| <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| --> |
| <html lang="en"> |
| <head> |
| <title>Apache Tentacles</title> |
| |
| <meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> |
| <meta property="og:image" content="http://www.apache.org/images/asf_logo.gif" /> |
| |
| <link href='http://fonts.googleapis.com/css?family=Overlock' rel='stylesheet' type='text/css'> |
| <link href="http://fonts.googleapis.com/css?family=Mate+SC" rel="stylesheet" type="text/css"/> |
| <link rel="stylesheet" type="text/css" media="screen" href="/css/style.css"> |
| <link rel="stylesheet" type="text/css" media="screen" href="/css/code.css"> |
| <link rel="stylesheet" type="text/css" media="screen" href="/css/creadur.css"> |
| |
| |
| |
| |
| |
| </head> |
| |
| <body> |
| <div id="page" class="container_16"> |
| <div id="header" class="grid_8"> |
| <img src="http://www.apache.org/images/feather-small.gif" alt="The Apache Software Foundation"> |
| <h1>The Apache Creadur™ Project</h1> |
| <h2>Apache Tentacles</h2> |
| </div> |
| <div id="nav" class="grid_8"> |
| <a href="http://www.apache.org/" id="bannerRight"> |
| <img |
| src="http://www.apache.org/images/asf-logo.gif" |
| alt="The Apache Software Foundation" |
| title="The Apache Software Foundation" /> |
| </a> |
| <p><a href="/">Home</a> » <a href="/tentacles/">Tentacles</a></p> |
| </div> |
| <div class="clear"></div> |
| <div id='nav-bar' class="grid_4 alpha"> |
| <ul> |
| <li> |
| <a href="http://community.apache.org/"> |
| <img |
| src="http://www.apache.org/images/feather-small.gif" |
| alt="The Apache Community" |
| title="The Apache Community" /> |
| </a> </li> |
| <li><h5>Apache Creadur™</h5> |
| <ul> |
| <li><a href="http://creadur.apache.org">Creadur Project Home</a></li> |
| <li><a href="http://creadur.apache.org/rat">Apache Rat™</a></li> |
| <li><a href="http://creadur.apache.org/tentacles">Apache Tentacles™</a></li> |
| <li><a href="http://creadur.apache.org/whisker">Apache Whisker™</a></li> |
| <li><a href='http://www.apache.org/security/'>Security</a></li> |
| <li><a href='http://www.apache.org/licenses/'>License</a></li> |
| <li><a |
| href='http://www.apache.org/foundation/sponsorship.html'>Sponsorship</a></li> |
| <li><a href='http://www.apache.org/foundation/thanks.html'>Thanks</a></li> |
| </ul> |
| </li> |
| <li><h5>The Apache Software Foundation</h5> |
| <ul> |
| <li><a href="http://www.apache.org/foundation">About the Foundation</a></li> |
| <li><a href="http://projects.apache.org" title="The Projects">The projects</a></li> |
| <li><a href="http://people.apache.org" title="The People">The people</a></li> |
| <li><a href='http://www.apache.org/foundation/how-it-works.html'>How we work</a></li> |
| <li><a href='http://www.apache.org/foundation/how-it-works.html#history'>Our history</a></li> |
| <li><a href='http://blogs.apache.org/foundation/'>News</a></li> |
| </ul> |
| </li> |
| <li><h5>Contribute</h5> |
| <ul> |
| <li><a href="http://www.apache.org/foundation/getinvolved.html" title="Get Involved">Get Involved</a></li> |
| <li><a href="http://mail-archives.apache.org/mod_mbox/creadur-dev/" title="Our mailing lists">Mailing lists</a></li> |
| <li><a href="https://issues.apache.org/jira/secure/BrowseProjects.jspa#11060" title="Issue tracking">Record an issue</a></li> |
| <li><a href="http://community.apache.org/contributors/index.html" title="Apache community guide to contribution">Contributors guide</a></li> |
| <li><a href="http://www.apache.org/dev/#committers" title="Some notes for Apache contributions">Contributors' FAQ</a></li> |
| </ul> |
| </li> |
| <li><h5>Committer Info</h5> |
| <ul> |
| <li><a href='http://www.apache.org/dev/committers.html'>Committers' FAQ</a></li> |
| <li><a href='http://www.apache.org/dev/new-committers-guide.html'>New Committers Guide</a></li> |
| <li><a href='http://planet.apache.org/committers/'>Plant Apache</a></li> |
| <li><a href='http://community.apache.org/'>Community</a></li> |
| <li><a href='http://www.apache.org/legal/'>Legal</a></li> |
| <li><a href='http://www.apache.org/foundation/marks/'>Branding</a></li> |
| <li><a href='http://www.apache.org/press/'>Media Relations</a></li> |
| </ul> |
| </li> |
| <li> |
| <a href="http://community.apache.org/"> |
| <img |
| src="http://www.apache.org/images/feather-small.gif" |
| alt="The Apache Community" |
| title="The Apache Community" /> |
| </a> |
| </li> |
| |
| </ul> |
| </div> |
| <div id="content" class="grid_12 omega"><div class="section-content"><h1 id="apache-tentacles">Apache Tentacles</h1> |
| <h2 id="running">Running</h2> |
| <p>Apache Tentacles™ will download all the archives from a staging repo, unpack |
| them and create a little report of what is there.</p> |
| <div class="codehilite"><pre><span class="n">java</span> <span class="o">-</span><span class="n">ea</span> <span class="o">-</span><span class="n">jar</span> <span class="n">apache</span><span class="o">-</span><span class="n">tentacles</span><span class="o">-</span>0<span class="p">.</span>1<span class="o">-</span><span class="n">SNAPSHOT</span><span class="o">-</span><span class="n">jar</span><span class="o">-</span><span class="n">with</span><span class="o">-</span><span class="n">dependencies</span><span class="p">.</span><span class="n">jar</span> <span class="n">https</span><span class="p">:</span><span class="o">//</span><span class="n">repository</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">org</span><span class="o">/</span><span class="n">content</span><span class="o">/</span><span class="n">repositories</span><span class="o">/</span><span class="n">orgapacheopenejb</span><span class="o">-</span>090 |
| </pre></div> |
| |
| |
| <p>Assertions must be enabled.</p> |
| <p>The tool is not specific to maven and will simply recursively walk |
| the provided URL and download all files matching the following |
| pattern:</p> |
| <div class="codehilite"><pre><span class="o">.*\</span><span class="p">.(</span><span class="n">jar</span><span class="o">|</span><span class="n">zip</span><span class="o">|</span><span class="n">war</span><span class="o">|</span><span class="n">ear</span><span class="o">|</span><span class="n">tar</span><span class="p">.</span><span class="n">gz</span><span class="p">)</span> |
| </pre></div> |
| |
| |
| <p>Tar.gz files are downloaded though there is currently no support for |
| unpacking them.</p> |
| <h2 id="output">Output</h2> |
| <p>Once the tool has run, the following files directories will exist:</p> |
| <div class="codehilite"><pre><span class="n">repo</span><span class="o">/</span> |
| <span class="n">content</span><span class="o">/</span> |
| <span class="n">archives</span><span class="p">.</span><span class="n">html</span> |
| <span class="n">licenses</span><span class="p">.</span><span class="n">html</span> |
| <span class="n">notices</span><span class="p">.</span><span class="n">html</span> |
| <span class="n">style</span><span class="p">.</span><span class="n">css</span> |
| <span class="n">org</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">openejb</span><span class="p">.</span><span class="n">openejb</span><span class="o">-</span><span class="n">core</span><span class="p">.</span>3<span class="p">.</span>0<span class="p">.</span>4<span class="p">.</span><span class="n">openejb</span><span class="o">-</span><span class="n">core</span><span class="o">-</span>3<span class="p">.</span>0<span class="p">.</span>4<span class="p">.</span><span class="n">jar</span><span class="p">.</span><span class="n">licenses</span><span class="p">.</span><span class="n">html</span> |
| <span class="n">org</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">openejb</span><span class="p">.</span><span class="n">openejb</span><span class="o">-</span><span class="n">core</span><span class="p">.</span>3<span class="p">.</span>0<span class="p">.</span>4<span class="p">.</span><span class="n">openejb</span><span class="o">-</span><span class="n">core</span><span class="o">-</span>3<span class="p">.</span>0<span class="p">.</span>4<span class="p">.</span><span class="n">jar</span><span class="p">.</span><span class="n">notices</span><span class="p">.</span><span class="n">html</span> |
| <span class="n">org</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">openejb</span><span class="p">.</span><span class="n">openejb</span><span class="o">-</span><span class="n">standalone</span><span class="p">.</span>3<span class="p">.</span>0<span class="p">.</span>4<span class="p">.</span><span class="n">openejb</span><span class="o">-</span><span class="n">standalone</span><span class="o">-</span>3<span class="p">.</span>0<span class="p">.</span>4<span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">licenses</span><span class="p">.</span><span class="n">html</span> |
