Recently I noticed a new tool called
licenserecon written by Peter Blackman, and I helped get
licenserecon into Debian. The purpose of
licenserecon is to reconcile licenses from
debian/copyright against the output from
licensecheck, a tool written by Jonas Smedegaard. It assumes
DEP5 copyright files. You run the tool in a directory that has a debian/ sub-directory, and its output when it notices mismatches (this is for
resolv-wrapper):
# sudo apt install licenserecon
jas@kaka:~/dpkg/resolv-wrapper$ lrc
Parsing Source Tree ....
Running licensecheck ....
d/copyright licensecheck
BSD-3-Clauses BSD-3-clause src/resolv_wrapper.c
BSD-3-Clauses BSD-3-clause tests/dns_srv.c
BSD-3-Clauses BSD-3-clause tests/test_dns_fake.c
BSD-3-Clauses BSD-3-clause tests/test_res_query_search.c
BSD-3-Clauses BSD-3-clause tests/torture.c
BSD-3-Clauses BSD-3-clause tests/torture.h
jas@kaka:~/dpkg/resolv-wrapper$
Noticing one-character typos like this may not bring satisfaction except to the most obsessive-compulsive among us, however the tool has the potential of discovering more serious mistakes.
Using it manually once in a while may be useful, however I tend to forget QA steps that are not automated. Could we add this to the
Salsa CI/CD pipeline? I recently proposed a
merge request to add a wrap-and-sort job to the Salsa CI/CD pipeline (disabled by default) and learned how easy it was to extend it. I think
licenserecon is still a bit rough on the edges, and I haven t been able to successfully use it on any but the simplest packages yet. I wouldn t want to suggest it is added to the normal Salsa CI/CD pipeline, even if disabled. If you maintain a Debian package on Salsa and wish to add a
licenserecon job to your pipeline, I wrote
licenserecon.yml for you.
The simplest way to use
licenserecon.yml is to replace
recipes/debian.yml@salsa-ci-team/pipeline as the Salsa CI/CD configuration file setting with
debian/salsa-ci.yml@debian/licenserecon. If you use a
debian/salsa-ci.yml file you may put something like this in it instead:
---
include:
- https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
- https://salsa.debian.org/debian/licenserecon/raw/main/debian/licenserecon.yml
Once you trigger the pipeline, this will result in a new job
licenserecon that validates
debian/copyright against
licensecheck output on every build! I have added this to the
libcpucycles package on Salsa and the
pipeline contains a
new job licenserecon whose output currently ends with:
$ cd $ WORKING_DIR /$ SOURCE_DIR
$ lrc
Parsing Source Tree ....
Running licensecheck ....
No differences found
Cleaning up project directory and file based variables
If upstream releases a new version with files not matching our
debian/copyright file, we will detect that on the next Salsa build job rather than months later when somebody happens to run the tools manually or there is some license conflict.
Incidentally
licenserecon is written in Pascal which brought back old memories with
Turbo Pascal back in the MS-DOS days. Thanks Peter for
licenserecon, and Jonas for
licensecheck making this possible!
The following contributors got their Debian Developer accounts in the last two
months: