From 739b0ff5fa53277db150ab1f34e5164592824262 Mon Sep 17 00:00:00 2001
From: Chris Campbell <808531+ctcampbell@users.noreply.github.com>
Date: Wed, 7 Feb 2024 21:36:12 +0000
Subject: [PATCH] Initial commit

---
 README.md                 |   4 ++
 convert.py                |  19 ++++++
 dist/blueoak-licenses.yml | 135 ++++++++++++++++++++++++++++++++++++++
 requirements.txt          |   9 +++
 4 files changed, 167 insertions(+)
 create mode 100644 convert.py
 create mode 100644 dist/blueoak-licenses.yml
 create mode 100644 requirements.txt

diff --git a/README.md b/README.md
index f541b8c..2f7680e 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,6 @@
 # blueoak-to-dependency-review
 A GitHub Dependency Review compatible YAML file for https://blueoakcouncil.org/list
+
+### USE AT YOUR OWN RISK
+
+No assessment is done on these licenses during conversion, all assessment has been performed by Blue Oak Council. I, and my employer, accept no responsibilty whatsoever for your usage of this tool and its output.
\ No newline at end of file
diff --git a/convert.py b/convert.py
new file mode 100644
index 0000000..f2cbc9b
--- /dev/null
+++ b/convert.py
@@ -0,0 +1,19 @@
+import requests
+
+
+undesirable_ratings = ["Model", "Lead"]
+
+
+if __name__ == '__main__':
+  response = requests.get("https://blueoakcouncil.org/list.json")
+  if response.ok:
+    license_list = response.json()
+    real_license_list = [x for x in license_list["ratings"] if x["name"] not in undesirable_ratings]
+
+    with open("dist/blueoak-licenses.yml", "w") as f:
+      f.write("allow_licenses:\n")
+      for rating in real_license_list:
+        f.write(f"  # {rating['name']}\n")
+        f.write(f"  # {rating['notes']}\n")
+        for license in rating["licenses"]:
+          f.write(f"  - '{license['id']}'\n")
\ No newline at end of file
diff --git a/dist/blueoak-licenses.yml b/dist/blueoak-licenses.yml
new file mode 100644
index 0000000..42adc50
--- /dev/null
+++ b/dist/blueoak-licenses.yml
@@ -0,0 +1,135 @@
+allow_licenses:
+  # Gold
+  # These licenses address patents explicitly, use robust language, and require only simple notice of license terms and copyright notices.
+  - 'BSD-2-Clause-Patent'
+  # Silver
+  # These licenses use robust language but either fail to address patents explicitly or require more than simple notice of license terms and copyright notices.
+  - 'ADSL'
+  - 'Apache-2.0'
+  - 'APAFML'
+  - 'BSD-1-Clause'
+  - 'BSD-2-Clause'
+  - 'BSD-2-Clause-FreeBSD'
+  - 'BSD-2-Clause-NetBSD'
+  - 'BSD-2-Clause-Views'
+  - 'BSL-1.0'
+  - 'DSDP'
+  - 'ECL-1.0'
+  - 'ECL-2.0'
+  - 'ImageMagick'
+  - 'ISC'
+  - 'Linux-OpenIB'
+  - 'MIT'
+  - 'MIT-Modern-Variant'
+  - 'MS-PL'
+  - 'MulanPSL-1.0'
+  - 'Mup'
+  - 'PostgreSQL'
+  - 'Spencer-99'
+  - 'UPL-1.0'
+  - 'Xerox'
+  # Bronze
+  # These licenses lack important but nonessential elements of permissive open software licenses or impose additional requirements or restrictions, such as BSD-style prohibitions against endorsement and promotion.
+  - '0BSD'
+  - 'AFL-1.1'
+  - 'AFL-1.2'
+  - 'AFL-2.0'
+  - 'AFL-2.1'
+  - 'AFL-3.0'
+  - 'AMDPLPA'
+  - 'AML'
+  - 'AMPAS'
+  - 'ANTLR-PD'
+  - 'ANTLR-PD-fallback'
+  - 'Apache-1.0'
+  - 'Apache-1.1'
+  - 'Artistic-2.0'
+  - 'Bahyph'
+  - 'Barr'
+  - 'BSD-3-Clause'
+  - 'BSD-3-Clause-Attribution'
+  - 'BSD-3-Clause-Clear'
+  - 'BSD-3-Clause-LBNL'
+  - 'BSD-3-Clause-Modification'
+  - 'BSD-3-Clause-No-Nuclear-License-2014'
+  - 'BSD-3-Clause-No-Nuclear-Warranty'
+  - 'BSD-3-Clause-Open-MPI'
+  - 'BSD-4-Clause'
+  - 'BSD-4-Clause-Shortened'
+  - 'BSD-4-Clause-UC'
+  - 'BSD-Source-Code'
+  - 'bzip2-1.0.5'
+  - 'bzip2-1.0.6'
+  - 'CC0-1.0'
+  - 'CNRI-Jython'
+  - 'CNRI-Python'
+  - 'CNRI-Python-GPL-Compatible'
+  - 'Cube'
+  - 'curl'
+  - 'eGenix'
+  - 'Entessa'
+  - 'FTL'
+  - 'HTMLTIDY'
+  - 'IBM-pibs'
+  - 'ICU'
+  - 'Info-ZIP'
+  - 'Intel'
+  - 'JasPer-2.0'
+  - 'Libpng'
+  - 'libpng-2.0'
+  - 'libtiff'
+  - 'LPPL-1.3c'
+  - 'MIT-0'
+  - 'MIT-advertising'
+  - 'MIT-open-group'
+  - 'MIT-CMU'
+  - 'MIT-enna'
+  - 'MIT-feh'
+  - 'MITNFA'
+  - 'MTLL'
+  - 'MulanPSL-2.0'
+  - 'Multics'
+  - 'Naumen'
+  - 'NCSA'
+  - 'Net-SNMP'
+  - 'NetCDF'
+  - 'NTP'
+  - 'OLDAP-2.0'
+  - 'OLDAP-2.0.1'
+  - 'OLDAP-2.1'
+  - 'OLDAP-2.2'
+  - 'OLDAP-2.2.1'
+  - 'OLDAP-2.2.2'
+  - 'OLDAP-2.3'
+  - 'OLDAP-2.4'
+  - 'OLDAP-2.5'
+  - 'OLDAP-2.6'
+  - 'OLDAP-2.7'
+  - 'OLDAP-2.8'
+  - 'OML'
+  - 'OpenSSL'
+  - 'PHP-3.0'
+  - 'PHP-3.01'
+  - 'Plexus'
+  - 'PSF-2.0'
+  - 'Python-2.0'
+  - 'Ruby'
+  - 'Saxpath'
+  - 'SGI-B-2.0'
+  - 'SMLNJ'
+  - 'SWL'
+  - 'TCL'
+  - 'TCP-wrappers'
+  - 'Unicode-DFS-2015'
+  - 'Unicode-DFS-2016'
+  - 'Unlicense'
+  - 'VSL-1.0'
+  - 'W3C'
+  - 'X11'
+  - 'XFree86-1.1'
+  - 'Xnet'
+  - 'xpp'
+  - 'Zlib'
+  - 'zlib-acknowledgement'
+  - 'ZPL-2.0'
+  - 'ZPL-2.1'
diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000..b16b14a
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1,9 @@
+certifi==2023.7.22
+charset-normalizer==3.3.2
+distlib==0.3.7
+filelock==3.12.4
+idna==3.6
+pipenv==2023.10.3
+platformdirs==3.11.0
+requests==2.31.0
+urllib3==2.2.0