP[LGPLv2.0] = "LGPL-2.0"
|
|
|
|
SPDXLICENSEMAP[LGPL2.1] = "LGPL-2.1"
|
|
|
|
SPDXLICENSEMAP[LGPLv2.1] = "LGPL-2.1"
|
|
|
|
SPDXLICENSEMAP[LGPLv3] = "LGPL-3.0"
|
|
|
|
|
|
|
|
#MPL variations
|
|
|
|
SPDXLICENSEMAP[MPL-1] = "MPL-1.0"
|
|
|
|
SPDXLICENSEMAP[MPLv1] = "MPL-1.0"
|
|
|
|
SPDXLICENSEMAP[MPLv1.1] = "MPL-1.1"
|
|
|
|
SPDXLICENSEMAP[MPLv2] = "MPL-2.0"
|
|
|
|
|
|
|
|
#MIT variations
|
|
|
|
SPDXLICENSEMAP[MIT-X] = "MIT"
|
|
|
|
SPDXLICENSEMAP[MIT-style] = "MIT"
|
|
|
|
|
|
|
|
#Openssl variations
|
|
|
|
SPDXLICENSEMAP[openssl] = "OpenSSL"
|
|
|
|
|
|
|
|
#Python variations
|
|
|
|
SPDXLICENSEMAP[PSF] = "Python-2.0"
|
|
|
|
SPDXLICENSEMAP[PSFv2] = "Python-2.0"
|
|
|
|
SPDXLICENSEMAP[Python-2] = "Python-2.0"
|
|
|
|
|
|
|
|
#Apache variations
|
|
|
|
SPDXLICENSEMAP[Apachev2] = "Apache-2.0"
|
|
|
|
SPDXLICENSEMAP[Apache-2] = "Apache-2.0"
|
|
|
|
|
|
|
|
#Artistic variations
|
|
|
|
SPDXLICENSEMAP[Artisticv1] = "Artistic-1.0"
|
|
|
|
SPDXLICENSEMAP[Artistic-1] = "Artistic-1.0"
|
|
|
|
|
|
|
|
#Academic variations
|
|
|
|
SPDXLICENSEMAP[AFL-2] = "AFL-2.0"
|
|
|
|
SPDXLICENSEMAP[AFL-1] = "AFL-1.2"
|
|
|
|
SPDXLICENSEMAP[AFLv2] = "AFL-2.0"
|
|
|
|
SPDXLICENSEMAP[AFLv1] = "AFL-1.2"
|
|
|
|
|
|
|
|
#Other variations
|
|
|
|
SPDXLICENSEMAP[EPLv1.0] = "EPL-1.0"
|
2011-12-03 23:16:15 +00:00
|
|
|
|
2013-06-13 08:49:17 +00:00
|
|
|
#Silicon Graphics variations
|
|
|
|
SPDXLICENSEMAP[SGIv1] = "SGI-1"
|
|
|
|
|
2011-12-03 23:16:15 +00:00
|
|
|
# Additional license directories. Add your custom licenses directories this path.
|
|
|
|
# LICENSE_PATH += "${COREBASE}/custom-licenses"
|
|
|
|
|
|
|
|
# Set if you want the license.manifest copied to the image
|
|
|
|
#COPY_LIC_MANIFEST = "1"
|
|
|
|
|
2013-08-23 21:40:35 +00:00
|
|
|
# If you want the pkg licenses copied over as well you must set
|
2011-12-03 23:16:15 +00:00
|
|
|
# both COPY_LIC_MANIFEST and COPY_LIC_DIRS
|
|
|
|
#COPY_LIC_DIRS = "1"
|
2013-08-23 21:40:35 +00:00
|
|
|
|
|
|
|
## SPDX temporary directory
|
|
|
|
SPDX_TEMP_DIR = "${WORKDIR}/spdx_temp"
|
|
|
|
SPDX_MANIFEST_DIR = "/home/yocto/fossology_scans"
|
|
|
|
|
|
|
|
## SPDX Format info
|
|
|
|
SPDX_VERSION = "SPDX-1.1"
|
|
|
|
DATA_LICENSE = "CC0-1.0"
|
|
|
|
|
|
|
|
## Fossology scan information
|
|
|
|
# You can set option to control if the copyright information will be skipped
|
|
|
|
# during the identification process.
|
|
|
|
#
|
2016-11-15 19:10:39 +00:00
|
|
|
# FOSS_NO_COPYRIGHT = "true"
|
2013-08-23 21:40:35 +00:00
|
|
|
# NO copyright will be processed. That means only license information will be
|
|
|
|
# identified and output to SPDX file
|
2016-11-15 19:10:39 +00:00
|
|
|
# FOSS_NO_COPYRIGHT = "false"
|
2013-08-23 21:40:35 +00:00
|
|
|
# Copyright will be identified and output to SPDX file along with license
|
|
|
|
# information. The process will take more time than not processing copyright
|
|
|
|
# information.
|
|
|
|
#
|
|
|
|
|
spdx.bbclass: improved stability, fixed SPDX compliance issues. Changes are reflected in licenses.conf.
The previous version could crash on dead links in the rootfs, or if the manifest directory did not
exist. The generated files were also not compliant with the SPDX specification, for example file
entries did not always start with the FileName tag, time stamps were incorrectly formatted etc.
Stability issues are addressed by added checks, originally written by Johan Thelin
<johan.thelin@pelagicore.com>, who never upstreamed them. I've also added an option for getting full
SPDX output from FOSSology, i.e. not only for all files, but for the package as well, including
license references. License refs are required in order to process the output by SPDXTools. For that
reason, this option defaults to true.
(From OE-Core rev: 5d3a4f4f57e4d8581fd88a14324f94e93104a690)
Signed-off-by: Tobias Olausson <tobias.olausson@pelagicore.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-10-20 14:09:15 +00:00
|
|
|
FOSS_NO_COPYRIGHT = "true"
|
2013-08-23 21:40:35 +00:00
|
|
|
|
|
|
|
# A option defined as[FOSS_RECURSIVE_UNPACK] in ./meta/conf/licenses.conf. is
|
|
|
|
# used to control if FOSSology server need recursively unpack tar.gz file which
|
|
|
|
# is sent from do_spdx task.
|
|
|
|
#
|
|
|
|
# FOSS_RECURSIVE_UNPACK = "false":
|
|
|
|
# FOSSology server does NOT recursively unpack. In the current release, this
|
|
|
|
# is the default choice because recursively unpack will not necessarily break
|
|
|
|
# down original compressed files.
|
|
|
|
# FOSS_RECURSIVE_UNPACK = "true":
|
|
|
|
# FOSSology server recursively unpack components.
|
|
|
|
#
|
|
|
|
|
|
|
|
FOSS_RECURSIVE_UNPACK = "false"
|
|
|
|
|
spdx.bbclass: improved stability, fixed SPDX compliance issues. Changes are reflected in licenses.conf.
The previous version could crash on dead links in the rootfs, or if the manifest directory did not
exist. The generated files were also not compliant with the SPDX specification, for example file
entries did not always start with the FileName tag, time stamps were incorrectly formatted etc.
Stability issues are addressed by added checks, originally written by Johan Thelin
<johan.thelin@pelagicore.com>, who never upstreamed them. I've also added an option for getting full
SPDX output from FOSSology, i.e. not only for all files, but for the package as well, including
license references. License refs are required in order to process the output by SPDXTools. For that
reason, this option defaults to true.
(From OE-Core rev: 5d3a4f4f57e4d8581fd88a14324f94e93104a690)
Signed-off-by: Tobias Olausson <tobias.olausson@pelagicore.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-10-20 14:09:15 +00:00
|
|
|
# An option defined as [FOSS_FULL_SPDX] in ./meta/conf/licenses.conf is used to
|
|
|
|
# control what kind of SPDX output to get from the FOSSology server.
|
|
|
|
#
|
|
|
|
# FOSS_FULL_SPDX = "true":
|
|
|
|
# Tell FOSSology server to return full SPDX output, like if the program was
|
|
|
|
# run from the command line. This is needed in order to get license refs for
|
|
|
|
# the full package rather than individual files only.
|
|
|
|
#
|
|
|
|
# FOSS_FULL_SPDX = "false":
|
|
|
|
# Tell FOSSology to only process license information for files. All package
|
|
|
|
# license tags in the report will be "NOASSERTION"
|
|
|
|
#
|
|
|
|
|
|
|
|
FOSS_FULL_SPDX = "true"
|
|
|
|
|
|
|
|
# FOSSologySPDX instance server. http://localhost/repo is the default
|
|
|
|
# installation location for FOSSology.
|
|
|
|
#
|
2013-08-23 21:40:35 +00:00
|
|
|
# For more information on FOSSologySPDX commandline:
|
|
|
|
# https://github.com/spdx-tools/fossology-spdx/wiki/Fossology-SPDX-Web-API
|
|
|
|
#
|
|
|
|
|
spdx.bbclass: improved stability, fixed SPDX compliance issues. Changes are reflected in licenses.conf.
The previous version could crash on dead links in the rootfs, or if the manifest directory did not
exist. The generated files were also not compliant with the SPDX specification, for example file
entries did not always start with the FileName tag, time stamps were incorrectly formatted etc.
Stability issues are addressed by added checks, originally written by Johan Thelin
<johan.thelin@pelagicore.com>, who never upstreamed them. I've also added an option for getting full
SPDX output from FOSSology, i.e. not only for all files, but for the package as well, including
license references. License refs are required in order to process the output by SPDXTools. For that
reason, this option defaults to true.
(From OE-Core rev: 5d3a4f4f57e4d8581fd88a14324f94e93104a690)
Signed-off-by: Tobias Olausson <tobias.olausson@pelagicore.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-10-20 14:09:15 +00:00
|
|
|
FOSS_BASE_URL = "http://localhost/repo/?mod=spdx_license_once"
|
|
|
|
FOSS_SERVER = "${FOSS_BASE_URL}&fullSPDXFlag=${FOSS_FULL_SPDX}&noCopyright=${FOSS_NO_COPYRIGHT}&recursiveUnpack=${FOSS_RECURSIVE_UNPACK}"
|
2013-08-23 21:40:35 +00:00
|
|
|
|
|
|
|
FOSS_WGET_FLAGS = "-qO - --no-check-certificate --timeout=0"
|
|
|
|
|
|
|
|
|