dcicutils 7.12.0__py3-none-any.whl → 7.12.0.1b4__py3-none-any.whl

dcicutils/license_utils.py

@@ -1,5 +1,7 @@
 import contextlib
+import csv
 import datetime
+import glob
 import io
 import json
 # import logging
@@ -23,13 +25,18 @@ except ImportError:  # pragma: no cover - not worth unit testing this case
 #    import piplicenses
 
 from collections import defaultdict
-from typing import Any, Dict, DefaultDict, List, Optional, Type, Union
+from typing import Any, Dict, DefaultDict, List, Optional, Type, TypeVar, Union
 
 # For obscure reasons related to how this file is used for early prototyping, these must use absolute references
 # to modules, not relative references. Later when things are better installed, we can make refs relative again.
+from dcicutils.exceptions import InvalidParameterError
 from dcicutils.lang_utils import there_are
-from dcicutils.misc_utils import PRINT, get_error_message, local_attrs
+from dcicutils.misc_utils import (
+    PRINT, get_error_message, ignorable, ignored, json_file_contents, local_attrs, environ_bool,
+    remove_suffix,
+)
 
+T = TypeVar("T")
 
 # logging.basicConfig()
 # logger = logging.getLogger(__name__)
@@ -43,6 +50,14 @@ _NAME = 'name'
 _STATUS = 'status'
 
 
+def pattern(x):
+    return re.compile(x, re.IGNORECASE)
+
+
+def augment(d: dict, by: dict):
+    return dict(d, **by)
+
+
 class LicenseStatus:
     ALLOWED = "ALLOWED"
     SPECIALLY_ALLOWED = "SPECIALLY_ALLOWED"
@@ -51,6 +66,23 @@ class LicenseStatus:
     UNEXPECTED_MISSING = "UNEXPECTED_MISSING"
 
 
+class LicenseOptions:
+    # General verbosity, such as progress information
+    VERBOSE = environ_bool("LICENSE_UTILS_VERBOSE", default=True)
+    # Specific additional debugging output
+    DEBUG = environ_bool("LICENSE_UTILS_DEBUG", default=False)
+    CONDA_PREFIX = os.environ.get("CONDA_LICENSE_CHECKER_PREFIX", os.environ.get("CONDA_PREFIX", ""))
+
+    @classmethod
+    @contextlib.contextmanager
+    def selected_options(cls, verbose=VERBOSE, debug=DEBUG, conda_prefix=CONDA_PREFIX):
+        """
+        Allows a script, for example, to specify overrides for these options dynamically.
+        """
+        with local_attrs(cls, VERBOSE=verbose, DEBUG=debug, CONDA_PREFIX=conda_prefix):
+            yield
+
+
 class LicenseFramework:
 
     NAME = None
@@ -87,13 +119,13 @@ class LicenseFrameworkRegistry:
             yield
 
     @classmethod
-    def register(cls, *, name):
+    def register_framework(cls, *, name):
         """
         Declares a python license framework classs.
         Mostly these names will be language names like 'python' or 'javascript',
         but they might be names of other, non-linguistic frameworks (like 'cgap-pipeline', for example).
         """
-        def _decorator(framework_class):
+        def _decorator(framework_class: T) -> T:
             if not issubclass(framework_class, LicenseFramework):
                 raise ValueError(f"The class {framework_class.__name__} does not inherit from LicenseFramework.")
             framework_class.NAME = name
@@ -117,25 +149,108 @@ class LicenseFrameworkRegistry:
         return sorted(cls.LICENSE_FRAMEWORKS.values(), key=lambda x: x.NAME)
 
 
-@LicenseFrameworkRegistry.register(name='javascript')
+# This is intended to match ' (= 3)', ' (>= 3)', ' (version 3)', ' (version 3 or greater)'
+# It will incidentally and harmlessly also take ' (>version 3)' or '(>= 3 or greater)'.
+# It will also correctly handle the unlikely case of ' (= 3 or greater)'
+
+_OR_LATER_PATTERN = '(?:[- ]or[ -](?:greater|later))'
+_PARENTHETICAL_VERSION_CONSTRAINT = re.compile(f'( [(]([>]?)(?:[=]|version) ([0-9.]+)({_OR_LATER_PATTERN}?)[)])')
+_POSTFIX_OR_LATER_PATTERN = re.compile(f"({_OR_LATER_PATTERN})")
+_GPL_VERSION_CHOICE = re.compile('^GPL-v?([0-9.+]) (?:OR|[|]) GPL-v?([0-9.+])$')
+
+
+def simplify_license_versions(licenses_spec: str, *, for_package_name) -> str:
+    m = _GPL_VERSION_CHOICE.match(licenses_spec)
+    if m:
+        version_a, version_b = m.groups()
+        return f"GPL-{version_a}-or-{version_b}"
+    # We only care which licenses were mentioned, not what algebra is used on them.
+    # (Thankfully there are no NOTs, and that's probably not by accident, since that would be too big a set.)
+    # So for us, either (FOO AND BAR) or (FOO OR BAR) is the same because we want to treat it as "FOO,BAR".
+    # If all of those licenses match, all is good. That _does_ mean some things like (MIT OR GPL-3.0) will
+    # have trouble passing unless both MIT and GPL-3.0 are allowed.
+    transform_count = 0
+    original_licenses_spec = licenses_spec
+    ignorable(original_licenses_spec)  # sometimes useful for debugging
+    while True:
+        if transform_count > 100:  # It'd be surprising if there were even ten of these to convert.
+            warnings.warn(f"Transforming {for_package_name} {licenses_spec!r} seemed to be looping."
+                          f" Please report this as a bug.")
+            return licenses_spec  # return the unmodified
+        transform_count += 1
+        m = _PARENTHETICAL_VERSION_CONSTRAINT.search(licenses_spec)
+        if not m:
+            break
+        matched, greater, version_spec, greater2 = m.groups()
+        is_greater = bool(greater or greater2)
+        licenses_spec = licenses_spec.replace(matched,
+                                              f"-{version_spec}"
+                                              f"{'+' if is_greater else ''}")
+    transform_count = 0
+    while True:
+        if transform_count > 100:  # It'd be surprising if there were even ten of these to convert.
+            warnings.warn(f"Transforming {for_package_name} {licenses_spec!r} seemed to be looping."
+                          f" Please report this as a bug.")
+            return licenses_spec  # return the unmodified
+        transform_count += 1
+        m = _POSTFIX_OR_LATER_PATTERN.search(licenses_spec)
+        if not m:
+            break
+        matched = m.group(1)
+        licenses_spec = licenses_spec.replace(matched, '+')
+    if LicenseOptions.DEBUG and licenses_spec != original_licenses_spec:
+        PRINT(f"Rewriting {original_licenses_spec!r} as {licenses_spec!r}.")
+    return licenses_spec
+
+
+def extract_boolean_terms(boolean_expression: str, for_package_name: str) -> List[str]:
+    # We only care which licenses were mentioned, not what algebra is used on them.
+    # (Thankfully there are no NOTs, and that's probably not by accident, since that would be too big a set.)
+    # So for us, either (FOO AND BAR) or (FOO OR BAR) is the same because we want to treat it as "FOO,BAR".
+    # If all of those licenses match, all is good. That _does_ mean some things like (MIT OR GPL-3.0) will
+    # have trouble passing unless both MIT and GPL-3.0 are allowed.
+    revised_boolean_expression = (
+        boolean_expression
+        .replace('(', '')
+        .replace(')', '')
+        .replace(' AND ', ',')
+        .replace(' and ', ',')
+        .replace(' & ', ',')
+        .replace(' OR ', ',')
+        .replace(' or ', ',')
+        .replace('|', ',')
+        .replace(';', ',')
+        .replace(' + ', ',')
+        .replace('file ', f'Custom: {for_package_name} file ')
+    )
+    terms = [x for x in sorted(map(lambda x: x.strip(), revised_boolean_expression.split(','))) if x]
+    if LicenseOptions.DEBUG and revised_boolean_expression != boolean_expression:
+        PRINT(f"Rewriting {boolean_expression!r} as {terms!r}.")
+    return terms
+
+
+@LicenseFrameworkRegistry.register_framework(name='javascript')
 class JavascriptLicenseFramework(LicenseFramework):
 
