[
https://issues.apache.org/jira/browse/RAT-401?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Claude Warren updated RAT-401:
------------------------------
Fix Version/s: 0.18
Labels: (was: V0.18)
> Rework the IDocumentAnalyzer and RatReport into a single component
> ------------------------------------------------------------------
>
> Key: RAT-401
> URL: https://issues.apache.org/jira/browse/RAT-401
> Project: Apache Rat
> Issue Type: New Feature
> Components: core engine, reports
> Affects Versions: 0.17, 0.16.1
> Reporter: Claude Warren
> Priority: Major
> Fix For: 0.18
>
>
> h1. What
> The idea here is to make a component framework for reporting on Document
> instances.
> h2. What do we have
> The current system has several components
> * IDocumentAnalyser which has the analyze(Document) method and update
> metadata in the Document.
> ** DefaultPolicyAnalyser: sets the list of approved licenses in the
> document. There is probably another way to do this.
> **
> DocumentAnalyserMultiplexer: simply runs multiple IDocumentAnalysers.
> **
> DocumentHeaderAnalyser: processes documents looking for licenses.
> * RatReport which reports the document after the analysis.
> ** ConfigurationReport: Dumps some configuration info into the XML report
> ** ClaimAggregator: collects statistical information from the document
> across the reports.
> ** SimpleXmlClaimReporter: Writes the XML info for a single document based
> on the metadata.
> ** ClaimReporterMultiplexer: Runs an analyser and then a reporter on a
> Document.
> ** LicenseAddingReport: edits the documents (Not sure this should be a
> report).
> h2. What is the change
> What I propose to do is to group the components together into
> ReportingModules. Currently we have what could be considered 3
> ReportingModules.
> Module 1 – License reporting comprises:
> * DefaultPolicyAnalyser
> * DocumentHeaderAnalyser:
> * SimpleXmlClaimReporter
> * ClaimAggregator
>
> Module 2 – Configuration reporting comprises:
> * ConfigurationReport
> Module 3-- License adding report comprises:
> * LicenseAddingReport
>
> The modules would be a pluggable component that:
> * Processes a document
> * potentially, writes some data to the XML output
> * After all documents have been processed potentially writes statistical
> data to the output.
> * provides an XSD fragment to describe the data it writes.
> h2. Why
> So that we can get to the point where it is easy to write modules that do
> things like:
> * Check for the existence of specific files (either as required and not
> allowed).
> * Check for the contents of specific files (e.g. check the contents of the
> LICENSE file and report on it).
> * Check file names against a webservice that tells us if there are issues
> with the package. (e.g. the mavenrepository provides CVE issues lists for
> jars)
>
>
> We have a system that walks the build system and understands the various
> exclusion files and rules. Let's use it to really do a release audit.
>
>
>
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
