GSoC 2023

Avatar

SPDX

This project aims to enhance the SPDX Online Tool by improving its functionality and efficiency for license submissions. The project proposes adding features such as automatic creation of pull requests and .txt test files, improving error handling, adding unit tests and GitHub API interaction tests with mock, and creating a base reusable Django app to reduce development efforts. The objective is to streamline the license submission process, reduce manual effort, save time, and enhance productivity. The project proposes clear deliverables such as generating a .txt test file, differentiating exceptions from license submissions, adding or fixing unit tests, and improving error handling. The project will contribute to the open-source community and will provide a learning experience for the software engineering student working on the project. The choice of SPDX as the organization to work with is motivated by its mission to create a standard format for communicating the components, licenses, and copyrights of software packages and its strong community of developers, contributors, and users committed to driving innovation in the field of software licensing.
Mentor: Jilayne Lovejoy and Rohit Lodha
Contributor: Vedant Jolly

Deliverables

The primary objective of this project is to improve the functionality of the existing online tool, thereby increasing the efficiency of license submissions. By doing so, we intend to reduce the workload of the SPDX-legal team and ensure that the entire process is streamlined and hassle-free. Our ultimate goal is to create a user-friendly platform that simplifies license submission, saves time, and enhances overall productivity.

  1. Generate the .txt test file in the pull request (PR) along with the XML file: This feature will enhance the current capability of the tool to create the XML file by also creating a .txt test file in the PR, thus making the submission process more efficient.
  2. Differentiate exceptions from license submissions: The tool will be able to differentiate between exceptions and license submissions, which will improve the overall efficiency of the process.
  3. Add or fix unit tests & Improve error handling: This feature will ensure that the tool is functioning properly, and any errors are caught early in the process. Error handling will be improved, especially when GitHub pull requests fail, which will reduce manual intervention and increase the tool's efficiency.
    • Write GitHub tests with mocks
    • Separate tests in multiple files
    • Adding tests for edge
    • Tests for UI on browser e.g.: Chrome
  4. Add linters to the project - python/js/html/css linters: This will ensure that the code adheres to the coding standards and best practices, leading to better code quality.
  5. General UI Improvements: This will help the application be more user-friendly and will make the app more accessible. Issues which I have planned to cover in this:
    • Redirect on Successful License Submission
    • Improving the Toast Messages
    • Improving the License Text Display on GitHub Issue Section

Development
Summary

Generate the .txt file in the PR along with the XML File


To implement this feature, we would need to make changes to the current codebase of the SPDX online tool. When a user submits a new license request through the tool, the tool generates an XML file and submits a PR to the SPDX License List GitHub repository. To generate a .txt test file in addition to the XML file, we would need to modify the existing code to extract the necessary information from the user's input and create a text file with the required details.

To achieve this, we would need to modify the following files:

  1. `views.py`: This file is responsible for handling the submission of new license requests through the tool. We would need to modify this file to
  2. `generateXml.py`: This file is responsible for generating the XML file for each license request. We would need to modify this file to extract the necessary information from the user's input and use it to generate the .txt test file.

Differentiate Exceptions from License Submission


To implement this feature, we will need to add a checkbox in the submission form to indicate whether the submission is for a license or an exception. This will allow the tool to differentiate between a license and an exception and use the appropriate tag when creating the XML file and the pull request.
To achieve this, we will first modify the submission form to include the checkbox, which will then be included in the POST request sent to the server. We will then modify the server code to process the checkbox and use the appropriate tag when creating the XML file.


