use HTTP::Tiny;
use Safe;
use MetaCPAN::API::Tiny;
+use Digest::SHA qw(sha256_hex);
# Below, 5.026 should be aligned with the version of perl actually
# bundled in Buildroot:
my %deps_build; # name -> list of host dependencies
my %deps_runtime; # name -> list of target dependencies
my %deps_optional; # name -> list of optional target dependencies
-my %license_files; # name -> list of license files
+my %license_files; # name -> hash of license files
my %checksum; # author -> list of checksum
my $mirror = 'http://cpan.metacpan.org'; # a CPAN mirror
my $mcpan = MetaCPAN::API::Tiny->new(base_url => 'http://fastapi.metacpan.org/v1');
if (scalar @license_files == 0 && $manifest =~ m/(README)[\n\s]/i) {
@license_files = ($1);
}
- return \@license_files;
+ return @license_files;
}
sub fetch {
say qq{fetch ${name}} unless $quiet;
my $result = $mcpan->release( distribution => $name );
$dist{$name} = $result;
+ $license_files{$name} = {};
eval {
- my $manifest = $mcpan->source( author => $result->{author},
- release => $name . q{-} . $result->{version},
- path => 'MANIFEST' );
+ my $author = $result->{author};
+ my $release = $name . q{-} . $result->{version};
+ my $manifest = $mcpan->source( author => $author, release => $release, path => 'MANIFEST' );
$need_dlopen{$name} = is_xs( $manifest );
- $license_files{$name} = find_license_files( $manifest );
+ foreach my $fname (find_license_files( $manifest )) {
+ my $license = $mcpan->source( author => $author, release => $release, path => $fname );
+ $license_files{$name}->{$fname} = sha256_hex( $license );
+ }
};
if ($@) {
warn $@;
- $license_files{$name} = [];
}
my %build = ();
my %runtime = ();
$license =~ s|mit|MIT|;
$license =~ s|openssl|OpenSSL|;
$license =~ s|perl_5|Artistic or GPL-1.0+|;
- my $license_files = join q{ }, @{$license_files{$distname}};
+ my $license_files = join q{ }, keys %{$license_files{$distname}};
say qq{write ${mkname}} unless $quiet;
open my $fh, q{>}, $mkname;
say {$fh} qq{################################################################################};
say {$fh} qq{# retrieved by scancpan from ${mirror}/};
say {$fh} qq{md5 ${md5} ${filename}};
say {$fh} qq{sha256 ${sha256} ${filename}};
+ if (scalar keys %{$license_files{$distname}}) {
+ say {$fh} q{};
+ say {$fh} qq{# computed by scancpan};
+ while (my ($license, $digest) = each %{$license_files{$distname}}) {
+ say {$fh} qq{sha256 ${digest} ${license}};
+ }
+ }
close $fh;
}
}
dependencies and metadata are fetched from https://metacpan.org/.
After running this script, it is necessary to check the generated files.
-You have to manually add the license files (PERL_FOO_LICENSE_FILES variable).
For distributions that link against a target library, you have to add the
buildroot package name for that library to the DEPENDENCIES variable.
=head1 LICENSE
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
projects / buildroot-mgba.git / commitdiff