Browse Source
* Add a script to check the license ### Motivation Check licenses in the distribution package ### Modification 1. Add a script to check licenses, and list known licenses. 1. Remove unused dep license, lombok. 1. Remove unnecessary ignored patterns in .gitignore. 1. Add missing config items to apache-rat plugin, which just checked a small part of files before. 1. Add check to GitHub Actions process ### Result 1. Newly-added dependencies should be checked and confirmed. 1. Closes #1578 * Separate rat and dependency check * Tee dependencies to stdout * Add more debug messages * Check light-weight task first1.3.2-release
kezhenxu94
4 years ago
committed by
gaojun2048
8 changed files with 284 additions and 153 deletions
@ -1,19 +0,0 @@
|
||||
Copyright (C) 2009-2015 The Project Lombok Authors. |
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy |
||||
of this software and associated documentation files (the "Software"), to deal |
||||
in the Software without restriction, including without limitation the rights |
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
||||
copies of the Software, and to permit persons to whom the Software is |
||||
furnished to do so, subject to the following conditions: |
||||
|
||||
The above copyright notice and this permission notice shall be included in |
||||
all copies or substantial portions of the Software. |
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN |
||||
THE SOFTWARE. |
||||
@ -0,0 +1,39 @@
|
||||
#!/usr/bin/env bash |
||||
|
||||
# |
||||
# Licensed to the Apache Software Foundation (ASF) under one or more |
||||
# contributor license agreements. See the NOTICE file distributed with |
||||
# this work for additional information regarding copyright ownership. |
||||
# The ASF licenses this file to You under the Apache License, Version 2.0 |
||||
# (the "License"); you may not use this file except in compliance with |
||||
# the License. You may obtain a copy of the License at |
||||
# |
||||
# http://www.apache.org/licenses/LICENSE-2.0 |
||||
# |
||||
# Unless required by applicable law or agreed to in writing, software |
||||
# distributed under the License is distributed on an "AS IS" BASIS, |
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||||
# See the License for the specific language governing permissions and |
||||
# limitations under the License. |
||||
# |
||||
|
||||
mkdir dist || true |
||||
|
||||
tar -zxf dolphinscheduler-dist/target/apache-dolphinscheduler*-bin.tar.gz --strip=1 -C dist |
||||
|
||||
# List all modules(jars) that belong to the DolphinScheduler itself, these will be ignored when checking the dependency |
||||
# licenses |
||||
echo '=== Self modules: ' && ./mvnw --batch-mode --quiet -Dexec.executable='echo' -Dexec.args='${project.artifactId}-${project.version}.jar' exec:exec | tee self-modules.txt |
||||
|
||||
echo '=== Distributed dependencies: ' && ls dist/lib | tee all-dependencies.txt |
||||
|
||||
# Exclude all self modules(jars) to generate all third-party dependencies |
||||
echo '=== Third party dependencies: ' && grep -vf self-modules.txt all-dependencies.txt | tee third-party-dependencies.txt |
||||
|
||||
# 1. Compare the third-party dependencies with known dependencies, expect that all third-party dependencies are KNOWN |
||||
# and the exit code of the command is 0, otherwise we should add its license to LICENSE file and add the dependency to |
||||
# known-dependencies.txt. 2. Unify the `sort` behaviour: here we'll sort them again in case that the behaviour of `sort` |
||||
# command in target OS is different from what we used to sort the file `known-dependencies.txt`, i.e. "sort the two file |
||||
# using the same command (and default arguments)" |
||||
|
||||
diff -w -B -U0 <(sort < tools/dependencies/known-dependencies.txt) <(sort < third-party-dependencies.txt) |
||||
@ -0,0 +1,211 @@
|
||||
HikariCP-3.2.0.jar |
||||
activation-1.1.jar |
||||
ant-1.6.5.jar |
||||
aopalliance-1.0.jar |
||||
apache-el-8.5.35.1.jar |
||||
apacheds-i18n-2.0.0-M15.jar |
||||
apacheds-kerberos-codec-2.0.0-M15.jar |
||||
api-asn1-api-1.0.0-M20.jar |
||||
api-util-1.0.0-M20.jar |
||||
asm-3.1.jar |
||||
aspectjweaver-1.9.2.jar |
||||
audience-annotations-0.5.0.jar |
||||
avro-1.7.4.jar |
||||
aws-java-sdk-1.7.4.jar |
||||
bonecp-0.8.0.RELEASE.jar |
||||
byte-buddy-1.9.10.jar |
||||
classmate-1.4.0.jar |
||||
clickhouse-jdbc-0.1.52.jar |
||||
commons-cli-1.2.jar |
||||
commons-codec-1.6.jar |
||||
commons-collections-3.2.2.jar |
||||
commons-collections4-4.1.jar |
||||
commons-compiler-3.0.12.jar |
||||
commons-compress-1.4.1.jar |
||||
commons-configuration-1.10.jar |
||||
commons-daemon-1.0.13.jar |
||||
commons-dbcp-1.4.jar |
||||
commons-email-1.5.jar |
||||
commons-httpclient-3.0.1.jar |
||||
commons-io-2.4.jar |
||||
commons-lang-2.6.jar |
||||
commons-logging-1.1.1.jar |
||||
commons-math3-3.1.1.jar |
||||
commons-net-3.1.jar |
||||
commons-pool-1.6.jar |
||||
core-3.1.1.jar |
||||
cron-utils-5.0.5.jar |
||||
curator-client-4.3.0.jar |
||||
curator-framework-4.3.0.jar |
||||
curator-recipes-4.3.0.jar |
||||
datanucleus-api-jdo-4.2.1.jar |
||||
datanucleus-core-4.1.6.jar |
||||
datanucleus-rdbms-4.1.7.jar |
||||
derby-10.14.2.0.jar |
||||
druid-1.1.14.jar |
||||
fastjson-1.2.61.jar |
||||
gson-2.8.5.jar |
||||
guava-20.0.jar |
||||
guice-3.0.jar |
||||
guice-servlet-3.0.jar |
||||
h2-1.4.200.jar |
||||
hadoop-annotations-2.7.3.jar |
||||
hadoop-auth-2.7.3.jar |
||||
hadoop-aws-2.7.3.jar |
||||
hadoop-client-2.7.3.jar |
||||
hadoop-common-2.7.3.jar |
||||
hadoop-hdfs-2.7.3.jar |
||||
hadoop-mapreduce-client-app-2.7.3.jar |
||||
hadoop-mapreduce-client-common-2.7.3.jar |
||||
hadoop-mapreduce-client-core-2.7.3.jar |
||||
hadoop-mapreduce-client-jobclient-2.7.3.jar |
||||
hadoop-mapreduce-client-shuffle-2.7.3.jar |
||||
hadoop-yarn-api-2.7.3.jar |
||||
hadoop-yarn-client-2.7.3.jar |
||||
hadoop-yarn-common-2.7.3.jar |
||||
hadoop-yarn-server-common-2.7.3.jar |
||||
hamcrest-core-1.3.jar |
||||
hibernate-validator-6.0.14.Final.jar |
||||
hive-common-2.1.0.jar |
||||
hive-jdbc-2.1.0.jar |
||||
hive-metastore-2.1.0.jar |
||||
hive-orc-2.1.0.jar |
||||
hive-serde-2.1.0.jar |
||||
hive-service-2.1.0.jar |
||||
hive-service-rpc-2.1.0.jar |
||||
hive-storage-api-2.1.0.jar |
||||
htrace-core-3.1.0-incubating.jar |
||||
httpclient-4.4.1.jar |
||||
httpcore-4.4.1.jar |
||||
httpmime-4.5.7.jar |
||||
jackson-annotations-2.9.8.jar |
||||
jackson-core-2.9.8.jar |
||||
jackson-core-asl-1.9.13.jar |
||||
jackson-databind-2.9.8.jar |
||||
jackson-datatype-jdk8-2.9.8.jar |
||||
jackson-datatype-jsr310-2.9.8.jar |
||||
jackson-jaxrs-1.9.13.jar |
||||
jackson-mapper-asl-1.9.13.jar |
||||
jackson-module-parameter-names-2.9.8.jar |
||||
jackson-xc-1.9.13.jar |
||||
jamon-runtime-2.3.1.jar |
||||
janino-3.0.12.jar |
||||
java-xmlbuilder-0.4.jar |
||||
javax.activation-api-1.2.0.jar |
||||
javax.annotation-api-1.3.2.jar |
||||
javax.inject-1.jar |
||||
javax.jdo-3.2.0-m3.jar |
||||
javax.mail-1.6.2.jar |
||||
javax.servlet-api-3.1.0.jar |
||||
javolution-5.5.1.jar |
||||
jaxb-api-2.3.1.jar |
||||
jaxb-impl-2.2.3-1.jar |
||||
jboss-logging-3.3.2.Final.jar |
