handle license exception in grouping, better (rhbz#2175241)

Apply upstream commits 48aa148b (TagsCheck: restore space exclusion to license_exception_regex, 2023-03-20)¹ and 65abdbd3 (TagsCheck: handle license exception in first item of a grouping, 2023-03-20)² to improve the handling of license exceptions within groupings. ¹ https://github.com/rpm-software-management/rpmlint/commit/48aa148b ² https://github.com/rpm-software-management/rpmlint/commit/65abdbd3
2023-03-20 11:22:58 -04:00 · 2023-03-20 11:22:58 -04:00 · 3b8cdae343
commit 3b8cdae343
parent 3203e77b1d
3 changed files with 131 additions and 1 deletions
--- a/0001-TagsCheck-restore-space-exclusion-to-license_excepti.patch
+++ b/0001-TagsCheck-restore-space-exclusion-to-license_excepti.patch
@ -0,0 +1,28 @@
+From 48aa148bd633aa4e27b28239d98cd809e0e45f22 Mon Sep 17 00:00:00 2001
+From: Todd Zullinger <tmz@pobox.com>
+Date: Mon, 20 Mar 2023 03:14:14 -0400
+Subject: [PATCH] TagsCheck: restore space exclusion to license_exception_regex
+
+In 7d707f7f (TagsCheck: handle license exception in grouping,
+2023-03-03), the regex lost the exclusion of space characters.  This
+isn't immediately noticeable because we strip the strings generated by
+the regex before use, but it's better to keep the regex more precise.
+
+Suggested-by: Daniel Garcia Moreno <daniel.garcia@suse.com>
+---
+ rpmlint/checks/TagsCheck.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/rpmlint/checks/TagsCheck.py b/rpmlint/checks/TagsCheck.py
+index 923538ba..65c75c92 100644
+--- a/rpmlint/checks/TagsCheck.py
+++ b/rpmlint/checks/TagsCheck.py
+@@ -21,7 +21,7 @@
+ leading_space_regex = re.compile(r'^\s+')
+ pkg_config_regex = re.compile(r'^/usr/(?:lib\d*|share)/pkgconfig/')
+ license_regex = re.compile(r'\(([^)]+)\)|\s(?:and|or|AND|OR)\s')
+-license_exception_regex = re.compile(r'(\S+)\s(?:WITH|with)\s([^)]+)')
+license_exception_regex = re.compile(r'(\S+)\s(?:WITH|with)\s([^)\s]+)')
+ invalid_version_regex = re.compile(r'([0-9](?:rc|alpha|beta|pre).*)', re.IGNORECASE)
+ # () are here for grouping purpose in the regexp
+ tag_regex = re.compile(r'^((?:Auto(?:Req|Prov|ReqProv)|Build(?:Arch(?:itectures)?|Root)|(?:Build)?Conflicts|(?:Build)?(?:Pre)?Requires|Copyright|(?:CVS|SVN)Id|Dist(?:ribution|Tag|URL)|DocDir|(?:Build)?Enhances|Epoch|Exclu(?:de|sive)(?:Arch|OS)|Group|Icon|License|Name|No(?:Patch|Source)|Obsoletes|Packager|Patch\d*|Prefix(?:es)?|Provides|(?:Build)?Recommends|Release|RHNPlatform|Serial|Source\d*|(?:Build)?Suggests|Summary|(?:Build)?Supplements|(?:Bug)?URL|Vendor|Version)(?:\([^)]+\))?:)\s*\S', re.IGNORECASE)
--- a/0002-TagsCheck-handle-license-exception-in-first-item-of-.patch
+++ b/0002-TagsCheck-handle-license-exception-in-first-item-of-.patch
@ -0,0 +1,97 @@
+From 65abdbd383166ce727ece30f79b0808f46c2da29 Mon Sep 17 00:00:00 2001
+From: Todd Zullinger <tmz@pobox.com>
+Date: Mon, 20 Mar 2023 03:20:44 -0400
+Subject: [PATCH] TagsCheck: handle license exception in first item of a
+ grouping
+
+The change in 7d707f7f (TagsCheck: handle license exception in grouping,
+2023-03-03) is insufficient when the exception is on the first item in a
+grouping, e.g.:
+
+    License: (Apache-2.0 WITH LLVM-exception OR NCSA) AND BSD-3-Clause
+
+Adjust `license_exception_regex` to exclude a leading '(' as well as a
+trailing ')'.
+---
+ rpmlint/checks/TagsCheck.py                      |   2 +-
+ .../valid-exception-begin-grouping-1.0-1.src.rpm | Bin 0 -> 6644 bytes
+ test/test_tags.py                                |  12 ++++++++++++
+ 3 files changed, 13 insertions(+), 1 deletion(-)
+ create mode 100644 test/source/valid-exception-begin-grouping-1.0-1.src.rpm
+
+diff --git a/rpmlint/checks/TagsCheck.py b/rpmlint/checks/TagsCheck.py
+index 65c75c92..64088f55 100644
+--- a/rpmlint/checks/TagsCheck.py
+++ b/rpmlint/checks/TagsCheck.py
+@@ -21,7 +21,7 @@
+ leading_space_regex = re.compile(r'^\s+')
+ pkg_config_regex = re.compile(r'^/usr/(?:lib\d*|share)/pkgconfig/')
+ license_regex = re.compile(r'\(([^)]+)\)|\s(?:and|or|AND|OR)\s')
+-license_exception_regex = re.compile(r'(\S+)\s(?:WITH|with)\s([^)\s]+)')
+license_exception_regex = re.compile(r'([^(\s]+)\s(?:WITH|with)\s([^)\s]+)')
+ invalid_version_regex = re.compile(r'([0-9](?:rc|alpha|beta|pre).*)', re.IGNORECASE)
+ # () are here for grouping purpose in the regexp
+ tag_regex = re.compile(r'^((?:Auto(?:Req|Prov|ReqProv)|Build(?:Arch(?:itectures)?|Root)|(?:Build)?Conflicts|(?:Build)?(?:Pre)?Requires|Copyright|(?:CVS|SVN)Id|Dist(?:ribution|Tag|URL)|DocDir|(?:Build)?Enhances|Epoch|Exclu(?:de|sive)(?:Arch|OS)|Group|Icon|License|Name|No(?:Patch|Source)|Obsoletes|Packager|Patch\d*|Prefix(?:es)?|Provides|(?:Build)?Recommends|Release|RHNPlatform|Serial|Source\d*|(?:Build)?Suggests|Summary|(?:Build)?Supplements|(?:Bug)?URL|Vendor|Version)(?:\([^)]+\))?:)\s*\S', re.IGNORECASE)
+diff --git a/test/source/valid-exception-begin-grouping-1.0-1.src.rpm b/test/source/valid-exception-begin-grouping-1.0-1.src.rpm
+new file mode 100644
+index 0000000000000000000000000000000000000000..d0aba4903debd79db253b7655f3a001f2edfe0b2
+GIT binary patch
+literal 6644
+zcmeI0X>3$g6vyv$3f3aFEV78;Lm+IK;q6OBs1%_PECOW_i}IHHrlYf^^Qr?V`=X#k
+z!y+0!ARz{1u?UI;(1I2aF%Y7H0*L|z1leR&YwJ1f1&N9H#c$3_PXF)s&Rx&DeUtpp
+ztv-L)Pl%8Bo;M?5CqPp+O?csWEMU=4I2H(%#mf`nSSTO_`G7#~eECSDzc-k__Oy>Z
+zyNi(Ajd0%w0`FIV=EBrXK^sHh1#NxJK#{vQu>Uk@CPaks&!EtsBp{%_{{krHr$Rt~
+z|3y&D&xAB5Qd^>uVJNn!nX)7cifh{%6?jm^po&99jmk151~pBWw+&s;ZR%*YVGD}o
+z2vl=aNpMBpRe8(SWSiGy)#6Rc^NOG;)U-^^q@ruXgoI?3R0xNCyC+vK%R3uLG!s62
+zlaP$9^{MoqbOq8CNLL_Tfpi7Z6-ZYgU4e83(iKQoAYFlU1=1DxzgM8%6RE4KdmRb^
+zo(3Ve`6dc@8jIjjUkLCu{Ifu@jRTPdffxE7=#!vtlEL^V#vK`-Vcdl=`Y3lpbY*;w
+zag_0SQ1n&Mv%&GvXTkA5W_$@0^ItQ*42t<fjIS}qbzuMN4eaa0_y#D<@9W37hUE(x
+z|G~I~aV=x3firP#2p{u>GI4ISvJxzhdqXZ`oDGWYJ;qHyp?<y;<9iryW{kcRwnzU4
+z)}NWf@|BG79bo^@8Q%wr?RPV7&GLI0w_$m#JG`UJwk&^z@%;^)(V1~KP}oz342tvX
+zpfG+$Z^i~F%%71DiupWH<PhTlpxA!`<AI>qe;MOK#w!>P0>%C-84qXqHH^nFu3-Em
+zD7N3o7~d0)f3sfWSiX|wpJsf5u>*?ht7c3Y<2l9sxQy}K0k>EHisNIwkax2D4aPVw
+zt_RNv=5btT@6Tt9=MeJ#{>TO7&VDBWzmo{0m?k~WjhAsl!ZwX1Dd(9X?uD>d%9%0l
+zmRHJ|9_N)(uHG_@fm_POUC!igdZ+)*C_&=1uG$xkmnBNWF&gw}JZ8pB+w>yA81-OJ
+zxUE&ie?8`gcutUX8~DVKfC%PoJQkV2jUH57$PM!X`0&>9(cA6LJzCVC>o=l*KnfH@
+z%<?29#c{{s#+FASupwH;_4c9@^Am9^o(kIWXdg1rjM5}2^}IwfuU9XcGNXwI#T0=K
+z<tdWV)n`;ZyY=guwgNs_t*bW6ng%YaF1w~pb<q?R-V|KJrm`iwszrIj;uTetbeUHb
+zNv8s|<pqg4x+YS|mhsHv#ld0-27EK?{^d>LVaUcPOGG1Kt6M=lnkb{mBy|RaBeV#&
+z(VegyKItD0!CQxCQjibIV0z0zwch-egMt<W58P?>YyOCMlyXC3l<S>@yLgP|-&TP>
+zT!3rv%L80E7WTqsgiDzAb7qK=e|mwOplXJw8H%bkY!R1TABcFLb-M+B=RF6L32GB!
+zC&F<Onix)yn{~@7_uPO^G+wg=oAQF|xQ<N)SJOpNq?V>Tnqga(MioWW4NGw(Lr`p0
+zvMh_Ls%opINGZ7Gcx4Her0TB3JF;Ucx+qD4Zn>@_+oo$6s-rkAjO=QnZd$r67?LEb
+zj_rsPCN~V%;Bk=pAGNx=8vLl_J~$8lKjF&ozczf>&>ej4$<3c0OL4;%%#SV05(c!K
+z(fQ@<mHT$-AMIQ_?%Se{JL}Gq_Va{2*AHwtd-VFzaXrT_?^3e9>SXWo_1!1WnRLK=
+zs`k>FZC5J-*QSrYxXtQ(YU$!WT}C}y6>3>nHKRE6O7S$i`7b>e?a8vwRNgyf^!l!Y
+zAMX(CQ8KVXcx<M->(~c_TJ2i0Ztm`dug;oPWOjRL`0PrH#1G7#nw=fUZ=!ZSRQO&=
+z(<>Rd+0knw$L;TM<-(jJ$;^X2#%{knexg5T@%uBj)Lw3!^UlL(wpXv%)vl(;j=i~)
+z9?1E!prABr<z3AS2t^N-z1V(3?buBVzuBkJHmkq-;>M~Y6&t?a^4<L3emtQyX&V)5
+za!2OBaqppKL&Qd#mP|j~cxbBWlG96mC~CI!ts@8K1_!@=s`6mF>fmv1(Z=ST3inUh
+sK6Om(sO2?NYCrpALSNx`_1)v=$EO}yH){1}ue!y_!<VmYg<qaO0c2%FjsO4v
+
+literal 0
+HcmV?d00001
+
+diff --git a/test/test_tags.py b/test/test_tags.py
+index 42a83154..6c5d5280 100644
+--- a/test/test_tags.py
+++ b/test/test_tags.py
+@@ -89,6 +89,18 @@ def test_valid_license_exception_in_grouping(tmpdir, package, tagscheck):
+     assert 'W: invalid-license-exception' not in out
+ 
+ 
+@pytest.mark.parametrize('package', ['source/valid-exception-begin-grouping'])
+def test_valid_license_exception_begin_grouping(tmpdir, package, tagscheck):
+    CONFIG.info = True
+    CONFIG.configuration['ValidLicenses'] = ['BSD-3-Clause', 'GPL-2.0-only']
+    CONFIG.configuration['ValidLicenseExceptions'] = ['Qt-GPL-exception-1.0']
+    output = Filter(CONFIG)
+    test = TagsCheck(CONFIG, output)
+    test.check(get_tested_package(package, tmpdir))
+    out = output.print_results(output.results)
+    assert 'W: invalid-license-exception' not in out
+
+
+ @pytest.mark.parametrize('package', ['binary/xtables-addons-kmp-default'])
+ def test_forbidden_controlchar_found_requires(tmpdir, package, tagscheck):
+     output, test = tagscheck
--- a/rpmlint.spec
+++ b/rpmlint.spec
@ -3,7 +3,7 @@