| <span class="n">org</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">openejb</span><span class="p">.</span><span class="n">openejb</span><span class="o">-</span><span class="n">standalone</span><span class="p">.</span>3<span class="p">.</span>0<span class="p">.</span>4<span class="p">.</span><span class="n">openejb</span><span class="o">-</span><span class="n">standalone</span><span class="o">-</span>3<span class="p">.</span>0<span class="p">.</span>4<span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">notices</span><span class="p">.</span><span class="n">html</span> |
| <span class="n">org</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">openejb</span><span class="p">.</span><span class="n">openejb</span><span class="o">-</span><span class="n">tomcat</span><span class="o">-</span><span class="n">webapp</span><span class="p">.</span>3<span class="p">.</span>0<span class="p">.</span>4<span class="p">.</span><span class="n">openejb</span><span class="o">-</span><span class="n">tomcat</span><span class="o">-</span><span class="n">webapp</span><span class="o">-</span>3<span class="p">.</span>0<span class="p">.</span>4<span class="p">.</span><span class="n">war</span><span class="p">.</span><span class="n">licenses</span><span class="p">.</span><span class="n">html</span> |
| <span class="n">org</span><span class="p">.</span><span class="n">apache</span><span class="p">.</span><span class="n">openejb</span><span class="p">.</span><span class="n">openejb</span><span class="o">-</span><span class="n">tomcat</span><span class="o">-</span><span class="n">webapp</span><span class="p">.</span>3<span class="p">.</span>0<span class="p">.</span>4<span class="p">.</span><span class="n">openejb</span><span class="o">-</span><span class="n">tomcat</span><span class="o">-</span><span class="n">webapp</span><span class="o">-</span>3<span class="p">.</span>0<span class="p">.</span>4<span class="p">.</span><span class="n">war</span><span class="p">.</span><span class="n">notices</span><span class="p">.</span><span class="n">html</span> |
| <span class="p">...</span> |
| </pre></div> |
| |
| |
| <h2 id="repo">repo</h2> |
| <p>The repo directory will contain the full set of binaries, unmodified. |
| Theoretically, this tool could also download and check signatures |
| though it does not do that now.</p> |
| <h2 id="content">content</h2> |
| <p>The content directory will contain the unpacked version of the |
| downloaded binaries</p> |
| <p>So this file for example:</p> |
| <div class="codehilite"><pre><span class="n">repo</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span> |
| </pre></div> |
| |
| |
| <p>Will be unpacked at the following location:</p> |
| <div class="codehilite"><pre><span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span> |
| <span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">LICENSE</span> |
| <span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">NOTICE</span> |
| <span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">README</span><span class="p">.</span><span class="n">txt</span> |
| <span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">lib</span><span class="o">/</span><span class="n">bar</span><span class="p">.</span><span class="n">jar</span> |
| </pre></div> |
| |
| |
| <p>Unpacking is recursive, so any binaries contained in foo.zip will |
| also be unpacked.</p> |
| <div class="codehilite"><pre><span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">lib</span><span class="o">/</span><span class="n">bar</span><span class="p">.</span><span class="n">jar</span> |
| <span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">lib</span><span class="o">/</span><span class="n">bar</span><span class="p">.</span><span class="n">jar</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span> |
| <span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">lib</span><span class="o">/</span><span class="n">bar</span><span class="p">.</span><span class="n">jar</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">LICENSE</span> |
| <span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">lib</span><span class="o">/</span><span class="n">bar</span><span class="p">.</span><span class="n">jar</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">NOTICE</span> |
| <span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">lib</span><span class="o">/</span><span class="n">bar</span><span class="p">.</span><span class="n">jar</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">README</span><span class="p">.</span><span class="n">txt</span> |