     @classmethod
-    def implicated_licenses(cls, *, licenses_spec: str):
-        # We only care which licenses were mentioned, not what algebra is used on them.
-        # (Thankfully there are no NOTs, and that's probably not by accident, since that would be too big a set.)
-        # So for us, either (FOO AND BAR) or (FOO OR BAR) is the same because we want to treat it as "FOO,BAR".
-        # If all of those licenses match, all is good. That _does_ mean some things like (MIT OR GPL-3.0) will
-        # have trouble passing unless both MIT and GPL-3.0 are allowed.
-        licenses = sorted(map(lambda x: x.strip(),
-                              (licenses_spec
-                               .replace('(', '')
-                               .replace(')', '')
-                               .replace(' AND ', ',')
-                               .replace(' OR ', ',')
-                               ).split(',')))
+    def implicated_licenses(cls, *, package_name, licenses_spec: str) -> List[str]:
+        ignored(package_name)
+        licenses_spec = simplify_license_versions(licenses_spec, for_package_name=package_name)
+        licenses = extract_boolean_terms(licenses_spec, for_package_name=package_name)
         return licenses
 
+    VERSION_PATTERN = re.compile('^.+?([@][0-9.][^@]*|)$')
+
+    @classmethod
+    def strip_version(cls, raw_name):
+        name = raw_name
+        m = cls.VERSION_PATTERN.match(raw_name)  # e.g., @foo/bar@3.7
+        if m:
+            suffix = m.group(1)
+            if suffix:
+                name = remove_suffix(m.group(1), name)
+        return name
+
     @classmethod
     def get_dependencies(cls):
         output = subprocess.check_output(['npx', 'license-checker', '--summary', '--json'],
@@ -147,24 +262,20 @@ class JavascriptLicenseFramework(LicenseFramework):
             # e.g., this happens if there's no javascript in the repo
             raise Exception("No javascript license data was found.")
         result = []
-        for name, record in records.items():
-            licenses_spec = record.get(_LICENSES)
-            if '(' in licenses_spec:
-                licenses = cls.implicated_licenses(licenses_spec=licenses_spec)
-                PRINT(f"Rewriting {licenses_spec!r} as {licenses!r}")
-            elif licenses_spec:
-                licenses = [licenses_spec]
-            else:
-                licenses = []
+        for raw_name, record in records.items():
+            name = cls.strip_version(raw_name)
+            raw_licenses_spec = record.get(_LICENSES)
+            licenses = cls.implicated_licenses(licenses_spec=raw_licenses_spec, package_name=name)
             entry = {
-                _NAME: name.lstrip('@').split('@')[0],  # e.g., @foo/bar@3.7
-                _LICENSES: licenses  # TODO: could parse this better.
+                _NAME: name,
+                _LICENSES: licenses,
+                _FRAMEWORK: 'javascript'
             }
             result.append(entry)
         return result
 
 
-@LicenseFrameworkRegistry.register(name='python')
+@LicenseFrameworkRegistry.register_framework(name='python')
 class PythonLicenseFramework(LicenseFramework):
 
     @classmethod
@@ -184,15 +295,107 @@ class PythonLicenseFramework(LicenseFramework):
             entry = {
                 _NAME: license_name,
                 _LICENSES: licenses,
-                _LANGUAGE: 'python',
+                _FRAMEWORK: 'python',
             }
             result.append(entry)
         return sorted(result, key=lambda x: x.get(_NAME).lower())
 
 
-class LicenseFileParser:
+@LicenseFrameworkRegistry.register_framework(name='conda')
+class CondaLicenseFramework(LicenseFramework):
+
+    @classmethod
+    def get_dependencies(cls):
+        prefix = LicenseOptions.CONDA_PREFIX
+        result = []
+        filespec = os.path.join(prefix, "conda-meta/*.json")
+        files = glob.glob(filespec)
+        for file in files:
+            data = json_file_contents(file)
+            package_name = data['name']
+            package_license = data.get('license') or "MISSING"
+            if package_license:
+                # print(f"package_license={package_license}")
+                simplified_package_license_spec = simplify_license_versions(package_license,
+                                                                            for_package_name=package_name)
+                # print(f" =simplified_package_license_spec => {simplified_package_license_spec}")
+                package_licenses = extract_boolean_terms(simplified_package_license_spec,
+                                                         for_package_name=package_name)
+                # print(f"=> {package_licenses}")
+            else:
+                package_licenses = []
+            entry = {
+                _NAME: package_name,
+                _LICENSES: package_licenses,
+                _FRAMEWORK: 'conda',
+            }
+            result.append(entry)
+        result.sort(key=lambda x: x['name'])
+        # print(f"conda get_dependencies result={json.dumps(result, indent=2)}")
+        # print("conda deps = ", json.dumps(result, indent=2))
+        return result
+
+
+@LicenseFrameworkRegistry.register_framework(name='r')
+class RLicenseFramework(LicenseFramework):
+
+    R_PART_SPEC = re.compile("^Part of R [0-9.]+$")
+    R_LANGUAGE_LICENSE_NAME = 'R-language-license'
+
+    @classmethod
+    def implicated_licenses(cls, *, package_name, licenses_spec: str) -> List[str]:
+        if cls.R_PART_SPEC.match(licenses_spec):
+            return [cls.R_LANGUAGE_LICENSE_NAME]
+        licenses_spec = simplify_license_versions(licenses_spec, for_package_name=package_name)
+        licenses = extract_boolean_terms(licenses_spec, for_package_name=package_name)
+        return licenses
+
+    @classmethod
+    def get_dependencies(cls):
+        # NOTE: Although the R Language itself is released under the GPL, our belief is that it is
+        # still possible to write programs in R that are not GPL, even programs that use commercial licenses.
+        # So we do ordinary license checking here, same as in other frameworks.
+        # For notes on this, see the R FAQ.
+        # Ref: https://cran.r-project.org/doc/FAQ/R-FAQ.html#Can-I-use-R-for-commercial-purposes_003f
+
+        _PACKAGE = "Package"
+        _LICENSE = "License"
+
+        found_problems = 0
+
+        output_bytes = subprocess.check_output(['r', '--no-echo', '-q', '-e',
+                                                f'write.csv(installed.packages()[,c("Package", "License")])'],
+                                               # This will output to stderr if there's an error,
+                                               # but it will still put {} on stdout, which is good enough for us.
+                                               stderr=subprocess.DEVNULL)
+        output = output_bytes.decode('utf-8')
+        result = []
+        first_line = True
+        for entry in csv.reader(io.StringIO(output)):  # [ignore, package, license]
+            if first_line:
+                first_line = False
+                if entry == ["", _PACKAGE, _LICENSE]:  # we expect headers
+                    continue
+            try:
+                package_name = entry[1]
+                licenses_spec = entry[2]
+                licenses = cls.implicated_licenses(package_name=package_name, licenses_spec=licenses_spec)
+                entry = {
+                    _NAME: package_name,
+                    _LICENSES: licenses,
+                    _FRAMEWORK: 'r',
+                }
+                result.append(entry)
+            except Exception as e:
+                found_problems += 1
+                if LicenseOptions.VERBOSE:
+                    PRINT(get_error_message(e))
+        if found_problems > 0:
+            warnings.warn(there_are(found_problems, kind="problem", show=False, punctuate=True, tense='past'))
+        return sorted(result, key=lambda x: x.get(_NAME).lower())
 
-    VERBOSE = False
+
+class LicenseFileParser:
 
     SEPARATORS = '-.,'
     SEPARATORS_AND_WHITESPACE = SEPARATORS + ' \t'
@@ -230,8 +433,6 @@ class LicenseFileParser:
             lines = []
             for i, line in enumerate(fp):
                 line = line.strip(' \t\n\r')
-                if cls.VERBOSE:  # pragma: no cover - this is just for debugging
-                    PRINT(str(i).rjust(3), line)
                 m = cls.COPYRIGHT_LINE.match(line) if line[:1].isupper() else None
                 if not m:
                     lines.append(line)
@@ -316,14 +517,12 @@ class LicenseChecker:
     Note that if you don't like these license names, which are admittedly non-standard and do nt seem to use
     SPDX naming conventions, you can customize the get_dependencies method to return a different
     list, one of the form
-    [{"name": "libname", "license_classifier": ["license1", "license2", ...], "language": "python"}]
+    [{"name": "libname", "license_classifier": ["license1", "license2", ...], "framework": "python"}]
     by whatever means you like and using whatever names you like.
     """
 
     # Set this to True in subclasses if you want your organization's policy to be that you see
     # some visible proof of which licenses were checked.
-    VERBOSE = True
-
     LICENSE_TITLE = None
     COPYRIGHT_OWNER = None
     LICENSE_FRAMEWORKS = None
@@ -378,6 +577,22 @@ class LicenseChecker:
                                                            check_license_title=license_title or cls.LICENSE_TITLE,
                                                            analysis=analysis)
 
+    CHOICE_REGEXPS = {}
+
+    @classmethod
+    def _make_regexp_for_choices(cls, choices):
+        inner_pattern = '|'.join('^' + (re.escape(choice) if isinstance(choice, str) else choice.pattern) + '$'
+                                 for choice in choices) or "^$"
+        return re.compile(f"({inner_pattern})", re.IGNORECASE)
+
+    @classmethod
+    def _find_regexp_for_choices(cls, choices):
+        key = str(choices)
+        regexp = cls.CHOICE_REGEXPS.get(key)
+        if not regexp:
+            cls.CHOICE_REGEXPS[key] = regexp = cls._make_regexp_for_choices(choices)
+        return regexp
+
     @classmethod
     def analyze_license_dependencies_for_framework(cls, *,
                                                    analysis: LicenseAnalysis,
@@ -385,7 +600,7 @@ class LicenseChecker:
                                                    acceptable: Optional[List[str]] = None,
                                                    exceptions: Optional[Dict[str, str]] = None,
                                                    ) -> None:
-        acceptable = (acceptable or []) + (cls.ALLOWED or [])
+        acceptability_regexp = cls._find_regexp_for_choices((acceptable or []) + (cls.ALLOWED or []))
         exceptions = dict(cls.EXCEPTIONS or {}, **(exceptions or {}))
 
         try:
@@ -415,7 +630,7 @@ class LicenseChecker:
                 by_special_exception = False
                 for license_name in license_names:
                     special_exceptions = exceptions.get(license_name, [])
-                    if license_name in acceptable:
+                    if acceptability_regexp.match(license_name):  # license_name in acceptable:
                         pass
                     elif name in special_exceptions:
                         by_special_exception = True
@@ -430,7 +645,7 @@ class LicenseChecker:
                 _LICENSES: license_names,
                 _STATUS: status
             })
-            if cls.VERBOSE:  # pragma: no cover - this is just for debugging
+            if LicenseOptions.VERBOSE:  # pragma: no cover - this is just for debugging
                 PRINT(f"Checked {framework.NAME} {name}:"
                       f" {'; '.join(license_names) if license_names else '---'} ({status})")
 
@@ -459,7 +674,7 @@ class LicenseChecker:
     def show_unacceptable_licenses(cls, *, analysis: LicenseAnalysis) -> LicenseAnalysis:
         if analysis.unacceptable:
             PRINT(there_are(analysis.unacceptable, kind="unacceptable license", show=False, punctuation_mark=':'))
-            for license, names in analysis.unacceptable.items():
+            for license, names in sorted(analysis.unacceptable.items()):
                 PRINT(f" {license}: {', '.join(names)}")
         return analysis
 
@@ -499,6 +714,30 @@ class LicenseChecker:
             raise LicenseAcceptabilityCheckFailure(unacceptable_licenses=analysis.unacceptable)
 
 
+class LicenseCheckerRegistry:
+
+    REGISTRY: Dict[str, Type[LicenseChecker]] = {}
+
+    @classmethod
+    def register_checker(cls, name: str):
+        def _register(license_checker_class: Type[LicenseChecker]):
+            cls.REGISTRY[name] = license_checker_class
+            return license_checker_class
+        return _register
+
+    @classmethod
+    def lookup_checker(cls, name: str) -> Type[LicenseChecker]:
+        result: Optional[Type[LicenseChecker]] = cls.REGISTRY.get(name)
+        if result is None:
+            raise InvalidParameterError(parameter='checker_name', value=name,
+                                        options=cls.all_checker_names())
+        return result
+
+    @classmethod
+    def all_checker_names(cls):
+        return list(cls.REGISTRY.keys())
+
+
 class LicenseCheckFailure(Exception):
 
     DEFAULT_MESSAGE = "License check failure."
@@ -523,16 +762,13 @@ class LicenseAcceptabilityCheckFailure(LicenseCheckFailure):
         super().__init__(message=message)
 
 
-class C4InfrastructureLicenseChecker(LicenseChecker):
+@LicenseCheckerRegistry.register_checker('park-lab-common')
+class ParkLabCommonLicenseChecker(LicenseChecker):
     """
-    This set of values is useful to us in Park Lab where these tools were developed.
-    If you're at some other organization, we recommend you make a class that has values
-    suitable to your own organizational needs.
+    Minimal checker common to all tech from Park Lab.
     """
 
     COPYRIGHT_OWNER = "President and Fellows of Harvard College"
-    LICENSE_TITLE = "(The )?MIT License"
-    LICENSE_FRAMEWORKS = ['python', 'javascript']
 
     ALLOWED = [
 
@@ -548,16 +784,39 @@ class C4InfrastructureLicenseChecker(LicenseChecker):
         'AFL-2.1',
 
         # Linking = Permissive, Private Use = Yes
+        # Apache licenses before version 2.0 are controversial, but we here construe an unmarked naming to imply
+        # any version, and hence v2.
         # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
         'Apache Software License',
         'Apache-Style',
-        'Apache-2.0',
+        pattern("Apache([- ]2([.]0)?)?([- ]Licen[cs]e)?([- ]with[- ]LLVM[- ]exception)?"),
+        # 'Apache-2.0',
+
+        # Artistic License 1.0 was confusing to people, so its status as permissive is in general uncertain,
+        # however the issue seems to revolve around point 8 (relating to whether or not perl is deliberately
+        # exposed). That isn't in play for our uses, so we don't flag it here.
+        # Artistic license 2.0 is a permissive license.
+        # Ref: https://en.wikipedia.org/wiki/Artistic_License
+        'Artistic-1.0-Perl',
+        pattern('Artistic[- ]2([.]0)?'),
+
+        # According to Wikipedia, the Boost is considered permissive and BSD-like.
+        # Refs:
+        #  *
+        #  * https://en.wikipedia.org/wiki/Boost_(C%2B%2B_libraries)#License
+        pattern('(BSL|Boost(([- ]Software)?[- ]License)?)([- ]1([.]0)?)?'),
 
