From 9c350ed1ee7142ac0fbbc944a5eb01dedf70dfd7 Mon Sep 17 00:00:00 2001
From: Alexander Wunschik <alex@wunschik.net>
Date: Tue, 6 Apr 2021 00:22:41 +0200
Subject: [PATCH] add --failOnCopyleft option

---
 README.md                                   |  1 +
 bin/license-checker                         |  1 +
 lib/args.js                                 |  1 +
 lib/index.js                                |  7 +++++++
 package.json                                |  1 +
 tests/failOnCopyleft-test.js                | 17 +++++++++++++++++
 tests/fixtures/copyleftProject/package.json |  5 +++++
 tests/test.js                               |  9 +++++++++
 8 files changed, 42 insertions(+)
 create mode 100644 tests/failOnCopyleft-test.js
 create mode 100644 tests/fixtures/copyleftProject/package.json

diff --git a/README.md b/README.md
index 7247eaa..c428ae1 100644
--- a/README.md
+++ b/README.md
@@ -83,6 +83,7 @@ Options
 * `--relativeLicensePath` output the location of the license files as relative paths
 * `--summary` output a summary of the license usage',
 * `--failOn [list]` fail (exit with code 1) on the first occurrence of the licenses of the semicolon-separated list
+* `--failOnCopyleft` fail (exit with code 1) on the first occurrence of a [license with a copyleft effect](https://github.com/jslicense/spdx-copyleft.json/blob/master/index.json)
 * `--onlyAllow [list]` fail (exit with code 1) on the first occurrence of the licenses not in the semicolon-seperated list
 * `--packages [list]` restrict output to the packages (package@version) in the semicolon-seperated list
 * `--excludePackages [list]` restrict output to the packages (package@version) not in the semicolon-seperated list
diff --git a/bin/license-checker b/bin/license-checker
index 2704616..3075e6e 100755
--- a/bin/license-checker
+++ b/bin/license-checker
@@ -32,6 +32,7 @@ if (args.help) {
         '   --relativeLicensePath output the location of the license files as relative paths',
         '   --summary output a summary of the license usage',
         '   --failOn [list] fail (exit with code 1) on the first occurrence of the licenses of the semicolon-separated list',
+        '   --failOnCopyleft fail (exit with code 1) on the first occurrence of a license with a copyleft effect',
         '   --onlyAllow [list] fail (exit with code 1) on the first occurrence of the licenses not in the semicolon-seperated list',
         '   --direct look for direct dependencies only',
         '   --packages [list] restrict output to the packages (package@version) in the semicolon-seperated list',
diff --git a/lib/args.js b/lib/args.js
index 069f7b7..97502ea 100644
--- a/lib/args.js
+++ b/lib/args.js
@@ -27,6 +27,7 @@ var nopt = require('nopt'),
         files: require('path'),
         summary: Boolean,
         failOn: String,
+        failOnCopyleft: Boolean,
         onlyAllow: String,
         direct: Boolean,
         packages: String,
diff --git a/lib/index.js b/lib/index.js
index 2eca8e8..79a2e93 100644
--- a/lib/index.js
+++ b/lib/index.js
@@ -17,6 +17,7 @@ var debug = require('debug');
 var mkdirp = require('mkdirp');
 var spdxSatisfies = require('spdx-satisfies');
 var spdxCorrect =require('spdx-correct');
+var copyLeftLicenses = require('spdx-copyleft');
 
 // Set up debug logging
 // https://www.npmjs.com/package/debug#stderr-vs-stdout
@@ -441,6 +442,12 @@ exports.init = function(options, callback) {
                     process.exit(1);
                 }
             }
+            if (options.failOnCopyleft) {
+                if (copyLeftLicenses.includes(restricted[item].licenses)) {
+                    console.error('Found license defined by the --failOnCopyleft flag: "' + restricted[item].licenses + '". Exiting.');
+                    process.exit(1);
+                }
+            }
             if (toCheckforOnlyAllow.length > 0) {
                 var good = false;
                 toCheckforOnlyAllow.forEach(function(k) {
diff --git a/package.json b/package.json
index 9452609..059ba04 100644
--- a/package.json
+++ b/package.json
@@ -63,6 +63,7 @@
     "nopt": "^4.0.1",
     "read-installed": "~4.0.3",
     "semver": "^5.5.0",
+    "spdx-copyleft": "^1.0.0",
     "spdx-correct": "^3.0.0",
     "spdx-expression-parse": "^3.0.0",
     "spdx-satisfies": "^4.0.0",
diff --git a/tests/failOnCopyleft-test.js b/tests/failOnCopyleft-test.js
new file mode 100644
index 0000000..6b9f3ad
--- /dev/null
+++ b/tests/failOnCopyleft-test.js
@@ -0,0 +1,17 @@
+var assert = require('assert'),
+    path = require('path'),
+    spawn = require('child_process').spawn;
+
+describe('failOnCopyleft', function() {
+    this.timeout(8000);
+
+    it('should exit 1 if it finds forbidden license due to --failOnCopyleft', function(done) {
+        spawn('node', [path.join(__dirname, '../bin/license-checker'), '--failOnCopyleft'], {
+            cwd: path.join(__dirname, './fixtures/copyleftProject'),
+            stdio: 'ignore'
+        }).on('exit', function(code) {
+            assert.equal(code, 1);
+            done();
+        });
+    });
+});
diff --git a/tests/fixtures/copyleftProject/package.json b/tests/fixtures/copyleftProject/package.json
new file mode 100644
index 0000000..4ddc8b1
--- /dev/null
+++ b/tests/fixtures/copyleftProject/package.json
@@ -0,0 +1,5 @@
+{
+  "name": "copyleft-project",
+  "version": "1.0.0",
+  "license": "GPL-3.0-only"
+}
diff --git a/tests/test.js b/tests/test.js
index b1d889f..e5942a6 100644
--- a/tests/test.js
+++ b/tests/test.js
@@ -288,6 +288,15 @@ describe('main tests', function() {
         });
     });
 
+    describe('should exit on single failOnCopyleft license', function() {
+        var result={};
+        before(parseAndFailOn('failOnCopyleft', './fixtures/copyleftProject', true, result));
+
+        it('should exit on GPL licensed modules from results', function() {
+            assert.equal(result.exitCode, 1);
+        });
+    });
+
     describe('should parse local and handle private modules', function() {
         var output;
         before(function(done) {