Skip to content

Commit b422c33

Browse files
committed
chore(hfh):SP-4186 include licenses in hfh response
1 parent 009b215 commit b422c33

6 files changed

Lines changed: 216 additions & 36 deletions

File tree

CHANGELOG.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
77

88
## [Unreleased]
99

10+
## [0.33.0] - 2026-03-26
11+
### Added
12+
- Added `License` nested message to `HFHResponse.Version` with `name`, `spdx_id`, `is_spdx_approved`, and `url` fields
13+
- Added `licenses` repeated field to `HFHResponse.Version` to include license information in High precision Folder Hashing scan responses
1014

1115
## [0.32.1] - 2026-03-13
1216
### Fixed
@@ -251,6 +255,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
251255
- Vulnerabilities
252256
- Added REST endpoint support for each service also
253257

258+
[0.33.0]: https://github.com/scanoss/papi/compare/v0.32.1...v0.33.0
254259
[0.32.1]: https://github.com/scanoss/papi/compare/v0.32.0...v0.32.1
255260
[0.32.0]: https://github.com/scanoss/papi/compare/v0.31.0...v0.32.0
256261
[0.31.0]: https://github.com/scanoss/papi/compare/v0.30.0...v0.31.0

api/scanningv2/scanoss-scanning.pb.go

Lines changed: 122 additions & 32 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

protobuf/scanoss/api/common/v2/scanoss-common.proto

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -167,5 +167,7 @@ enum ErrorCode {
167167
// Component version not found
168168
VERSION_NOT_FOUND = 4;
169169

170+
171+
170172
}
171173

protobuf/scanoss/api/scanning/v2/README.md

Lines changed: 42 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -93,11 +93,27 @@ Each component object contains:
9393
"versions": [
9494
{
9595
"version": "1.30.0",
96-
"score": 0.95
96+
"score": 0.95,
97+
"licenses": [
98+
{
99+
"name": "MIT License",
100+
"spdx_id": "MIT",
101+
"is_spdx_approved": true,
102+
"url": "https://spdx.org/licenses/MIT.html"
103+
}
104+
]
97105
},
98106
{
99107
"version": "1.29.0",
100-
"score": 0.87
108+
"score": 0.87,
109+
"licenses": [
110+
{
111+
"name": "MIT License",
112+
"spdx_id": "MIT",
113+
"is_spdx_approved": true,
114+
"url": "https://spdx.org/licenses/MIT.html"
115+
}
116+
]
101117
}
102118
],
103119
"rank": 1,
@@ -110,7 +126,21 @@ Each component object contains:
110126
"versions": [
111127
{
112128
"version": "2.1.0",
113-
"score": 0.78
129+
"score": 0.78,
130+
"licenses": [
131+
{
132+
"name": "Apache License 2.0",
133+
"spdx_id": "Apache-2.0",
134+
"is_spdx_approved": true,
135+
"url": "https://spdx.org/licenses/Apache-2.0.html"
136+
},
137+
{
138+
"name": "MIT License",
139+
"spdx_id": "MIT",
140+
"is_spdx_approved": true,
141+
"url": "https://spdx.org/licenses/MIT.html"
142+
}
143+
]
114144
}
115145
],
116146
"rank": 3,
@@ -128,7 +158,15 @@ Each component object contains:
128158
"versions": [
129159
{
130160
"version": "2.31.0",
131-
"score": 0.92
161+
"score": 0.92,
162+
"licenses": [
163+
{
164+
"name": "Apache License 2.0",
165+
"spdx_id": "Apache-2.0",
166+
"is_spdx_approved": true,
167+
"url": "https://spdx.org/licenses/Apache-2.0.html"
168+
}
169+
]
132170
}
133171
],
134172
"rank": 1,

protobuf/scanoss/api/scanning/v2/scanoss-scanning.proto

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -124,10 +124,25 @@ message HFHRequest {
124124
message HFHResponse {
125125
// Component version details
126126
message Version {
127+
128+
// Component license
129+
message License {
130+
// Full name of the license
131+
string name = 1;
132+
// SPDX license identifier. See https://spdx.org/licenses/
133+
string spdx_id = 2 [json_name = "spdx_id"];
134+
// Indicates whether this license is approved by the SPDX organization
135+
bool is_spdx_approved = 3 [json_name = "is_spdx_approved"];
136+
// URL pointing to the full license text
137+
string url = 4;
138+
}
139+
127140
// Component version
128141
string version = 1;
129142
// Component score (0-1)
130143
float score = 2;
144+
// Licenses
145+
repeated License licenses = 3;
131146
}
132147
// Matched component details
133148
message Component {

protobuf/scanoss/api/scanning/v2/scanoss-scanning.swagger.json

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -210,10 +210,40 @@
210210
"type": "number",
211211
"format": "float",
212212
"title": "Component score (0-1)"
213+
},
214+
"licenses": {
215+
"type": "array",
216+
"items": {
217+
"type": "object",
218+
"$ref": "#/definitions/HFHResponseVersionLicense"
219+
},
220+
"title": "Licenses"
213221
}
214222
},
215223
"title": "Component version details"
216224
},
225+
"HFHResponseVersionLicense": {
226+
"type": "object",
227+
"properties": {
228+
"name": {
229+
"type": "string",
230+
"title": "Full name of the license"
231+
},
232+
"spdx_id": {
233+
"type": "string",
234+
"title": "SPDX license identifier. See https://spdx.org/licenses/"
235+
},
236+
"is_spdx_approved": {
237+
"type": "boolean",
238+
"title": "Indicates whether this license is approved by the SPDX organization"
239+
},
240+
"url": {
241+
"type": "string",
242+
"title": "URL pointing to the full license text"
243+
}
244+
},
245+
"title": "Component license"
246+
},
217247
"StatusResponseDB": {
218248
"type": "object",
219249
"properties": {

0 commit comments

Comments
 (0)