| <span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">lib</span><span class="o">/</span><span class="n">bar</span><span class="p">.</span><span class="n">jar</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">org</span><span class="o">/</span> |
| <span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">lib</span><span class="o">/</span><span class="n">bar</span><span class="p">.</span><span class="n">jar</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">org</span><span class="o">/</span><span class="n">bar</span><span class="o">/</span> |
| <span class="n">content</span><span class="o">/</span><span class="n">foo</span><span class="p">.</span><span class="n">zip</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">lib</span><span class="o">/</span><span class="n">bar</span><span class="p">.</span><span class="n">jar</span><span class="p">.</span><span class="n">contents</span><span class="o">/</span><span class="n">org</span><span class="o">/</span><span class="n">bar</span><span class="o">/</span><span class="n">Some</span><span class="p">.</span><span class="n">class</span> |
| </pre></div> |
| |
| |
| <h2 id="reports">Reports</h2> |
| <p>The "main" report is currently called <code>archives.html</code> and will list |
| all of the top-level binaires, their LICENSE and NOTICE files and any |
| LICENSE and NOTICE files of any binaries they may contain.</p> |
| <p>Validation of the output at this point is all still manual. One of |
| the first improvements would be to automatically flag any binaries |
| that:</p> |
| <ul> |
| <li>contain no LICENSE and NOTICE files</li> |
| <li>contain more than one LICENSE or NOTICE file</li> |
| </ul> |
| <p>In this report, each binary will have three links listed after its |
| name '(licenses, notices, contents)'</p> |
| <h3 id="fooziplicenseshtml">foo.zip.licenses.html</h3> |
| <p>This page will display the full text of the LICENSE files included in |
| the binary. There will be two sections <strong>Declared</strong> and |
| <strong>Undeclared</strong></p> |
| <p>The Declared section lists the single LICENSE file that was supplied |
| by the binary itself. As the tool works recursively, it will also |
| collect any LICENSE file text from any binaries contained in the |
| foo.zip. Well call these "sub" LICENSES for simplicity.</p> |
| <p>Some attempt is made to figure out if the text from sub LICENSE files |
| are contained in the declared LICENSE file. If the sub license text |
| is contained in the declared LICENSE file it is not listed as |
| Undeclared.</p> |
| <p>The matching is not complete or perfect, but does help in more quickly |
| seeing where there might be a missing LICENSE text that should be |
| declared.</p> |
| <h3 id="foozipnoticeshtml">foo.zip.notices.html</h3> |
| <p>Functions identical to the previously described LICENSE page with |
| identical matching.</p> |
| <p>Note on the code, this all could probably be abstracted. We probably |
| don't need separate License and Notice classes.</p> |
| <h3 id="foozipcontents">foo.zip.contents</h3> |
| <p>The unpacked contents of the foo.zip as described above. Can be nice |
| to be able to browse around the zip and look for any jars that might |
| have LICENSE or NOTICE requirements but were overlooked.</p> |
| <h1 id="future-work">Future work</h1> |
| <p>Overall it would be great if this tool could perform some validation</p> |
| <p>Existence of LICENSE/NOTICE files: |
| - flag binaries that contain no LICENSE or NOTICE files |
| - flag binaries that contain too many LICENSE or NOTICE files</p> |
| <p>Contents of LICENSE/NOTICE files: |
| - better matching of missing license/notice text |
| - look false license/notice text, text that applied to "sub" |
| binaries once included in a binary, but are no longer present</p></div></div> |
| <div class="clear"></div> |
| </div> |
| |
| <div id="copyright" class="container_16"> |
| <p>Copyright © 2012 The Apache Software Foundation, Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.<br/> |
| Apache Creadur, Creadur, Apache Rat, Apache Tentacles, Apache Whisker, Apache and the Apache feather logo are <a href=http://www.apache.org/foundation/marks/'>trademarks</a> of <a href='http://www.apache.org'>The Apache Software Foundation</a>.<br/> |
| All other marks mentioned may be trademarks or registered trademarks of their respective owners. |
| </p> |
| </div> |
| </body> |
| </html> |