[PR] MINOR: Add verify_license tool [kafka]

via GitHub Mon, 17 Feb 2025 08:10:45 -0800


dajac opened a new pull request, #18931:
URL: https://github.com/apache/kafka/pull/18931


   This patch adds the verify_license.py tool. It compares the libraries 
shipped within the tarball to the LICENSE file, and vice versa, to ensure that 
they are aligned. It also slightly update the format of the LICENSE file to 
make it easier to parse it.
   
   Here is the output based on trunk:
   
   ```
   Tarball created at: 
/Users/dajac/dev/kafka/core/build/distributions/kafka_2.13-4.1.0-SNAPSHOT.tgz
   Tarball extracted to: 
/var/folders/_l/st3wqf1526gc6l30h7n31jq00000gn/T/tmpvmx7y25u
   Tarball extracted to: 
/var/folders/_l/st3wqf1526gc6l30h7n31jq00000gn/T/tmpvmx7y25u/kafka_2.13-4.1.0-SNAPSHOT
   
   Dependencies from libs (extracted from jar names):
    - HdrHistogram-2.2.2
    - activation-1.1.1
    - aopalliance-repackaged-3.0.6
    - argparse4j-0.7.0
    - caffeine-3.1.1
    - classgraph-4.8.173
    - commons-beanutils-1.9.4
    - commons-collections-3.2.2
    - commons-digester-2.1
    - commons-lang3-3.12.0
    - commons-logging-1.3.2
    - commons-validator-1.9.0
    - error_prone_annotations-2.14.0
    - hk2-api-3.0.6
    - hk2-locator-3.0.6
    - hk2-utils-3.0.6
    - jackson-annotations-2.16.2
    - jackson-core-2.16.2
    - jackson-databind-2.16.2
    - jackson-dataformat-csv-2.16.2
    - jackson-dataformat-yaml-2.16.2
    - jackson-datatype-jdk8-2.16.2
    - jackson-jakarta-rs-base-2.16.2
    - jackson-jakarta-rs-json-provider-2.16.2
    - jackson-module-blackbird-2.16.2
    - jackson-module-jakarta-xmlbind-annotations-2.16.2
    - jackson-module-scala_2.13-2.16.2
    - jakarta.activation-2.0.1
    - jakarta.activation-api-2.1.0
    - jakarta.annotation-api-2.1.1
    - jakarta.inject-api-2.0.1
    - jakarta.servlet-api-6.0.0
    - jakarta.validation-api-3.0.2
    - jakarta.ws.rs-api-3.1.0
    - jakarta.xml.bind-api-3.0.1
    - javassist-3.29.2-GA
    - javax.activation-api-1.2.0
    - javax.annotation-api-1.3.2
    - jaxb-api-2.3.1
    - jersey-client-3.1.9
    - jersey-common-3.1.9
    - jersey-container-servlet-3.1.9
    - jersey-container-servlet-core-3.1.9
    - jersey-hk2-3.1.9
    - jersey-server-3.1.9
    - jetty-alpn-client-12.0.15
    - jetty-client-12.0.15
    - jetty-ee10-servlet-12.0.15
    - jetty-ee10-servlets-12.0.15
    - jetty-http-12.0.15
    - jetty-io-12.0.15
    - jetty-security-12.0.15
    - jetty-server-12.0.15
    - jetty-session-12.0.15
    - jetty-util-12.0.15
    - jline-3.25.1
    - jopt-simple-5.0.4
    - jose4j-0.9.4
    - log4j-1.2-api-2.24.1
    - log4j-api-2.24.1
    - log4j-core-2.24.1
    - log4j-slf4j-impl-2.24.1
    - lz4-java-1.8.0
    - maven-artifact-3.9.6
    - metrics-core-2.2.0
    - opentelemetry-proto-1.0.0-alpha
    - osgi-resource-locator-1.0.3
    - paranamer-2.8
    - pcollections-4.0.1
    - plexus-utils-3.5.1
    - protobuf-java-3.25.5
    - re2j-1.7
    - rocksdbjni-9.7.3
    - scala-library-2.13.15
    - scala-logging_2.13-3.9.5
    - scala-reflect-2.13.15
    - slf4j-api-1.7.36
    - snakeyaml-2.2
    - snappy-java-1.1.10.5
    - swagger-annotations-2.2.25
    - zstd-jni-1.5.6-6
   
   Dependencies extracted from LICENSE file:
    - HdrHistogram-2.2.2
    - activation-1.1.1
    - aopalliance-repackaged-3.0.6
    - argparse4j-0.7.0
    - audience-annotations-0.12.0
    - caffeine-3.1.1
    - classgraph-4.8.173
    - commons-beanutils-1.9.4
    - commons-collections-3.2.2
    - commons-digester-2.1
    - commons-lang3-3.12.0
    - commons-logging-1.3.2
    - commons-validator-1.9.0
    - error_prone_annotations-2.14.0
    - hk2-api-3.0.6
    - hk2-locator-3.0.6
    - hk2-utils-3.0.6
    - jackson-annotations-2.16.2
    - jackson-core-2.16.2
    - jackson-databind-2.16.2
    - jackson-dataformat-csv-2.16.2
    - jackson-dataformat-yaml-2.16.2
    - jackson-datatype-jdk8-2.16.2
    - jackson-jakarta-rs-base-2.16.2
    - jackson-jakarta-rs-json-provider-2.16.2
    - jackson-jaxrs-base-2.16.2
    - jackson-jaxrs-json-provider-2.16.2
    - jackson-module-blackbird-2.16.2
    - jackson-module-jakarta-xmlbind-annotations-2.16.2
    - jackson-module-jaxb-annotations-2.16.2
    - jackson-module-scala_2.13-2.16.2
    - jakarta.activation-2.0.1
    - jakarta.activation-api-2.1.0
    - jakarta.annotation-api-2.1.1
    - jakarta.inject-2.6.1
    - jakarta.inject-api-2.0.1
    - jakarta.servlet-api-6.0.0
    - jakarta.validation-api-3.0.2
    - jakarta.ws.rs-api-3.1.0
    - jakarta.xml.bind-api-3.0.1
    - javassist-3.29.2-GA
    - javax.activation-api-1.2.0
    - javax.annotation-api-1.3.2
    - javax.servlet-api-3.1.0
    - jaxb-api-2.3.1
    - jersey-client-3.1.9
    - jersey-common-3.1.9
    - jersey-container-servlet-3.1.9
    - jersey-container-servlet-core-3.1.9
    - jersey-hk2-3.1.9
    - jersey-server-3.1.9
    - jetty-alpn-client-12.0.15
    - jetty-client-12.0.15
    - jetty-continuation-9.4.56.v20240826
    - jetty-ee10-servlet-12.0.15
    - jetty-ee10-servlets-12.0.15
    - jetty-http-12.0.15
    - jetty-io-12.0.15
    - jetty-security-12.0.15
    - jetty-server-12.0.15
    - jetty-servlet-9.4.56.v20240826
    - jetty-servlets-9.4.56.v20240826
    - jetty-session-12.0.15
    - jetty-util-12.0.15
    - jetty-util-ajax-9.4.56.v20240826
    - jline-3.25.1
    - jopt-simple-5.0.4
    - jose4j-0.9.4
    - jsr305-3.0.2
    - log4j-1.2-api-2.24.1
    - log4j-api-2.24.1
    - log4j-core-2.24.1
    - log4j-core-test-2.24.1
    - log4j-slf4j-impl-2.24.1
    - lz4-java-1.8.0
    - maven-artifact-3.9.6
    - metrics-core-2.2.0
    - metrics-core-4.1.12.1
    - opentelemetry-proto-1.0.0-alpha
    - osgi-resource-locator-1.0.3
    - paranamer-2.8
    - pcollections-4.0.1
    - plexus-utils-3.5.1
    - protobuf-java-3.25.5
    - re2j-1.7
    - rocksdbjni-9.7.3
    - scala-library-2.13.15
    - scala-logging_2.13-3.9.5
    - scala-reflect-2.13.15
    - slf4j-api-1.7.36
    - snakeyaml-2.2
    - snappy-java-1.1.10.5
    - swagger-annotations-2.2.25
    - zstd-jni-1.5.6-6
   
   All libs from ./libs are present in the LICENSE file.
   
   The following entries are in the LICENSE file but not present in ./libs:
    - audience-annotations-0.12.0
    - jackson-jaxrs-base-2.16.2
    - jackson-jaxrs-json-provider-2.16.2
    - jackson-module-jaxb-annotations-2.16.2
    - jakarta.inject-2.6.1
    - javax.servlet-api-3.1.0
    - jetty-continuation-9.4.56.v20240826
    - jetty-servlet-9.4.56.v20240826
    - jetty-servlets-9.4.56.v20240826
    - jetty-util-ajax-9.4.56.v20240826
    - jsr305-3.0.2
    - log4j-core-test-2.24.1
    - metrics-core-4.1.12.1
   ```
   
   I will fix the issues in the follow-up PRs.
   
   ### Committer Checklist (excluded from commit message)
   - [ ] Verify design and implementation 
   - [ ] Verify test coverage and CI build status
   - [ ] Verify documentation (including upgrade notes)
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

[PR] MINOR: Add verify_license tool [kafka]

Reply via email to