||||
jdo-api-3.0.1.jar |
||||
jersey-client-1.9.jar |
||||
jersey-core-1.9.jar |
||||
jersey-guice-1.9.jar |
||||
jersey-json-1.9.jar |
||||
jersey-server-1.9.jar |
||||
jets3t-0.9.0.jar |
||||
jettison-1.1.jar |
||||
jetty-6.1.26.jar |
||||
jetty-continuation-9.4.14.v20181114.jar |
||||
jetty-http-9.4.14.v20181114.jar |
||||
jetty-io-9.4.14.v20181114.jar |
||||
jetty-security-9.4.14.v20181114.jar |
||||
jetty-server-9.4.14.v20181114.jar |
||||
jetty-servlet-9.4.14.v20181114.jar |
||||
jetty-servlets-9.4.14.v20181114.jar |
||||
jetty-util-6.1.26.jar |
||||
jetty-util-9.4.14.v20181114.jar |
||||
jetty-webapp-9.4.14.v20181114.jar |
||||
jetty-xml-9.4.14.v20181114.jar |
||||
jline-0.9.94.jar |
||||
jna-4.5.2.jar |
||||
jna-platform-4.5.2.jar |
||||
joda-time-2.10.1.jar |
||||
jpam-1.1.jar |
||||
jsch-0.1.42.jar |
||||
jsp-2.1-6.1.14.jar |
||||
jsp-api-2.1-6.1.14.jar |
||||
jsp-api-2.1.jar |
||||
jsqlparser-2.1.jar |
||||
jsr305-3.0.0.jar |
||||
jta-1.1.jar |
||||
jul-to-slf4j-1.7.25.jar |
||||
junit-4.12.jar |
||||
leveldbjni-all-1.8.jar |
||||
libfb303-0.9.3.jar |
||||
libthrift-0.9.3.jar |
||||
log4j-1.2-api-2.11.2.jar |
||||
log4j-1.2.17.jar |
||||
log4j-api-2.11.2.jar |
||||
log4j-core-2.11.2.jar |
||||
logback-classic-1.2.3.jar |
||||
logback-core-1.2.3.jar |
||||
lz4-1.3.0.jar |
||||
mapstruct-1.2.0.Final.jar |
||||
mssql-jdbc-6.1.0.jre8.jar |
||||
mybatis-3.5.2.jar |
||||
mybatis-plus-3.2.0.jar |
||||
mybatis-plus-annotation-3.2.0.jar |
||||
mybatis-plus-boot-starter-3.2.0.jar |
||||
mybatis-plus-core-3.2.0.jar |
||||
mybatis-plus-extension-3.2.0.jar |
||||
mybatis-spring-2.0.2.jar |
||||
netty-3.6.2.Final.jar |
||||
netty-all-4.1.33.Final.jar |
||||
opencsv-2.3.jar |
||||
oshi-core-3.5.0.jar |
||||
paranamer-2.3.jar |
||||
parquet-hadoop-bundle-1.8.1.jar |
||||
poi-3.17.jar |
||||
postgresql-42.1.4.jar |
||||
protobuf-java-2.5.0.jar |
||||
quartz-2.2.3.jar |
||||
quartz-jobs-2.2.3.jar |
||||
slf4j-api-1.7.5.jar |
||||
snakeyaml-1.23.jar |
||||
snappy-0.2.jar |
||||
snappy-java-1.0.4.1.jar |
||||
spring-aop-5.1.5.RELEASE.jar |
||||
spring-beans-5.1.5.RELEASE.jar |
||||
spring-boot-2.1.3.RELEASE.jar |
||||
spring-boot-autoconfigure-2.1.3.RELEASE.jar |
||||
spring-boot-starter-2.1.3.RELEASE.jar |
||||
spring-boot-starter-aop-2.1.3.RELEASE.jar |
||||
spring-boot-starter-jdbc-2.1.3.RELEASE.jar |
||||
spring-boot-starter-jetty-2.1.3.RELEASE.jar |
||||
spring-boot-starter-json-2.1.3.RELEASE.jar |
||||
spring-boot-starter-logging-2.1.3.RELEASE.jar |
||||
spring-boot-starter-web-2.1.3.RELEASE.jar |
||||
spring-context-5.1.5.RELEASE.jar |
||||
spring-core-5.1.5.RELEASE.jar |
||||
spring-expression-5.1.5.RELEASE.jar |
||||
spring-jcl-5.1.5.RELEASE.jar |
||||
spring-jdbc-5.1.5.RELEASE.jar |
||||
spring-plugin-core-1.2.0.RELEASE.jar |
||||
spring-plugin-metadata-1.2.0.RELEASE.jar |
||||
spring-tx-5.1.5.RELEASE.jar |
||||
spring-web-5.1.5.RELEASE.jar |
||||
spring-webmvc-5.1.5.RELEASE.jar |
||||
springfox-core-2.9.2.jar |
||||
springfox-schema-2.9.2.jar |
||||
springfox-spi-2.9.2.jar |
||||
springfox-spring-web-2.9.2.jar |
||||
springfox-swagger-common-2.9.2.jar |
||||
springfox-swagger-ui-2.9.2.jar |
||||
springfox-swagger2-2.9.2.jar |
||||
swagger-annotations-1.5.20.jar |
||||
swagger-bootstrap-ui-1.9.3.jar |
||||
swagger-models-1.5.20.jar |
||||
tephra-api-0.6.0.jar |
||||
threetenbp-1.3.6.jar |
||||
transaction-api-1.1.jar |
||||
validation-api-2.0.1.Final.jar |
||||
xercesImpl-2.9.1.jar |
||||
xml-apis-1.4.01.jar |
||||
xmlenc-0.52.jar |
||||
xz-1.0.jar |
||||
zookeeper-3.4.14.jar |
||||
Loading…
Reference in new issue