Add or fix unit tests & Improve error handling

  1. Write GitHub tests with mocks:
    To write tests for GitHub API interaction with mock, we will be using the `requests-mock` package. This package allows us to mock requests to any external APIs, including GitHub APIs. To start, we will create a new Python file named `test_github.py` in the tests directory. In this file, we will import the necessary modules and create a test class for the GitHub API tests. We will then create methods for each test case that we want to run.
  2. Separate tests in multiple files:
    To separate the current tests for different features, we can create separate files for each feature. For example, we can create a file named `test_license.py` for license related tests and another file named `test_ui.py` for UI tests. Another example would be if there are tests for the XML creator feature, those tests should be in a file named `test_xml_creator.py`. We can then run all the tests using a test runner like` pytest` by specifying the directory where the test files are located. Here is an example command to run all the tests in the tests directory. This makes it easier to manage the tests.
  3. Adding tests for edge cases:
    To add tests for edge cases, we need to identify the possible scenarios that may cause issues in our application. For example, we can add tests for license submissions with invalid data, or for exceptions that do not follow the SPDX format.
  4. Tests for UI on browser e.g.: Chrome:
    To add UI tests, we can use a testing framework like `Selenium`. Selenium allows us to automate browser interactions and test the functionality of our web application.
    For testing the UI on a browser like Chrome, we can make use of an automated testing framework like Selenium. Selenium allows us to automate the testing of web applications by simulating user interactions with the web page. We can write tests in Python using the `Selenium WebDriver API`.
    To implement this feature, we need to install Selenium and the ChromeDriver executable. ChromeDriver is a separate executable that WebDriver uses to control Chrome. Once installed, we can write a Python test script that uses the Selenium WebDriver API to interact with the web application.


Add linters to the project

Linters are tools that help identify and report errors in code, helping to ensure that the codebase is of a high quality and follows best practices. The SPDX Online Tools project could benefit from the addition of linters for Python, JavaScript, HTML, and CSS, which would help to identify and fix issues in the codebase.
Python linters such as Pylint, Flake8, and Pyflakes can help to identify errors, potential bugs, and code smells in Python code. JavaScript linters like ESLint can detect issues such as unused variables, missing semicolons, and incorrect variable scoping. HTML linters like HTMLHint can check for issues such as invalid markup and accessibility errors. Finally, CSS linters like Stylelint can help identify errors such as invalid selectors, unused styles, and syntax errors.
The linters could be integrated into the development process, either through the use of pre-commit hooks or as part of a continuous integration (CI) pipeline. When a developer commits code, the linters would run and report any issues. This would help to catch errors early in the development process, before they become larger problems. The use of linters can also help to improve the readability and maintainability of the codebase. By enforcing consistent coding styles and conventions, the codebase becomes easier to read and understand, and easier to maintain over time.
Overall, the addition of linters to the SPDX Online Tools project would help to ensure that the codebase is of a high quality and follows best practices, while also improving the readability and maintainability of the codebase.

Coding/
Work-Status

The current Product has been approved by the Mentor and all the code is checked in. The current product requirements and specifications is as agreed with the Mentor. The details as below:
Here is the list of commits to spdx-online-tools and here is the list of merged pull request made in spdx-online-tools by me during Google Summer of Code 2023.
You can find more about the tool with installation instruction from this README

Project Advantages & its Impact

Through careful planning and implementation of advanced features, we hope to achieve optimal results and establish the online tool as the go-to resource for license submissions in the industry. These improvements will not only make the tool more user-friendly but also ensure it can evolve over time.

Future
Scope

I idenitified below items as part of Future scope, and could be incorporated:-

  1. Automatically archive or remove the license listing from the online tool UI, once the PR is merged Once a PR is merged, the GitHub webhook will trigger the API endpoint, which will extract the relevant information from the merged PR, including the license file name, SPDX identifier, and other metadata. The endpoint will then use this information to call the SPDX database API to update the license listing status to "archived".
  2. Overhaul SPDX-Online-Tool’s Documentation With the help of my mentor, I would like to revamp SPDX-Online-Tool’s wiki and documentation and follow standardized guidelines to create documentation for developers as well as users. Documentation is a crucial component of any project which helps newcomers start contributing quickly and I feel we need improvement in that aspect (though an active and helpful community compensates for it at gitter).

Contribute