Add license reporting and "vcpkg license-report" command. #1514
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Implementation and tests must cover the |
BillyONeal
added a commit
to BillyONeal/vcpkg-tool
that referenced
this pull request
Oct 21, 2024
Extracted from microsoft#1514 Rather than each test case inventing their own way of dealing with the Windows/Linux `r`n vs `n difference, this change just always makes the output collection functions to do that transformation.
BillyONeal
added a commit
to BillyONeal/vcpkg-tool
that referenced
this pull request
Oct 21, 2024
Extracted from microsoft#1514
BillyONeal
added a commit
to BillyONeal/vcpkg-tool
that referenced
this pull request
Oct 21, 2024
BillyONeal
added a commit
to BillyONeal/vcpkg-tool
that referenced
this pull request
Oct 21, 2024
Extracted from microsoft#1514
BillyONeal
added a commit
to BillyONeal/vcpkg-tool
that referenced
this pull request
Oct 21, 2024
BillyONeal
added a commit
that referenced
this pull request
Oct 22, 2024
* Commonize `r`n / `n handling in test cases. Extracted from #1514 Rather than each test case inventing their own way of dealing with the Windows/Linux `r`n vs `n difference, this change just always makes the output collection functions to do that transformation. * Fix damaged -contains pointed out by @ras0219-msft
BillyONeal
added a commit
to BillyONeal/vcpkg-tool
that referenced
this pull request
Oct 24, 2024
Extracted from microsoft#1514 build_package never prints usage so the setting should not be there.
BillyONeal
added a commit
to BillyONeal/vcpkg-tool
that referenced
this pull request
Oct 24, 2024
Extracted from microsoft#1514
This was referenced Oct 24, 2024
BillyONeal
added a commit
to BillyONeal/vcpkg-tool
that referenced
this pull request
Oct 24, 2024
Extracted from microsoft#1514 We were paying to package the object up into a value, then unpackage it.
BillyONeal
added a commit
to BillyONeal/vcpkg-tool
that referenced
this pull request
Oct 24, 2024
Resolves microsoft/vcpkg#10812 Depends on microsoft#1529 Extracted from microsoft#1514 Splits database_load_check into database_load, which merely loads the current database, and database_load_collapse, which additionally smashes any outstanding update files. Splits get_installed_files into get_installed_files and get_installed_files_and_upgrade. The former avoids the format conversion and thus does not need to write. Reading commands database_load / get_installed_files: * export * list * owns * package_info * update Writing commands which use database_load_collapse / get_installed_files_and_upgrade. Also intend to call database_load_collapse at the end after successful completion so that the status file has all update records merged in where possible. * build * ci * install * remove * set-installed * upgrade
BillyONeal
added a commit
that referenced
this pull request
Nov 1, 2024
Extracted from #1514 We were paying to package the object up into a value, then unpackage it.
BillyONeal
added a commit
that referenced
this pull request
Nov 1, 2024
* Remove PrintUsage from BuildPackageOptions. Extracted from #1514 build_package never prints usage so the setting should not be there. * Fix flipped print usage order in commands.install.cpp
This indeed does not work. Also, we don't record feature information in the SPDX file at all, so a more structural change is necessary for that. Drafting this for now. I'm going to try to land #1377 , then add recording of features, then come back to this. |
BillyONeal
added a commit
to BillyONeal/vcpkg-tool
that referenced
this pull request
May 13, 2025
…eady installed' message, --head warning, and merging the 'green success' message into the total elapsed time part. Cherry picked from microsoft#1514
BillyONeal
added a commit
to BillyONeal/vcpkg-tool
that referenced
this pull request
May 13, 2025
…eady installed' message, --head warning, and merging the 'green success' message into the total elapsed time part. Cherry picked from microsoft#1514
BillyONeal
added a commit
to BillyONeal/vcpkg-tool
that referenced
this pull request
May 13, 2025
…eady installed' message, --head warning, and merging the 'green success' message into the total elapsed time part. Cherry picked from microsoft#1514
BillyONeal
added a commit
that referenced
this pull request
May 13, 2025
Improve console output when installing packages by deduplicating 'already installed' message, --head warning, and merging the 'green success' message into the total elapsed time part. Cherry picked from #1514 Co-authored-by: Robert Schumacher <[email protected]>
BillyONeal
force-pushed
the
license-printing
branch
2 times, most recently
from
96d1d2f to
79ca8cb
Compare
…nstalled in this invocation are printed, and a separate license-report command that prints all information known in the installed tree.
These tests fail for anyone who ever has run `vcpkg integrate powershell` before, and anything they find would be found by other tests here.
…ich can split apart AND expressions, and record feature license blocks ANDed together in the SBOM. DO NOT MERGE as is, ORs are not properly handled yet. LicenseExpressionExpectLicenseFoundParen is deleted; this condition is now reported as unbalanced parens.
BillyONeal
force-pushed
the
license-printing
branch
from
79ca8cb to
d64a17d
Compare
JavierMatosD
approved these changes
Jun 3, 2025
BillyONeal
added a commit
to BillyONeal/vcpkg-docs
that referenced
this pull request
Jun 4, 2025
BillyONeal
added a commit
to MicrosoftDocs/vcpkg-docs
that referenced
this pull request
Jun 20, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This work is primarily at the request of @walbourn , related: microsoft/vcpkg#31770
This PR adds a new command to help the the XBox customers @walbourn was trying to help.
vcpkg license-reportprints the SPDX licenses from the SBOM of all installed packages.This PR also prints the SPDX licenses for all packages which are being installed for a given install command. It does not print the licenses for already installed packages or dependencies of already installed packages. The existing dependency planner does not recurse into that, and we don't necessarily have the ports for that available anyway. If there's serious demand for this, we could consider doing it for manifest mode since there we know we have all the ports available at install time, but given that this solves @walbourn 's problem I'm not inclined to add it without substantial user feedback that it's something they need.
Some of the 'core infrastructure' work herein was done because I originally intended to record license status information in the installed database. Unfortunately, existing copies of vcpkg didn't record license information in the installed database, and doing this was going to be a breaking change to the on disk format. Moreover, it wouldn't work with ports that had been previously binary cached. This made the change controversial internally and we were not sure we were going to be able to do it. @ras0219-msft pointed out though that we record this information in the SBOMs already, so as long as it's a recent though package build to have an SBOM, we already had the information we needed.