Badges (#4)

* Minor adjustments

* Refactor badges

* Fix osi behavior

* Reposition vhs script

* Add debug log for whitelist build

* Add files

* Fix

Author: PaulKMueller

rerender_vhs.sh .github/assets/demo/rerender_vhs.sh

@@ -5,5 +5,5 @@
 # Make sure you are in an environment with vhs installed
 
 export PS1="> "
-vhs .github/assets/demo/demo-light.tape
-vhs .github/assets/demo/demo-dark.tape
+vhs demo-light.tape
+vhs demo-dark.tape

LICENSE

@@ -1,6 +1,6 @@
 BSD 3-Clause License
 
-Copyright (c) 2024, Paul Mueller
+Copyright 2023 QuantCo Inc., Paul Müller, Pavel Zwerschke
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met:

README.md

@@ -6,10 +6,17 @@
 
 <div align="center">
 
-![Cargo Build & Test](https://github.com/quantco/conda-deny/actions/workflows/ci.yml/badge.svg)
+[![License][license-badge]](LICENSE)
+[![CI Status][ci-badge]][ci]
 ![Binary Build](https://github.com/quantco/conda-deny/actions/workflows/build.yml/badge.svg)
-<!-- ![Conda Package](https://github.com/quantco/conda-deny/actions/workflows/package.yml/badge.svg) -->
-[![codecov](https://codecov.io/gh/Quantco/conda-deny/graph/badge.svg?token=uixrZFJln7)](https://codecov.io/gh/Quantco/conda-deny)
+[![Conda Platform][conda-badge]][conda-url]
+[![codecov](https://codecov.io/gh/Quantco/conda-deny/graph/badge.svg)](https://codecov.io/gh/Quantco/conda-deny)
+
+[license-badge]: https://img.shields.io/github/license/quantco/conda-deny?style=flat-square
+[ci-badge]: https://img.shields.io/github/actions/workflow/status/quantco/conda-deny/ci.yml?style=flat-square&branch=main
+[ci]: https://github.com/quantco/conda-deny/actions/
+[conda-badge]: https://img.shields.io/conda/vn/conda-forge/conda-deny?style=flat-square
+[conda-url]: https://prefix.dev/channels/conda-forge/packages/conda-deny
 
 </div>
 
@@ -47,7 +54,7 @@ The tool expects a configuration in the following format:
 #--------------------------------------------------------
 # General setup options:
 #--------------------------------------------------------
-license-whitelist = "https://raw.githubusercontent.com/PaulKMueller/conda-deny-test/refs/heads/main/conda-deny-license_whitelist.toml" # or ["license_whitelist.toml", "other_license_whitelist.toml"]
+license-whitelist = "https://raw.githubusercontent.com/QuantCo/conda-deny/main/tests/test_remote_base_configs/conda-deny-license_whitelist.toml" # or ["license_whitelist.toml", "other_license_whitelist.toml"]
 platform = "linux-64" # or ["linux-64", "osx-arm64"]
 environment = "default" # or ["default", "py39", "py310", "prod"]
 lockfile = "environment/pixi.lock" # or ["environment1/pixi.lock", "environment2/pixi.lock"]

src/conda_deny_config.rs

@@ -116,6 +116,20 @@ impl CondaDenyConfig {
             None => vec![],
         }
     }
+
+    pub fn empty() -> Self {
+        CondaDenyConfig {
+            tool: Tool {
+                conda_deny: CondaDeny {
+                    license_whitelist: None,
+                    platform_spec: None,
+                    environment_spec: None,
+                    lockfile_spec: None,
+                },
+            },
+            path: "".to_string(),
+        }
+    }
 }
 
 #[cfg(test)]

src/lib.rs

@@ -45,9 +45,6 @@ pub fn check_license_infos(check_input: CheckInput) -> Result<CheckOutput> {
     let (conda_deny_config, cli_lockfiles, cli_platforms, cli_environment, conda_prefixes, osi) =
         check_input;
 
-    let license_whitelist = build_license_whitelist(conda_deny_config)
-        .with_context(|| "Building the license whitelist failed.")?;
-
     if conda_prefixes.is_empty() {
         let mut license_infos = LicenseInfos::get_license_infos_from_config(
             conda_deny_config,
@@ -64,6 +61,8 @@ pub fn check_license_infos(check_input: CheckInput) -> Result<CheckOutput> {
             debug!("Checking licenses for OSI compliance");
             Ok(license_infos.osi_check())
         } else {
+            let license_whitelist = build_license_whitelist(conda_deny_config)
+            .with_context(|| "Building the license whitelist failed.")?;
             debug!("Checking licenses against specified whitelist");
             Ok(license_infos.check(&license_whitelist))
         }
@@ -75,6 +74,8 @@ pub fn check_license_infos(check_input: CheckInput) -> Result<CheckOutput> {
             debug!("Checking for OSI licenses");
             Ok(conda_prefixes_license_infos.osi_check())
         } else {
+            let license_whitelist = build_license_whitelist(conda_deny_config)
+            .with_context(|| "Building the license whitelist failed.")?;
             debug!("Checking licenses against specified whitelist");
             Ok(conda_prefixes_license_infos.check(&license_whitelist))
         }

