Skip to content

reusable-copyright-license-check.yml: Add root level automatic license detection#39

Closed
Tarun Goyal (targoy-qti) wants to merge 1 commit into
qualcomm:mainfrom
targoy-qti:targoy-qti-patch-2
Closed

reusable-copyright-license-check.yml: Add root level automatic license detection#39
Tarun Goyal (targoy-qti) wants to merge 1 commit into
qualcomm:mainfrom
targoy-qti:targoy-qti-patch-2

Conversation

@targoy-qti

@targoy-qti Tarun Goyal (targoy-qti) commented Jun 10, 2026

Copy link
Copy Markdown
Contributor

https://jira-dc.qualcomm.com/jira/browse/LOSTINTPRJ-2041

Overview

Enhance license detection to automatically scan repository LICENSE
files using the scancode toolkit, with intelligent fallback to
configuration-based lookup.

Key Changes

1. Automatic License Detection

  • Added detect_license_from_file() function
  • Scans LICENSE files using scancode toolkit
  • Returns SPDX license identifiers
  • Supports multiple formats:
    • LICENSE
    • LICENSE.txt
    • LICENSE.md
    • COPYING

2. Enhanced License Resolution Strategy

Implemented a three-tier fallback in get_license():

  1. Primary: Auto-detect from repository LICENSE file
  2. Fallback: Config-based lookup using repository name
  3. Default: Return BSD-3-Clause-Clear

3. BSD License Normalization

  • Normalize BSD variants:
    • BSD-2-Clause
    • BSD-3-Clause
    • LicenseRef-scancode-bsd-x11
  • Map all variants to BSD-3-Clause-Clear
  • Ensure case-insensitive normalization

Impact

  • Reduce dependency on manual config maintenance
  • Improve accuracy using repository source files
  • Preserve backward compatibility

Benefits

  • Automation: No manual license configuration needed
  • Accuracy: Detect licenses from actual source files
  • Consistency: Standardize BSD license handling

… from repository LICENSE files

https://jira-dc.qualcomm.com/jira/browse/LOSTINTPRJ-2041

## Overview

Enhanced the license detection mechanism to automatically scan and detect licenses from repository LICENSE files using scancode, with intelligent fallback to configuration-based lookup.

## Key Changes

### 1. Automatic License Detection

- __New Function__: `detect_license_from_file()`

  - Scans LICENSE files using scancode toolkit
  - Returns SPDX license identifiers
  - Supports multiple LICENSE file formats: `LICENSE`, `LICENSE.txt`, `LICENSE.md`, `COPYING`

### 2. Enhanced License Resolution Strategy

Implemented a three-tier fallback approach in `get_license()`:

1. __Primary__: Auto-detect from repository LICENSE file
2. __Fallback__: Config file lookup using repository name
3. __Default__: Return `BSD-3-Clause-Clear` if both fail

### 3. BSD License Normalization

- All BSD variant licenses (BSD-2-Clause, BSD-3-Clause, LicenseRef-scancode-bsd-x11, etc.) are normalized to `BSD-3-Clause-Clear`
- Case-insensitive detection ensures consistent handling


__Impact__:

- Reduces dependency on manual config file maintenance
- Provides more accurate license detection based on actual repository content
- Maintains backward compatibility with existing config-based approach

## Benefits

- __Automation__: Eliminates need to manually configure licenses for new repositories
- __Accuracy__: Detects licenses directly from source files
- __Consistency__: Normalizes BSD variants to standard license



Signed-off-by: Tarun Goyal <targoy@qti.qualcomm.com>
@targoy-qti Tarun Goyal (targoy-qti) deleted the targoy-qti-patch-2 branch June 10, 2026 17:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant