Skip to content

feat(scanner): Store detected and effective license in database#4791

Open
Joelp03 wants to merge 1 commit intoeclipse-apoapsis:mainfrom
Joelp03:feat/store-license
Open

feat(scanner): Store detected and effective license in database#4791
Joelp03 wants to merge 1 commit intoeclipse-apoapsis:mainfrom
Joelp03:feat/store-license

Conversation

@Joelp03
Copy link
Copy Markdown
Contributor

@Joelp03 Joelp03 commented Apr 2, 2026

Hi there.
This implementation resolves the issue of storing detected and effective licenses for packages and projects in the database during the scanning process, making them readily available for API routes without needing to iterate through all scan results.

Resolve #4607

@mnonnenmacher
Copy link
Copy Markdown
Contributor

mnonnenmacher commented Apr 2, 2026

@Joelp03 Thank you for the contribution!

I don't have time to review this now and I won't be available for review for the next week, so some hints for anyone who picks up the review:

  • Make sure that package curations and package configurations are applied before storing the licenses, otherwise wrong data could be shown.
  • I think we should store the concluded license as well to have the full picture. Could be done separately, but this would also be a chance to do all of them together.
  • Filtering by license will be important for the UI, this should be considered when designing the storage model.

Etsija
Etsija previously requested changes Apr 10, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@Etsija Etsija left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We use rebasing, and there should be no merge commits.

@Joelp03 Joelp03 force-pushed the feat/store-license branch 3 times, most recently from aca98ee to f66517c Compare April 10, 2026 15:08
@Joelp03
Copy link
Copy Markdown
Contributor Author

Joelp03 commented Apr 10, 2026

Thanks @Etsija
I’ve reverted the merge and rebased the branch. I’m standing by for any further changes or feedback.

@Etsija
Copy link
Copy Markdown
Contributor

Etsija commented Apr 14, 2026
edited
Loading

Thanks @Etsija I’ve reverted the merge and rebased the branch. I’m standing by for any further changes or feedback.

For starters, you should run ./gradlew detekt detektMain detektTest to fix all linting issues, as the action is failing. Then, I believe it would be needed to address the points @mnonnenmacher is giving in his comment.

@sschuberth
Copy link
Copy Markdown
Contributor

sschuberth commented Apr 14, 2026

you should run ./gradlew detekt detektMain detektTest

FYI, we have the ./gradlew detektAll shorthand for that.

@Etsija
Copy link
Copy Markdown
Contributor

Etsija commented Apr 14, 2026
edited
Loading

you should run ./gradlew detekt detektMain detektTest

FYI, we have the ./gradlew detektAll shorthand for that.

Really?? Time to change docs then, as they are a mess when it comes to contributing guide: I found THREE separate places where guidance is given to the contributors, and NONE of them document usage of detekt correctly.

@sschuberth
Copy link
Copy Markdown
Contributor

sschuberth commented Apr 14, 2026
edited
Loading

I found THREE separate places where guidance is given to the contributors, and NONE of them document usage of detekt correctly.

What about this, which mentions ./gradlew detektAll explicitly?

In any case, PRs to improve the docs welcome 😉

@Etsija
Copy link
Copy Markdown
Contributor

Etsija commented Apr 14, 2026
edited
Loading

What about this, which mentions ./gradlew detektAll explicitly?

In any case, PRs to improve the docs welcome 😉

#4837

@Joelp03
Copy link
Copy Markdown
Contributor Author

Joelp03 commented Apr 14, 2026

Hi @Etsija and @sschuberth,

I'm aware of the OrtImportOrder issue, but I'm unable to fix it manually. The error message is too generic to identify the exact sorting rule required.

I've tried running ./gradlew detektAll and ./gradlew detekt detektMain detektTest, but they don't seem to resolve it, and the build output doesn't show enough detail to debug the specific order expected.

Is there a specific command to auto-fix this custom rule, or could you point me to the exact import order configuration? Thanks!

@sschuberth
Copy link
Copy Markdown
Contributor

sschuberth commented Apr 14, 2026

Is there a specific command to auto-fix this custom rule, or could you point me to the exact import order configuration?

Not sure why ./gradlew detekt --auto-correct did not seem to work here, but I've taken the liberty to fix this for you in your branch. I've also squashed the two commits into one. However, you still need to signoff the commit message.

@Joelp03 Joelp03 force-pushed the feat/store-license branch from e250b1a to d77894a Compare April 14, 2026 16:30
@Joelp03
Copy link
Copy Markdown
Contributor Author

Joelp03 commented Apr 14, 2026

Not sure why ./gradlew detekt --auto-correct did not seem to work here, but I've taken the liberty to fix this for you in your branch. I've also squashed the two commits into one. However, you still need to signoff the commit message.

Thanks. I've already signed the commit msg

@sschuberth sschuberth dismissed Etsija’s stale review April 15, 2026 16:45

The merge commit was removed.

sschuberth
sschuberth reviewed Apr 16, 2026
View reviewed changes
Comment thread dao/src/main/kotlin/queries/analyzer/GetPackagesForAnalyzerRunQuery.kt Outdated
Comment thread dao/src/main/kotlin/queries/analyzer/GetProjectsForAnalyzerRunQuery.kt Outdated
Comment thread dao/src/main/kotlin/repositories/analyzerrun/PackagesTable.kt Outdated
Comment thread dao/src/main/kotlin/repositories/analyzerrun/ProjectsTable.kt Outdated
@sschuberth @Joelp03
feat(scanner): Store detected and effective license in database
e8fb184 
Store detected licenses and effective license for packages and projects
during the scanner phase to make them easily available via API routes
without having to traverse all license findings from scan results.

- Add detectedLicenses and effectiveLicense columns to packages and
  projects tables (Flyway V139 migration)
- Add fields to Package and Project models
- Add DAO support for new columns with comma-separated serialization
- Create LicenseComputation.kt with functions to compute licenses
- Integrate license computation in ScannerWorker
- Expose new fields in API v1 Package and Project responses
- Add unit tests for DAO and LicenseComputation

Signed-off-by: Joel Pimentel <joelpimentel1995@gmail.com>

Resolves eclipse-apoapsis#4607.
@Joelp03 Joelp03 force-pushed the feat/store-license branch from d77894a to e8fb184 Compare April 17, 2026 13:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sschuberth sschuberth sschuberth left review comments

@Etsija Etsija Etsija left review comments

@bs-ondem bs-ondem Awaiting requested review from bs-ondem bs-ondem is a code owner

@MarcelBochtler MarcelBochtler Awaiting requested review from MarcelBochtler MarcelBochtler is a code owner

@mnonnenmacher mnonnenmacher Awaiting requested review from mnonnenmacher mnonnenmacher is a code owner

@nnobelis nnobelis Awaiting requested review from nnobelis nnobelis is a code owner

@oheger-bosch oheger-bosch Awaiting requested review from oheger-bosch oheger-bosch is a code owner

@wkl3nk wkl3nk Awaiting requested review from wkl3nk wkl3nk is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Store the detected and effective license of projects and packages

4 participants

@Joelp03 @mnonnenmacher @Etsija @sschuberth