src/license_whitelist.rs

@@ -248,6 +248,8 @@ pub fn build_license_whitelist(
 
     if final_license_whitelist.safe_licenses.is_empty() {
         anyhow::bail!("Your license whitelist is empty.");
+    } else {
+        debug!("License whitelist built successfully.");
     }
     Ok(final_license_whitelist)
 }
@@ -277,6 +279,7 @@ mod tests {
     #[test]
     fn test_fetch_safe_licenses_success() {
         let reader = MockReader;
+        // TODO: Change this to "https://raw.githubusercontent.com/QuantCo/conda-deny/main/tests/test_remote_base_configs/conda-deny-license_whitelist.toml"
         let result = fetch_safe_licenses("https://raw.githubusercontent.com/PaulKMueller/conda-deny-test/main/conda-deny-license_whitelist.toml", &reader)
             .unwrap();
 

src/main.rs

@@ -1,9 +1,10 @@
 use anyhow::{Context, Result};
 use clap::Parser;
+use colored::Colorize;
 use conda_deny::cli::{Cli, Commands};
 use conda_deny::conda_deny_config::CondaDenyConfig;
 use conda_deny::{check_license_infos, format_check_output, list};
-use log::{debug, info};
+use log::debug;
 
 fn main() -> Result<()> {
     let cli = Cli::parse();
@@ -12,28 +13,39 @@ fn main() -> Result<()> {
         .filter_level(cli.verbose.log_level_filter())
         .init();
 
-    let config = if let Some(config_path) = cli.config {
-        CondaDenyConfig::from_path(config_path.as_str())
-            .with_context(|| format!("Failed to parse config file {}", config_path))?
-    } else {
-        match CondaDenyConfig::from_path("pixi.toml")
-            .with_context(|| "Failed to parse config file pixi.toml")
-        {
-            Ok(config) => {
-                debug!("Successfully loaded config from pixi.toml");
-                config
-            }
-            Err(e) => {
-                debug!(
+    let osi = match cli.command {
+        Commands::Check { osi, .. } => osi,
+        _ => false,
+    };
+
+    let mut config = CondaDenyConfig::empty();
+
+    if !osi {
+        config = if let Some(config_path) = cli.config {
+            CondaDenyConfig::from_path(config_path.as_str())
+                .with_context(|| format!("Failed to parse config file {}", config_path))?
+        } else {
+            match CondaDenyConfig::from_path("pixi.toml")
+                .with_context(|| "Failed to parse config file pixi.toml")
+            {
+                Ok(config) => {
+                    debug!("Successfully loaded config from pixi.toml");
+                    config
+                }
+                Err(e) => {
+                    debug!(
                     "Error parsing config file: pixi.toml: {}. Attempting to use pyproject.toml instead...",
                     e
                 );
-                CondaDenyConfig::from_path("pyproject.toml")
-                    .context(e)
-                    .with_context(|| "Failed to parse config file pyproject.toml")?
+                    CondaDenyConfig::from_path("pyproject.toml")
+                        .context(e)
+                        .with_context(|| "Failed to parse config file pyproject.toml")?
+                }
             }
-        }
-    };
+        };
+    } else {
+        debug!("Skipping config file parsing for OSI compliance check. Your {} section will be ignored.", "[tool.conda-deny]".yellow());
+    }
 
     let conda_prefixes = cli.prefix.unwrap_or_default();
 
@@ -56,9 +68,10 @@ fn main() -> Result<()> {
             let mut locks_to_check = cli_lockfiles.clone();
             locks_to_check.push("pixi.lock".to_string());
             debug!("Checking pixi lockfiles: {:?}", locks_to_check);
+            debug!("Checking for OSI compliance: {}", osi);
 
             if include_safe {
-                info!("Including safe dependencies in output");
+                debug!("Including safe dependencies in output");
             }
 
             let check_input = (

tests/test_remote_base_configs/conda-deny-license_whitelist.toml

@@ -0,0 +1,10 @@
+[tool.conda-deny]
+safe-licenses = [
+    "MIT",
+    "Unlicense",
+    "WTFPL",
+    "Apache-2.0"
+]
+ignore-packages = [
+    {package="_libgcc_mutex"},
+]