• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1
2<!-- Copyright (c) 2021 Huawei Device Co., Ltd.
3
4     Licensed under the Apache License, Version 2.0 (the "License");
5     you may not use this file except in compliance with the License.
6     You may obtain a copy of the License at
7
8          http://www.apache.org/licenses/LICENSE-2.0
9
10     Unless required by applicable law or agreed to in writing, software
11     distributed under the License is distributed on an "AS IS" BASIS,
12     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13     See the License for the specific language governing permissions and
14     limitations under the License.
15
16	 Notes:
17	 This is project config file for OpenHarmony OSS Audit Tool, if you have any questions or concerns, please email chenyaxun@huawei.com.
18-->
19<!-- OAT(OSS Audit Tool) configuration guide:
20basedir: Root dir, the basedir + project path is the real source file location.
21licensefile:
221.If the project don't have "LICENSE" in root dir, please define all the license files in this project in , OAT will check license files according to this rule.
23
24tasklist(only for batch mode):
251. task: Define oat check thread, each task will start a new thread.
262. task name: Only an name, no practical effect.
273. task policy: Default policy for projects under this task, this field is required and the specified policy must defined in policylist.
284. task filter: Default filefilter for projects under this task, this field is required and the specified filefilter must defined in filefilterlist.
295. task project: Projects to be checked, the path field define the source root dir of the project.
30
31
32policyList:
331. policy: All policyitems will be merged to default OAT.xml rules, the name of policy doesn't affect OAT check process.
342. policyitem: The fields type, name, path, desc is required, and the fields rule, group, filefilter is optional,the default value is:
35<policyitem type="" name="" path="" desc="" rule="may" group="defaultGroup" filefilter="defaultPolicyFilter"/>
363. policyitem type:
37    "compatibility" is used to check license compatibility in the specified path;
38    "license" is used to check source license header in the specified path;
39    "copyright" is used to check source copyright header in the specified path;
40    "import" is used to check source dependency in the specified path, such as import ... ,include ...
41    "filetype" is used to check file type in the specified path, supported file types: archive, binary
42    "filename" is used to check whether the specified file exists in the specified path(support projectroot in default OAT.xml), supported file names: LICENSE, README, README.OpenSource
43
444. policyitem name: This field is used for define the license, copyright, "*" means match all, the "!" prefix means could not match this value. For example, "!GPL" means can not use GPL license.
455. policyitem path: This field is used for define the source file scope to apply this policyitem, the "!" prefix means exclude the files. For example, "!.*/lib/.*" means files in lib dir will be exclude while process this policyitem.
466. policyitem rule and group: These two fields are used together to merge policy results. "may" policyitems in the same group means any one in this group passed, the result will be passed.
477. policyitem filefilter: Used to bind filefilter which define filter rules.
488. filefilter: Filter rules, the type filename is used to filter file name, the type filepath is used to filter file path.
49
50Note:If the text contains special characters, please escape them according to the following rules:
51" == &gt;
52& == &gt;
53' == &gt;
54< == &gt;
55> == &gt;
56-->
57<configuration>
58    <oatconfig>
59        <licensefile>src/LICENSE</licensefile>
60        <policylist>
61            <policy name="projectPolicy" desc="">
62                <policyitem type="compatibility" name="Original SSLeay License" path=".*" desc="Original SSLeay License"/>
63                <policyitem type="compatibility" name="OpenSSL" path=".*" desc="OpenSSL licensex "/>
64                <policyitem type="compatibility" name="Original OpenSSL License" path=".*" desc="Original OpenSSL licensex "/>
65            </policy>
66        </policylist>
67        <filefilterlist>
68            <filefilter name="binaryFileTypePolicyFilter" desc="Filters for binary file policies" >
69                <filteritem type="filepath" name="src/fuzz/.*" desc="the binary file in third party"/>
70                <filteritem type="filepath" name="src/util/bot/nasm-win32.exe.sha1" desc="the binary file in third party"/>
71                <filteritem type="filepath" name="src/util/bot/yasm-win32.exe.sha1" desc="the binary file in third party"/>
72                <filteritem type="filepath" name="src/crypto/.*" desc="the binary file in third party"/>
73                <filteritem type="filepath" name="src/util/ar/.*" desc="the binary file in third party"/>
74
75            </filefilter>
76            <filefilter name="defaultPolicyFilter" desc="Filters for compatibility,license header policies">
77                <filteritem type="filepath" name="src/crypto/curve25519/asm/x25519-asm-arm.S" desc="no license header"/>
78                <filteritem type="filepath" name="src/crypto/ecdh_extra/ecdh_extra.c" desc="no license header"/>
79                <filteritem type="filepath" name="src/crypto/fipsmodule/bn/asm/x86_64-gcc.c" desc="no license header"/>
80                <filteritem type="filepath" name="src/crypto/fipsmodule/ec/ec.c" desc="no license header"/>
81                <filteritem type="filepath" name="src/crypto/fipsmodule/ec/ec_key.c" desc="no license header"/>
82                <filteritem type="filepath" name="src/crypto/fipsmodule/ec/ec_montgomery.c" desc="no license header"/>
83                <filteritem type="filepath" name="src/crypto/fipsmodule/ec/internal.h" desc="no license header"/>
84                <filteritem type="filepath" name="src/crypto/fipsmodule/ec/oct.c" desc="no license header"/>
85                <filteritem type="filepath" name="src/crypto/fipsmodule/ec/simple.c" desc="no license header"/>
86                <filteritem type="filepath" name="src/crypto/fipsmodule/ec/wnaf.c" desc="no license header"/>
87                <filteritem type="filepath" name="src/crypto/fipsmodule/ecdh/ecdh.c" desc="no license header"/>
88                <filteritem type="filepath" name="src/include/openssl/ec.h" desc="no license header"/>
89                <filteritem type="filepath" name="src/include/openssl/ec_key.h" desc="no license header"/>
90                <filteritem type="filepath" name="src/include/openssl/ecdh.h" desc="no license header"/>
91                <filteritem type="filepath" name="src/third_party/fiat/BUILD.gn" desc="no license header"/>
92                <filteritem type="filepath" name="src/third_party/googletest/m4/acx_pthread.m4" desc="no license header"/>
93                <filteritem type="filepath" name="src/util/BUILD.toplevel" desc="no license header"/>
94                <filteritem type="filepath" name="src/util/convert_comments.go" desc="no license header"/>
95                <filteritem type="filepath" name="src/third_party/googletest/Makefile.am" desc="no license header"/>
96                <filteritem type="filepath" name="src/third_party/googletest/configure.ac" desc="no license header"/>
97                <filteritem type="filepath" name="ios-arm/crypto/fipsmodule/bsaes-armv7.S" desc="since the file contains Permission to use under GPL terms is granted"/>
98                <filteritem type="filepath" name="ios-arm/crypto/fipsmodule/sha256-armv4.S" desc="since the file contains Permission to use under GPL terms is granted"/>
99                <filteritem type="filepath" name="ios-arm/crypto/fipsmodule/sha512-armv4.S" desc="since the file contains Permission to use under GPL terms is granted"/>
100                <filteritem type="filepath" name="linux-arm/crypto/fipsmodule/bsaes-armv7.S" desc="since the file contains Permission to use under GPL terms is granted"/>
101                <filteritem type="filepath" name="linux-arm/crypto/fipsmodule/sha256-armv4.S" desc="since the file contains Permission to use under GPL terms is granted"/>
102                <filteritem type="filepath" name="linux-arm/crypto/fipsmodule/sha512-armv4.S" desc="since the file contains Permission to use under GPL terms is granted"/>
103                <filteritem type="filepath" name="src/crypto/fipsmodule/aes/asm/bsaes-armv7.pl" desc="since the file contains Permission to use under GPL terms is granted"/>
104                <filteritem type="filepath" name="src/crypto/fipsmodule/sha/asm/sha256-armv4.pl" desc="since the file contains Permission to use under GPL terms is granted"/>
105                <filteritem type="filepath" name="src/crypto/fipsmodule/sha/asm/sha512-armv4.pl" desc="since the file contains Permission to use under GPL terms is granted"/>
106            </filefilter>
107        </filefilterlist>
108        <licensematcherlist>
109            <licensematcher name="Original SSLeay License" desc="the license not identify" >
110                <licensetext name="
111                 * This package is an SSL implementation written
112                 * by Eric Young (eay@cryptsoft.com).
113                 * The implementation was written so as to conform with Netscapes SSL.
114                 *
115                 * This library is free for commercial and non-commercial use as long as
116                 * the following conditions are aheared to.  The following conditions
117                 * apply to all code found in this distribution, be it the RC4, RSA,
118                 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
119                 * included with this distribution is covered by the same copyright terms
120                 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
121                 *
122                 * Copyright remains Eric Young&apos;s, and as such any Copyright notices in
123                 * the code are not to be removed.
124                 * If this package is used in a product, Eric Young should be given attribution
125                 * as the author of the parts of the library used.
126                 * This can be in the form of a textual message at program startup or
127                 * in documentation (online or textual) provided with the package.
128                " desc=""/>
129            </licensematcher>
130            <licensematcher name="Original OpenSSL License" desc="the license not identify" >
131                <licensetext name="
132                 * Redistribution and use in source and binary forms, with or without
133                 * modification, are permitted provided that the following conditions
134                 * are met:
135                " desc=""/>
136            </licensematcher>
137        </licensematcherlist>
138    </oatconfig>
139</configuration>