         # Linking = Permissive, Private Use = Yes
         # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
-        'BSD License',
-        'BSD-2-Clause',
-        'BSD-3-Clause',
+        pattern('((modified[- ])?[234][- ]Clause[- ])?BSD([- ][234][- ]Clause)?( Licen[cs]e)?'),
+        # 'BSD License',
+        # 'BSD-2-Clause',
+        # 'BSD-3-Clause',
+        # 'BSD 3-Clause',
+
+        # BZIP2 is a permissive license
+        # Ref: https://github.com/asimonov-im/bzip2/blob/master/LICENSE
+        pattern('bzip2(-1[.0-9]*)'),
 
         # Linking = Public Domain, Private Use = Public Domain
         # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
@@ -570,6 +829,10 @@ class C4InfrastructureLicenseChecker(LicenseChecker):
         'CC-BY-3.0',
         'CC-BY-4.0',
 
+        # The curl license is a permissive license.
+        # Ref: https://curl.se/docs/copyright.html
+        'curl',
+
         # Linking = Permissive, Private Use = ?
         # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
         'CDDL',
@@ -583,9 +846,32 @@ class C4InfrastructureLicenseChecker(LicenseChecker):
         'Eclipse Public License',
         'EPL-2.0',
 
+        # The FSF Unlimited License (FSFUL) seems to be a completely permissive license.
+        # Refs:
+        #  * https://spdx.org/licenses/FSFUL.html
+        #  * https://fedoraproject.org/wiki/Licensing/FSF_Unlimited_License
+        'FSF Unlimited License',
+        'FSFUL',
+
+        # The FreeType license is a permissive license.
+        # Ref: LicenseRef-FreeType
+        pattern('(Licen[cs]eRef-)?(FTL|FreeType( Licen[cs]e)?)'),
+
         # Linking = Yes, Cat = Permissive Software Licenses
         # Ref: https://en.wikipedia.org/wiki/Historical_Permission_Notice_and_Disclaimer
         'Historical Permission Notice and Disclaimer (HPND)',
+        'HPND',
+        pattern('(Licen[cs]eRef-)?PIL'),
+        # The Pillow or Python Image Library is an HPND license, which is a simple permissive license:
+        # Refs:
+        #   * https://github.com/python-pillow/Pillow/blob/main/LICENSE
+        #   * https://www.fsf.org/blogs/licensing/historical-permission-notice-and-disclaimer-added-to-license-list
+
+        # The IJG license, used by Independent JPEG Group (IJG) is a custom permissive license.
+        # Refs:
+        #   * https://en.wikipedia.org/wiki/Libjpeg
+        #   * https://github.com/libjpeg-turbo/libjpeg-turbo/blob/main/LICENSE.md
+        'IJG',
 
         # Linking = Permissive, Private Use = Permissive
         # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
@@ -610,10 +896,11 @@ class C4InfrastructureLicenseChecker(LicenseChecker):
         'OFL-1.1',
 
         # Ref: https://en.wikipedia.org/wiki/Public_domain
-        'Public Domain',
+        pattern('(Licen[cs]eRef-)?Public[- ]Domain([- ]dedic[t]?ation)?'),  # "dedictation" is a typo in docutils
 
         # Linking = Permissive, Private Use = Permissive
         # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
+        pattern('(Licen[cs]eRef-)?PSF-2([.][.0-9]*)'),
         'Python Software Foundation License',
         'Python-2.0',
 
@@ -621,11 +908,32 @@ class C4InfrastructureLicenseChecker(LicenseChecker):
         # Ref: https://en.wikipedia.org/wiki/Pylons_project
         'Repoze Public License',
 
+        # The TCL or Tcl/Tk licenses are permissive licenses.
+        # Ref: https://www.tcl.tk/software/tcltk/license.html
+        # The one used by the tktable library has a 'bourbon' clause that doesn't add compliance requirements
+        # Ref: https://github.com/wjoye/tktable/blob/master/license.txt
+        pattern('Tcl([/]tk)?'),
+
+        # The Ubuntu Font Licence is mostly permissive. It contains some restrictions if you are going to modify the
+        # fonts that require you to change the name to avoid confusion. But for our purposes, we're assuming that's
+        # not done, and so we're not flagging it.
+        pattern('Ubuntu Font Licen[cs]e Version( 1([.]0)?)?'),
+
         # Linking = Permissive/Public domain, Private Use = Permissive/Public domain
         # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
         'The Unlicense (Unlicense)',
         'Unlicense',
 
+        # Various licenses seem to call themselves or be summed up as unlimited.
+        # So far we know of none that are not highly permissive.
+        #   * boot and KernSmooth are reported by R as being 'Unlimited'
+        #     Refs:
+        #       * https://cran.r-project.org/web/packages/KernSmooth/index.html
+        #         (https://github.com/cran/KernSmooth/blob/master/LICENCE.note)
+        #       * https://cran.r-project.org/package=boot
+        #         (https://github.com/cran/boot/blob/master/DESCRIPTION)
+        'Unlimited',
+
         # Linking = Permissive, Private Use = ?
         # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
         'W3C License',
@@ -646,6 +954,109 @@ class C4InfrastructureLicenseChecker(LicenseChecker):
         'Zope Public License',
     ]
 
+    EXCEPTIONS = {
+
+        # The Bioconductor zlibbioc license is a permissive license.
+        # Ref: https://github.com/Bioconductor/zlibbioc/blob/devel/LICENSE
+        'Custom: bioconductor-zlibbioc file LICENSE': [
+            'bioconductor-zlibbioc'
+        ],
+
+        # The Bioconductor rsamtools license is an MIT license
+        # Ref: https://bioconductor.org/packages/release/bioc/licenses/Rsamtools/LICENSE
+        'Custom: bioconductor-rsamtools file LICENSE': [
+            'bioconductor-rsamtools'
+        ],
+
+        # DFSG = Debian Free Software Guidelines
+        # Ref: https://en.wikipedia.org/wiki/Debian_Free_Software_Guidelines
+        # Used as an apparent modifier to other licenses, to say they are approved per Debian.
+        # For example in this case, pytest-timeout has license: DFSG approved, MIT License,
+        # but is really just an MIT License that someone has checked is DFSG approved.
+        'DFSG approved': [
+            'pytest-timeout',  # MIT Licensed
+        ],
+
+        'FOSS': [
+            # The r-stringi library is a conda library that implements a stringi (pronounced "stringy") library for R.
+            # The COnda source feed is: https://github.com/conda-forge/r-stringi-feedstock
+            # This page explains that the home source is https://stringi.gagolewski.com/ but that's a doc page.
+            # The doc page says:
+            # > stringi’s source code is hosted on GitHub.
+            # > It is distributed under the open source BSD-3-clause license.
+            # The source code has a license that begins with a BSD-3-clause license and includes numerous others,
+            # but they all appear to be permissive.
+            #   Ref: https://github.com/gagolews/stringi/blob/master/LICENSE
+            'stringi', 'r-stringi',
+        ],
+
+        # Linking = With Restrictions, Private Use = Yes
+        # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
+        'GNU Lesser General Public License v2 or later (LGPLv2+)': [
+            'chardet'  # used at runtime during server operation (ingestion), but not modified or distributed
+        ],
+
+        # Linking = With Restrictions, Private Use = Yes
+        # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
+        'GNU Lesser General Public License v3 or later (LGPLv3+)': [
+            # used only privately in testing, not used in server code, not modified, not distributed
+            'pytest-redis',
+            # required by pytest-redis (used only where it's used)
+            'mirakuru',
+        ],
+
+        'GNU General Public License (GPL)': [
+            'docutils',  # Used only privately as a separate documentation-generation task for ReadTheDocs
+        ],
+
+        'MIT/X11 Derivative': [
+            # The license used by libxkbcommon is complicated and involves numerous included licenses,
+            # but all are permissive.
+            # Ref: https://github.com/xkbcommon/libxkbcommon/blob/master/LICENSE
+            'libxkbcommon',
+        ],
+
+        'None': [
+            # It's not obvious why Conda shows this license as 'None'.
+            # In fact, though, BSD 3-Clause "New" or "Revised" License
+            # Ref: https://github.com/AnacondaRecipes/_libgcc_mutex-feedstock/blob/master/LICENSE.txt
+            '_libgcc_mutex',
+        ],
+
+        'PostgreSQL': [
+            # The libpq library is actually licensed with a permissive BSD 3-Clause "New" or "Revised" License
+            # Ref: https://github.com/lpsmith/postgresql-libpq/blob/master/LICENSE
+            'libpq',
+        ],
+
+        'UCSD': [
+            # It isn't obvious why these show up with a UCSD license in Conda.
+            # The actual sources say it should be a 2-clause BSD license:
+            # Refs:
+            #   * https://github.com/AlexandrovLab/SigProfilerMatrixGenerator/blob/master/LICENSE
+            #   * https://github.com/AlexandrovLab/SigProfilerPlotting/blob/master/LICENSE
+            'sigprofilermatrixgenerator',
+            'sigprofilerplotting',
+        ],
+
+        'X11': [
+            # The ncurses library has a VERY complicated history, BUT seems consistently permissive
+            # and the most recent version seems to be essentially the MIT license.
+            # Refs:
+            #   * https://en.wikipedia.org/wiki/Ncurses#License
+            #   * https://invisible-island.net/ncurses/ncurses-license.html
+            'ncurses'
+        ],
+
+        'zlib-acknowledgement': [
+            # It isn't clear whey libpng shows up with this license name, but the license for libpng
+            # is a permissive license.
+            # Ref: https://github.com/glennrp/libpng/blob/libpng16/LICENSE
+            'libpng',
+        ],
+
+    }
+
     EXPECTED_MISSING_LICENSES = [
 