 Name:           rpmlint
 Version:        2.4.0
-Release:        5%{?dist}
+Release:        6%{?dist}
 Summary:        Tool for checking common errors in RPM packages
 License:        GPL-2.0-or-later
 URL:            https://github.com/rpm-software-management/rpmlint
@ -20,6 +20,8 @@ Patch0:         https://github.com/rpm-software-management/rpmlint/commit/393cde

 # https://bugzilla.redhat.com/2175241
 Patch1:         https://github.com/rpm-software-management/rpmlint/commit/7d707f7f.patch#/0001-TagsCheck-handle-license-exception-in-grouping.patch
+Patch2:         https://github.com/rpm-software-management/rpmlint/commit/48aa148b.patch#/0001-TagsCheck-restore-space-exclusion-to-license_excepti.patch
+Patch3:         https://github.com/rpm-software-management/rpmlint/commit/65abdbd3.patch#/0002-TagsCheck-handle-license-exception-in-first-item-of-.patch

 BuildArch:      noarch

@ -86,6 +88,9 @@ cp -a %{SOURCE1} %{SOURCE3} %{SOURCE4} %{SOURCE5} %{buildroot}%{_sysconfdir}/xdg
 %{_bindir}/rpmlint

 %changelog
+* Mon Mar 20 2023 Todd Zullinger <tmz@pobox.com> - 2.4.0-6
+- handle license exception in grouping, better (rhbz#2175241)
+
 * Mon Mar 06 2023 Todd Zullinger <tmz@pobox.com> - 2.4.0-5
 - handle license exception in grouping (rhbz#2175241)