         # This is a name we use for our C4 portals. And it isn't published.
@@ -726,7 +1137,7 @@ class C4InfrastructureLicenseChecker(LicenseChecker):
         'responses',
 
         # This seems to get flagged sometimes, but is not the pypi snovault library, it's what our dcicsnovault
-        # calls itself internally.. In any case, it's under MIT license and OK.
+        # calls itself internally. In any case, it's under MIT license and OK.
         # Ref: https://github.com/4dn-dcic/snovault/blob/master/LICENSE.txt
         'snovault',
 
@@ -757,141 +1168,242 @@ class C4InfrastructureLicenseChecker(LicenseChecker):
 
     ]
 
-    EXCEPTIONS = {
 
-        'BSD*': [
-            # Although modified to insert the author name into the license text itself,
-            # the license for these libraries are essentially BSD-3-Clause.
-            'formatio',
-            'samsam',
-
-            # There are some slightly different versions of what appear to be BSD licenses here,
-            # but clearly the license is permissive.
-            # Ref: https://www.npmjs.com/package/mutation-observer?activeTab=readme
-            'mutation-observer',
-        ],
+@LicenseCheckerRegistry.register_checker('park-lab-pipeline')
+class ParkLabPipelineLicenseChecker(ParkLabCommonLicenseChecker):
+    """
+    Minimal checker common to pipelines from Park Lab.
+    """
 
-        'Custom: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global': [
-            # The use of this URL appears to be a syntax error in the definition of entries-ponyfill
-            # In fact this seems to be covered by a CC0-1.0 license.
-            # Ref: https://unpkg.com/browse/object.entries-ponyfill@1.0.1/LICENSE
-            'object.entries-ponyfill',
-        ],
+    LICENSE_FRAMEWORKS = ['python', 'conda', 'r']
 
-        'Custom: https://github.com/saikocat/colorbrewer.': [
-            # The use of this URL appears to be a syntax error in the definition of cartocolor
-            # In fact, this seems to be covered by a CC-BY-3.0 license.
-            # Ref: https://www.npmjs.com/package/cartocolor?activeTab=readme
-            'cartocolor',
-        ],
 
-        'Custom: https://travis-ci.org/component/emitter.png': [
-            # The use of this png appears to be a syntax error in the definition of emitter-component.
-            # In fact, emitter-component uses an MIT License
-            # Ref: https://www.npmjs.com/package/emitter-component
-            # Ref: https://github.com/component/emitter/blob/master/LICENSE
-            'emitter-component',
-        ],
+@LicenseCheckerRegistry.register_checker('park-lab-gpl-pipeline')
+class ParkLabGplPipelineLicenseChecker(ParkLabCommonLicenseChecker):
+    """
+    Minimal checker common to GPL pipelines from Park Lab.
+    """
 
-        # The 'turfs-jsts' repository (https://github.com/DenisCarriere/turf-jsts/blob/master/README.md)
-        # seems to lack a license, but appears to be forked from the jsts library that uses
-        # the Eclipse Public License 1.0 and Eclipse Distribution License 1.0, so probably a permissive
-        # license is intended.
-        'Custom: https://travis-ci.org/DenisCarriere/turf-jsts.svg': [
-            'turf-jsts'
-        ],
-
-        # DFSG = Debian Free Software Guidelines
-        # Ref: https://en.wikipedia.org/wiki/Debian_Free_Software_Guidelines
-        # Used as an apparent modifier to other licenses, to say they are approved per Debian.
-        # For example in this case, pytest-timeout has license: DFSG approved, MIT License,
-        # but is really just an MIT License that someone has checked is DFSG approved.
-        'DFSG approved': [
-            'pytest-timeout',  # MIT Licensed
-        ],
+    ALLOWED = ParkLabPipelineLicenseChecker.ALLOWED + [
 
         # Linking = With Restrictions, Private Use = Yes
         # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
-        'GNU Lesser General Public License v2 or later (LGPLv2+)': [
-            'chardet'  # used at runtime during server operation (ingestion), but not modified or distributed
-        ],
-
-        # Linking = With Restrictions, Private Use = Yes
+        # The "exceptions", if present, indicate waivers to source delivery requirements.
+        # Ref: https://spdx.org/licenses/LGPL-3.0-linking-exception.html
+        pattern('GNU Lesser General Public License v2( or later)?( [(]LGPL[v]?[23][+]?[)])?'),
+        # 'GNU Lesser General Public License v2 or later (LGPLv2+)',
+        # 'GNU Lesser General Public License v3 or later (LGPLv3+)',
+        # 'LGPLv2', 'LGPL-v2', 'LGPL-v2.0', 'LGPL-2', 'LGPL-2.0',
+        # 'LGPLv2+', 'LGPL-v2+', 'LGPL-v2.0+', 'LGPL-2+', 'LGPL-2.0+',
+        # 'LGPLv3', 'LGPL-v3', 'LGPL-v3.0', 'LGPL-3', 'LGPL-3.0',
+        # 'LGPLv3+', 'LGPL-v3+', 'LGPL-v3.0+', 'LGPL-3+', 'LGPL-3.0+',
+        pattern('LGPL[v-]?[.0-9]*([+]|-only)?([- ]with[- ]exceptions)?'),
+
+        # Uncertain whether this is LGPL 2 or 3, but in any case we think weak copyleft should be OK
+        # for pipeline or server use as long as we're not distributing sources.
+        'LGPL',
+        'GNU Library or Lesser General Public License (LGPL)',
+
+        # GPL
+        #  * library exception operates like LGPL
+        #  * classpath exception is a linking exception related to Oracle
+        # Refs:
+        #   * https://www.gnu.org/licenses/old-licenses/gpl-1.0.en.html
+        #   * https://spdx.org/licenses/GPL-2.0-with-GCC-exception.html
+        #   * https://spdx.org/licenses/GPL-3.0-with-GCC-exception.html
+        pattern('(GNU General Public License|GPL)[ ]?[v-]?[123]([.]0)?([+]|[- ]only)?'
+                '([- ]with[- ]GCC(([- ]runtime)?[- ]library)?[- ]exception([- ][.0-9]*)?)?'
+                '([- ]with[- ]Classpath[- ]exception([- ][.0-9]+)?)?'),
+
+        # Linking = "GPLv3 compatible only", Private Use = Yes
         # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
-        'GNU Lesser General Public License v3 or later (LGPLv3+)': [
-            'pytest-redis',  # used only privately in testing, not used in server code, not modified, not distributed
-            'mirakuru',      # required by pytest-redis (used only where it's used)
-        ],
+        'GPL-2-or-3',  # we sometimes generate this token
+        # 'GPLv2+', 'GPL-v2+', 'GPL-v2.0+', 'GPL-2+', 'GPL-2.0+',
+        # 'GPLv3', 'GPL-v3', 'GPL-v3.0', 'GPL-3', 'GPL-3.0',
+        # 'GPLv3+', 'GPL-v3+', 'GPL-v3.0+', 'GPL-3+', 'GPL-3.0+',
+        # 'GPLv3-only', 'GPL-3-only', 'GPL-v3-only', 'GPL-3.0-only', 'GPL-v3.0-only',
 
-        'GNU General Public License (GPL)': [
-            'docutils',  # Used only privately as a separate documentation-generation task for ReadTheDocs
-        ],
+        # Uncertain whether this is GPL 2 or 3, but we'll assume that means we can use either.
+        # And version 3 is our preferred interpretation.
+        'GNU General Public License',
+        'GPL',
 
-        # Linking = With Restrictions, Private Use = Yes
-        # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
-        # 'GNU Lesser General Public License v3 or later (LGPLv3+)',
+        RLicenseFramework.R_LANGUAGE_LICENSE_NAME
 
-        # Linking = With Restrictions, Private Use = Yes
-        # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
-        'GNU Library or Lesser General Public License (LGPL)': [
-            'psycopg2',  # Used at runtime during server operation, but not modified or distributed
-            'psycopg2-binary',  # Used at runtime during server operation, but not modified or distributed
-            'chardet',  # Potentially used downstream in loadxl to detect charset for text files
-            'pyzmq',  # Used in post-deploy-perf-tests, not distributed, and not modified or distributed
-        ],
+    ]
 
-        'GPL-2.0': [
-            # The license file for the node-forge javascript library says:
-            #
-            #   "You may use the Forge project under the terms of either the BSD License or the
-            #   GNU General Public License (GPL) Version 2."
-            #
-            # (We choose to use it under the BSD license.)
-            # Ref: https://www.npmjs.com/package/node-forge?activeTab=code
-            'node-forge',
-        ],
 
-        'MIT*': [
+@LicenseCheckerRegistry.register_checker('park-lab-common-server')
+class ParkLabCommonServerLicenseChecker(ParkLabCommonLicenseChecker):
+    """
+    Checker for servers from Park Lab.
 
-            # This library uses a mix of licenses, but they (MIT, CC0) generally seem permissive.
-            # (It also mentions that some tools for building/testing use other libraries.)
-            # Ref: https://github.com/requirejs/domReady/blob/master/LICENSE
-            'domready',
+    If you're at some other organization, we recommend you make a class that has values
+    suitable to your own organizational needs.
+    """
 
-            # This library is under 'COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.1'
-            # Ref: https://github.com/javaee/jsonp/blob/master/LICENSE.txt
-            # About CDDL ...
-            # Linking = Permissive, Private Use = ?
-            # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
-            'jsonp',
+    LICENSE_FRAMEWORKS = ['python', 'javascript']
 
-            # This library says pretty clearly it intends MIT license.
-            # Ref: https://www.npmjs.com/package/component-indexof
-            # Linking = Permissive, Private Use = Yes
+    EXCEPTIONS = augment(
+        ParkLabCommonLicenseChecker.EXCEPTIONS,
+        by={
+            'BSD*': [
+                # Although modified to insert the author name into the license text itself,
+                # the license for these libraries are essentially BSD-3-Clause.
+                'formatio',
+                'samsam',
+
+                # There are some slightly different versions of what appear to be BSD licenses here,
+                # but clearly the license is permissive.
+                # Ref: https://www.npmjs.com/package/mutation-observer?activeTab=readme
+                'mutation-observer',
+            ],
+
+            'Custom: https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global': [
+                # The use of this URL appears to be a syntax error in the definition of entries-ponyfill
+                # In fact this seems to be covered by a CC0-1.0 license.
+                # Ref: https://unpkg.com/browse/object.entries-ponyfill@1.0.1/LICENSE
+                'object.entries-ponyfill',
+            ],
+
+            'Custom: https://github.com/saikocat/colorbrewer.': [
+                # The use of this URL appears to be a syntax error in the definition of cartocolor
+                # In fact, this seems to be covered by a CC-BY-3.0 license.
+                # Ref: https://www.npmjs.com/package/cartocolor?activeTab=readme
+                'cartocolor',
+            ],
+
+            'Custom: https://travis-ci.org/component/emitter.png': [
+                # The use of this png appears to be a syntax error in the definition of emitter-component.
+                # In fact, emitter-component uses an MIT License
+                # Ref: https://www.npmjs.com/package/emitter-component
+                # Ref: https://github.com/component/emitter/blob/master/LICENSE
+                'emitter-component',
+            ],
+
+            # The 'turfs-jsts' repository (https://github.com/DenisCarriere/turf-jsts/blob/master/README.md)
+            # seems to lack a license, but appears to be forked from the jsts library that uses
+            # the Eclipse Public License 1.0 and Eclipse Distribution License 1.0, so probably a permissive
+            # license is intended.
+            'Custom: https://travis-ci.org/DenisCarriere/turf-jsts.svg': [
+                'turf-jsts'
+            ],
+
+            'GNU General Public License (GPL)': [
+                'docutils',  # Used only privately as a separate documentation-generation task for ReadTheDocs
+            ],
+
+            # Linking = With Restrictions, Private Use = Yes
             # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
-            'component-indexof',
+            # 'GNU Lesser General Public License v3 or later (LGPLv3+)',
 
-            # These look like a pretty straight MIT license.
-            # Linking = Permissive, Private Use = Yes
+            # Linking = With Restrictions, Private Use = Yes
             # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
-            'mixin',        # LICENSE file at https://www.npmjs.com/package/mixin?activeTab=code
-            'stack-trace',  # https://github.com/stacktracejs/stacktrace.js/blob/master/LICENSE
-            'typed-function',  # LICENSE at https://www.npmjs.com/package/typed-function?activeTab=code
-
-        ],
-
-        'UNLICENSED': [
-            # The udn-browser library is our own and has been observed to sometimes show up in some contexts
-            # as UNLICENSED, when really it's MIT.
-            # Ref: https://github.com/dbmi-bgm/udn-browser/blob/main/LICENSE
-            'udn-browser',
-        ],
+            'GNU Library or Lesser General Public License (LGPL)': [
+                'psycopg2',  # Used at runtime during server operation, but not modified or distributed
+                'psycopg2-binary',  # Used at runtime during server operation, but not modified or distributed
+                'chardet',  # Potentially used downstream in loadxl to detect charset for text files
+                'pyzmq',  # Used in post-deploy-perf-tests, not distributed, and not modified or distributed
+            ],
+
+            'GPL-2.0': [
+                # The license file for the node-forge javascript library says:
+                #
+                #   "You may use the Forge project under the terms of either the BSD License or the
+                #   GNU General Public License (GPL) Version 2."
+                #
+                # (We choose to use it under the BSD license.)
+                # Ref: https://www.npmjs.com/package/node-forge?activeTab=code
+                'node-forge',
+            ],
+
+            'MIT*': [
+
+                # This library uses a mix of licenses, but they (MIT, CC0) generally seem permissive.
+                # (It also mentions that some tools for building/testing use other libraries.)
+                # Ref: https://github.com/requirejs/domReady/blob/master/LICENSE
+                'domready',
+
+                # This library is under 'COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.1'
+                # Ref: https://github.com/javaee/jsonp/blob/master/LICENSE.txt
+                # About CDDL ...
+                # Linking = Permissive, Private Use = ?
+                # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
+                'jsonp',
+
+                # This library says pretty clearly it intends MIT license.
+                # Ref: https://www.npmjs.com/package/component-indexof
+                # Linking = Permissive, Private Use = Yes
+                # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
+                'component-indexof',
+
+                # These look like a pretty straight MIT license.
+                # Linking = Permissive, Private Use = Yes
+                # Ref: https://en.wikipedia.org/wiki/Comparison_of_free_and_open-source_software_licenses
+                'mixin',        # LICENSE file at https://www.npmjs.com/package/mixin?activeTab=code
+                'stack-trace',  # https://github.com/stacktracejs/stacktrace.js/blob/master/LICENSE
+                'typed-function',  # LICENSE at https://www.npmjs.com/package/typed-function?activeTab=code
+
+            ],
+
+            'UNLICENSED': [
+                # The udn-browser library is our own and has been observed to sometimes show up in some contexts
+                # as UNLICENSED, when really it's MIT.
+                # Ref: https://github.com/dbmi-bgm/udn-browser/blob/main/LICENSE
+                'udn-browser',
+            ],
+        })
+
+
+@LicenseCheckerRegistry.register_checker('c4-infrastructure')
+class C4InfrastructureLicenseChecker(ParkLabCommonServerLicenseChecker):
+    """
+    Checker for C4 infrastructure (Fourfront, CGAP, SMaHT) from Park Lab.
+    """
 
-    }
+    LICENSE_TITLE = "(The )?MIT License"
 
 
+@LicenseCheckerRegistry.register_checker('c4-python-infrastructure')
 class C4PythonInfrastructureLicenseChecker(C4InfrastructureLicenseChecker):
     """
-    For situations like dcicutils and dcicsnovault where there's no Javascript, this will test just Python.
+    Checker for C4 python library infrastructure (Fourfront, CGAP, SMaHT) from Park Lab.
     """
     LICENSE_FRAMEWORKS = ['python']
+
+
+@LicenseCheckerRegistry.register_checker('scan2-pipeline')
+class Scan2PipelineLicenseChecker(ParkLabGplPipelineLicenseChecker):
+    """
+    Checker for SCAN2 library from Park Lab.
+    """
+
+    EXCEPTIONS = augment(
+        ParkLabGplPipelineLicenseChecker.EXCEPTIONS,
+        by={
+            'Custom: Matrix file LICENCE': [
+                # The custom information in https://cran.r-project.org/web/packages/Matrix/LICENCE
+                # says there are potential extra restrictions beyond a simple GPL license
+                # if SparseSuite is used, but it is not requested explicitly by Scan2, and we're
+                # trusting that any other libraries used by Scan2 would have investigated this.
+                # So, effectively, we think the Matrix library for this situation operates the
+                # same as if it were just GPL-3 licensed, and we are fine with that.
+                'Matrix'
+            ],
+
+            "MISSING": [
+                # mysql-common and mysql-libs are GPL, but since they are delivered by conda
+                # and not distributed as part of the Scan2 distribution, they should be OK.
+                # Ref: https://redresscompliance.com/mysql-license-a-complete-guide-to-licensing/#:~:text=commercial%20use  # noQA
+                'mysql-common',
+                'mysql-libs',
+
+                # This is our own library
+                'r-scan2', 'scan2',
+            ]
+        }
+    )
+
+    EXPECTED_MISSING_LICENSES = ParkLabGplPipelineLicenseChecker.EXPECTED_MISSING_LICENSES + [
+
+    ]

dcicutils/misc_utils.py

@@ -7,10 +7,11 @@ import datetime
 import functools
 import hashlib
 import inspect
-import math
 import io
-import os
+import json
 import logging
+import math
+import os
 import pytz
 import re
 import rfc3986.validators
@@ -20,8 +21,8 @@ import warnings
 import webtest  # importing the library makes it easier to mock testing
 
 from collections import defaultdict
-from dateutil.parser import parse as dateutil_parse
 from datetime import datetime as datetime_type
+from dateutil.parser import parse as dateutil_parse
 from typing import Optional
 
 
@@ -1310,6 +1311,11 @@ def file_contents(filename, binary=False):
         return fp.read()
 
 
+def json_file_contents(filename):
+    with io.open(filename, 'r') as fp:
+        return json.load(fp)
+
+
 def camel_case_to_snake_case(s, separator='_'):
     """
     Converts CamelCase to snake_case.

dcicutils/scripts/run_license_checker.py

@@ -0,0 +1,77 @@
+import argparse
+
+from dcicutils.command_utils import script_catch_errors, ScriptFailure
+from dcicutils.lang_utils import there_are, conjoined_list
+from dcicutils.license_utils import LicenseOptions, LicenseCheckerRegistry, LicenseChecker, LicenseCheckFailure
+from dcicutils.misc_utils import PRINT, get_error_message
+from typing import Optional, Type
+
+
+EPILOG = __doc__
+
+
+ALL_CHECKER_NAMES = LicenseCheckerRegistry.all_checker_names()
+NEWLINE = '\n'
+
+
+def main():
+
+    parser = argparse.ArgumentParser(
+        description="Runs a license checker",
+        epilog=EPILOG,
+        formatter_class=argparse.RawDescriptionHelpFormatter
+    )
+    parser.add_argument("name", type=str, default=None, nargs='?',
+                        help=f"The name of a checker to run. "
+                        + there_are(ALL_CHECKER_NAMES, kind='available checker',
+                                    show=True, joiner=conjoined_list, punctuate=True))
+    parser.add_argument("--brief", '-b', default=False, action="store_true",
+                        help="Requests brief output.")
+    parser.add_argument("--debug", '-q', default=False, action="store_true",
+                        help="Requests additional debugging output.")
+    parser.add_argument("--conda-prefix", "--conda_prefix", "--cp", default=LicenseOptions.CONDA_PREFIX,
+                        help=(f"Overrides the CONDA_PREFIX (default {LicenseOptions.CONDA_PREFIX!r})."))
+
+    args = parser.parse_args()
+
+    with script_catch_errors():
+        run_license_checker(name=args.name, verbose=not args.brief, debug=args.debug, conda_prefix=args.conda_prefix)
+
+
+def show_help_for_choosing_license_checker():
+    PRINT("")
+    PRINT(there_are(ALL_CHECKER_NAMES, kind='available checker', show=False, punctuation_mark=':'))
+    PRINT("")
+    wid = max(len(x) for x in ALL_CHECKER_NAMES) + 1
+    for checker_name in ALL_CHECKER_NAMES:
+        checker_class = LicenseCheckerRegistry.lookup_checker(checker_name)
+        checker_doc = (checker_class.__doc__ or '<missing doc>').strip(' \t\n\r')
+        PRINT(f"{(checker_name + ':').ljust(wid)} {checker_doc.split(NEWLINE)[0]}")
+    PRINT("")
+    PRINT("=" * 42, "NOTES & DISCLAIMERS", "=" * 42)
+    PRINT("Park Lab is a research laboratory in the Department of Biomedical Informatics at Harvard Medical School.")
+    PRINT("Park Lab checkers are intended for internal use and may not be suitable for other purposes.")
+    PRINT("External organizations must make their own independent choices about license acceptability.")
+    PRINT("Such choices can be integrated with this tool as follows:")
+    PRINT(" * Import LicenseChecker and LicenseCheckerRegistry from dcicutils.license_utils.")
+    PRINT(" * Make your own subclass of LicenseChecker, specifying a doc string and appropriate constraints.")
+    PRINT(" * Decorate your subclass with an appropriate call to LicenseCheckerRegistry.register_checker.")
+    PRINT("")
+
+
+def run_license_checker(name: Optional[str],
+                        verbose=LicenseOptions.VERBOSE,
+                        debug=LicenseOptions.DEBUG,
+                        conda_prefix=LicenseOptions.CONDA_PREFIX):
+    if name is None:
+        show_help_for_choosing_license_checker()
+    else:
+        try:
+            checker_class: Type[LicenseChecker] = LicenseCheckerRegistry.lookup_checker(name)
+        except Exception as e:
+            raise ScriptFailure(str(e))
+        try:
+            with LicenseOptions.selected_options(verbose=verbose, debug=debug, conda_prefix=conda_prefix):
+                checker_class.validate()
+        except LicenseCheckFailure as e:
+            raise ScriptFailure(get_error_message(e))

{dcicutils-7.12.0.dist-info → dcicutils-7.12.0.1b4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dcicutils
-Version: 7.12.0
+Version: 7.12.0.1b4
 Summary: Utility package for interacting with the 4DN Data Portal and other 4DN resources
 Home-page: https://github.com/4dn-dcic/utils
 License: MIT

{dcicutils-7.12.0.dist-info → dcicutils-7.12.0.1b4.dist-info}/RECORD

@@ -30,9 +30,9 @@ dcicutils/jh_utils.py,sha256=Gpsxb9XEzggF_-Eq3ukjKvTnuyb9V1SCSUXkXsES4Kg,11502
 dcicutils/kibana/dashboards.json,sha256=wHMB_mpJ8OaYhRRgvpZuihaB2lmSF64ADt_8hkBWgQg,16225
 dcicutils/kibana/readme.md,sha256=3KmHF9FH6A6xwYsNxRFLw27q0XzHYnjZOlYUnn3VkQQ,2164
 dcicutils/lang_utils.py,sha256=cVLRUGyYeSPJAq3z_RJjA6miajHrXoi6baxF8HzHmLc,27797
-dcicutils/license_utils.py,sha256=OhOfTXFivvb6Y3tiJAb1b9Is-OTpBfZjC18M-RvqBqk,40456
+dcicutils/license_utils.py,sha256=AJ7AwUb7YsXwrrncuS5bLwz3B0YYOHAqKwgf1JPLj6w,63798
 dcicutils/log_utils.py,sha256=7pWMc6vyrorUZQf-V-M3YC6zrPgNhuV_fzm9xqTPph0,10883
-dcicutils/misc_utils.py,sha256=sXJ7ChrMyXZooaCnUtLxWHOmFIqxrxJKGJ6Ayd5i2Gk,91032
+dcicutils/misc_utils.py,sha256=d30xwLFW41FwZVDAEYulWwyZUcLEzmD-pxsMlKH3mF4,91148
 dcicutils/obfuscation_utils.py,sha256=fo2jOmDRC6xWpYX49u80bVNisqRRoPskFNX3ymFAmjw,5963
 dcicutils/opensearch_utils.py,sha256=V2exmFYW8Xl2_pGFixF4I2Cc549Opwe4PhFi5twC0M8,1017
 dcicutils/project_utils.py,sha256=qPdCaFmWUVBJw4rw342iUytwdQC0P-XKpK4mhyIulMM,31250
@@ -42,14 +42,15 @@ dcicutils/redis_tools.py,sha256=rqGtnVUjNjTlCdL1EMKuEhEMAgRJMiXZJkrKuX255QA,6509
 dcicutils/redis_utils.py,sha256=VJ-7g8pOZqR1ZCtdcjKz3-6as2DMUcs1b1zG6wSprH4,6462
 dcicutils/s3_utils.py,sha256=a9eU3Flh8Asc8xPWLGP16A6UQ_FVwhoFQNqm4ZYgSQ4,28852
 dcicutils/scripts/publish_to_pypi.py,sha256=qmWyjrg5bNQNfpNKFTZdyMXpRmrECnRV9VmNQddUPQA,13576
+dcicutils/scripts/run_license_checker.py,sha256=psv3c1Of7h4V4yvh93iyI2F3JFPzdzQakKdq97JThRw,3653
 dcicutils/secrets_utils.py,sha256=8dppXAsiHhJzI6NmOcvJV5ldvKkQZzh3Fl-cb8Wm7MI,19745
 dcicutils/snapshot_utils.py,sha256=ymP7PXH6-yEiXAt75w0ldQFciGNqWBClNxC5gfX2FnY,22961
 dcicutils/ssl_certificate_utils.py,sha256=F0ifz_wnRRN9dfrfsz7aCp4UDLgHEY8LaK7PjnNvrAQ,9707
 dcicutils/task_utils.py,sha256=MF8ujmTD6-O2AC2gRGPHyGdUrVKgtr8epT5XU8WtNjk,8082
 dcicutils/trace_utils.py,sha256=g8kwV4ebEy5kXW6oOrEAUsurBcCROvwtZqz9fczsGRE,1769
 dcicutils/variant_utils.py,sha256=2H9azNx3xAj-MySg-uZ2SFqbWs4kZvf61JnK6b-h4Qw,4343
-dcicutils-7.12.0.dist-info/LICENSE.txt,sha256=t0_-jIjqxNnymZoNJe-OltRIuuF8qfhN0ATlHyrUJPk,1102
-dcicutils-7.12.0.dist-info/METADATA,sha256=isoR9wb6CJyIef4ZYG4opKLj5s5c9LG6rihPw7jJP1Q,2999
-dcicutils-7.12.0.dist-info/WHEEL,sha256=7Z8_27uaHI_UZAc4Uox4PpBhQ9Y5_modZXWMxtUi4NU,88
-dcicutils-7.12.0.dist-info/entry_points.txt,sha256=Z3vezbXsTpTIY4N2F33c5e-WDVQxgz_Vsk1oV_JBN7A,146
-dcicutils-7.12.0.dist-info/RECORD,,
+dcicutils-7.12.0.1b4.dist-info/LICENSE.txt,sha256=t0_-jIjqxNnymZoNJe-OltRIuuF8qfhN0ATlHyrUJPk,1102
+dcicutils-7.12.0.1b4.dist-info/METADATA,sha256=WBf2fEjWMlOtieSs4nq5zbiThbHAYzQliH7gmJ_0L04,3003
+dcicutils-7.12.0.1b4.dist-info/WHEEL,sha256=7Z8_27uaHI_UZAc4Uox4PpBhQ9Y5_modZXWMxtUi4NU,88
+dcicutils-7.12.0.1b4.dist-info/entry_points.txt,sha256=8wbw5csMIgBXhkwfgsgJeuFcoUc0WsucUxmOyml2aoA,209
+dcicutils-7.12.0.1b4.dist-info/RECORD,,

{dcicutils-7.12.0.dist-info → dcicutils-7.12.0.1b4.dist-info}/entry_points.txt

@@ -1,4 +1,5 @@
 [console_scripts]
 publish-to-pypi=dcicutils.scripts.publish_to_pypi:main
+run-license-checker=dcicutils.scripts.run_license_checker:main
 show-contributors=dcicutils.contribution_scripts:show_contributors_main