Merge changes I73975ca7,I98e2c1ee

* changes:
  license metadata bill of materials list
  license metadata shipped libraries list

tools/compliance/Android.bp

@@ -17,6 +17,13 @@ package {
     default_applicable_licenses: ["Android-Apache-2.0"],
 }
 
+blueprint_go_binary {
+    name: "bom",
+    srcs: ["cmd/bom.go"],
+    deps: ["compliance-module"],
+    testSrcs: ["cmd/bom_test.go"],
+}
+
 blueprint_go_binary {
     name: "checkshare",
     srcs: ["cmd/checkshare.go"],
@@ -52,6 +59,13 @@ blueprint_go_binary {
     testSrcs: ["cmd/htmlnotice_test.go"],
 }
 
+blueprint_go_binary {
+    name: "shippedlibs",
+    srcs: ["cmd/shippedlibs.go"],
+    deps: ["compliance-module"],
+    testSrcs: ["cmd/shippedlibs_test.go"],
+}
+
 blueprint_go_binary {
     name: "textnotice",
     srcs: ["cmd/textnotice.go"],

tools/compliance/cmd/bom.go

@@ -0,0 +1,144 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"bytes"
+	"compliance"
+	"flag"
+	"fmt"
+	"io"
+	"io/fs"
+	"os"
+	"path/filepath"
+	"strings"
+)
+
+var (
+	outputFile  = flag.String("o", "-", "Where to write the bill of materials. (default stdout)")
+	stripPrefix = flag.String("strip_prefix", "", "Prefix to remove from paths. i.e. path to root")
+
+	failNoneRequested = fmt.Errorf("\nNo license metadata files requested")
+	failNoLicenses    = fmt.Errorf("No licenses found")
+)
+
+type context struct {
+	stdout      io.Writer
+	stderr      io.Writer
+	rootFS      fs.FS
+	stripPrefix string
+}
+
+func init() {
+	flag.Usage = func() {
+		fmt.Fprintf(os.Stderr, `Usage: %s {options} file.meta_lic {file.meta_lic...}
+
+Outputs a bill of materials. i.e. the list of installed paths.
+
+Options:
+`, filepath.Base(os.Args[0]))
+		flag.PrintDefaults()
+	}
+}
+
+func main() {
+	flag.Parse()
+
+	// Must specify at least one root target.
+	if flag.NArg() == 0 {
+		flag.Usage()
+		os.Exit(2)
+	}
+
+	if len(*outputFile) == 0 {
+		flag.Usage()
+		fmt.Fprintf(os.Stderr, "must specify file for -o; use - for stdout\n")
+		os.Exit(2)
+	} else {
+		dir, err := filepath.Abs(filepath.Dir(*outputFile))
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "cannot determine path to %q: %w\n", *outputFile, err)
+			os.Exit(1)
+		}
+		fi, err := os.Stat(dir)
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "cannot read directory %q of %q: %w\n", dir, *outputFile, err)
+			os.Exit(1)
+		}
+		if !fi.IsDir() {
+			fmt.Fprintf(os.Stderr, "parent %q of %q is not a directory\n", dir, *outputFile)
+			os.Exit(1)
+		}
+	}
+
+	var ofile io.Writer
+	ofile = os.Stdout
+	if *outputFile != "-" {
+		ofile = &bytes.Buffer{}
+	}
+
+	ctx := &context{ofile, os.Stderr, os.DirFS("."), *stripPrefix}
+
+	err := billOfMaterials(ctx, flag.Args()...)
+	if err != nil {
+		if err == failNoneRequested {
+			flag.Usage()
+		}
+		fmt.Fprintf(os.Stderr, "%s\n", err.Error())
+		os.Exit(1)
+	}
+	if *outputFile != "-" {
+		err := os.WriteFile(*outputFile, ofile.(*bytes.Buffer).Bytes(), 0666)
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "could not write output to %q: %w\n", *outputFile, err)
+			os.Exit(1)
+		}
+	}
+	os.Exit(0)
+}
+
+// billOfMaterials implements the bom utility.
+func billOfMaterials(ctx *context, files ...string) error {
+	// Must be at least one root file.
+	if len(files) < 1 {
+		return failNoneRequested
+	}
+
+	// Read the license graph from the license metadata files (*.meta_lic).
+	licenseGraph, err := compliance.ReadLicenseGraph(ctx.rootFS, ctx.stderr, files)
+	if err != nil {
+		return fmt.Errorf("Unable to read license metadata file(s) %q: %v\n", files, err)
+	}
+	if licenseGraph == nil {
+		return failNoLicenses
+	}
+
+	// rs contains all notice resolutions.
+	rs := compliance.ResolveNotices(licenseGraph)
+
+	ni, err := compliance.IndexLicenseTexts(ctx.rootFS, licenseGraph, rs)
+	if err != nil {
+		return fmt.Errorf("Unable to read license text file(s) for %q: %v\n", files, err)
+	}
+
+	for path := range ni.InstallPaths() {
+		if 0 < len(ctx.stripPrefix) && strings.HasPrefix(path, ctx.stripPrefix) {
+			fmt.Fprintln(ctx.stdout, path[len(ctx.stripPrefix):])
+		} else {
+			fmt.Fprintln(ctx.stdout, path)
+		}
+	}
+	return nil
+}

tools/compliance/cmd/bom_test.go

@@ -0,0 +1,308 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"bufio"
+	"bytes"
+	"os"
+	"strings"
+	"testing"
+)
+
+func Test(t *testing.T) {
+	tests := []struct {
+		condition   string
+		name        string
+		roots       []string
+		stripPrefix string
+		expectedOut []string
+	}{
+		{
+			condition: "firstparty",
+			name:      "apex",
+			roots:     []string{"highest.apex.meta_lic"},
+			stripPrefix: "out/target/product/fictional",
+			expectedOut: []string{
+				"/system/apex/highest.apex",
+				"/system/apex/highest.apex/bin/bin1",
+				"/system/apex/highest.apex/bin/bin2",
+				"/system/apex/highest.apex/lib/liba.so",
+				"/system/apex/highest.apex/lib/libb.so",
+			},
+		},
+		{
+			condition: "firstparty",
+			name:      "container",
+			roots:     []string{"container.zip.meta_lic"},
+			stripPrefix: "out/target/product/fictional/data/",
+			expectedOut: []string{
+				"container.zip",
+				"container.zip/bin1",
+				"container.zip/bin2",
+				"container.zip/liba.so",
+				"container.zip/libb.so",
+			},
+		},
+		{
+			condition: "firstparty",
+			name:      "application",
+			roots:     []string{"application.meta_lic"},
+			stripPrefix: "out/target/product/fictional/bin/",
+			expectedOut: []string{"application"},
+		},
+		{
+			condition: "firstparty",
+			name:      "binary",
+			roots:     []string{"bin/bin1.meta_lic"},
+			stripPrefix: "out/target/product/fictional/system/",
+			expectedOut: []string{"bin/bin1"},
+		},
+		{
+			condition: "firstparty",
+			name:      "library",
+			roots:     []string{"lib/libd.so.meta_lic"},
+			stripPrefix: "out/target/product/fictional/system/",
+			expectedOut: []string{"lib/libd.so"},
+		},
+		{
+			condition: "notice",
+			name:      "apex",
+			roots:     []string{"highest.apex.meta_lic"},
+			expectedOut: []string{
+				"out/target/product/fictional/system/apex/highest.apex",
+				"out/target/product/fictional/system/apex/highest.apex/bin/bin1",
+				"out/target/product/fictional/system/apex/highest.apex/bin/bin2",
+				"out/target/product/fictional/system/apex/highest.apex/lib/liba.so",
+				"out/target/product/fictional/system/apex/highest.apex/lib/libb.so",
+			},
+		},
+		{
+			condition: "notice",
+			name:      "container",
+			roots:     []string{"container.zip.meta_lic"},
+			expectedOut: []string{
+				"out/target/product/fictional/data/container.zip",
+				"out/target/product/fictional/data/container.zip/bin1",
+				"out/target/product/fictional/data/container.zip/bin2",
+				"out/target/product/fictional/data/container.zip/liba.so",
+				"out/target/product/fictional/data/container.zip/libb.so",
+			},
+		},
+		{
+			condition: "notice",
+			name:      "application",
+			roots:     []string{"application.meta_lic"},
+			expectedOut: []string{"out/target/product/fictional/bin/application"},
+		},
+		{
+			condition: "notice",
+			name:      "binary",
+			roots:     []string{"bin/bin1.meta_lic"},
+			expectedOut: []string{"out/target/product/fictional/system/bin/bin1"},
+		},
+		{
+			condition: "notice",
+			name:      "library",
+			roots:     []string{"lib/libd.so.meta_lic"},
+			expectedOut: []string{"out/target/product/fictional/system/lib/libd.so"},
+		},
+		{
+			condition: "reciprocal",
+			name:      "apex",
+			roots:     []string{"highest.apex.meta_lic"},
+			stripPrefix: "out/target/product/fictional/system/apex/",
+			expectedOut: []string{
+				"highest.apex",
+				"highest.apex/bin/bin1",
+				"highest.apex/bin/bin2",
+				"highest.apex/lib/liba.so",
+				"highest.apex/lib/libb.so",
+			},
+		},
+		{
+			condition: "reciprocal",
+			name:      "container",
+			roots:     []string{"container.zip.meta_lic"},
+			stripPrefix: "out/target/product/fictional/data/",
+			expectedOut: []string{
+				"container.zip",
+				"container.zip/bin1",
+				"container.zip/bin2",
+				"container.zip/liba.so",
+				"container.zip/libb.so",
+			},
+		},
+		{
+			condition: "reciprocal",
+			name:      "application",
+			roots:     []string{"application.meta_lic"},
+			stripPrefix: "out/target/product/fictional/bin/",
+			expectedOut: []string{"application"},
+		},
+		{
+			condition: "reciprocal",
+			name:      "binary",
+			roots:     []string{"bin/bin1.meta_lic"},
+			stripPrefix: "out/target/product/fictional/system/",
+			expectedOut: []string{"bin/bin1"},
+		},
+		{
+			condition: "reciprocal",
+			name:      "library",
+			roots:     []string{"lib/libd.so.meta_lic"},
+			stripPrefix: "out/target/product/fictional/system/",
+			expectedOut: []string{"lib/libd.so"},
+		},
+		{
+			condition: "restricted",
+			name:      "apex",
+			roots:     []string{"highest.apex.meta_lic"},
+			stripPrefix: "out/target/product/fictional/system/apex/",
+			expectedOut: []string{
+				"highest.apex",
+				"highest.apex/bin/bin1",
+				"highest.apex/bin/bin2",
+				"highest.apex/lib/liba.so",
+				"highest.apex/lib/libb.so",
+			},
+		},
+		{
+			condition: "restricted",
+			name:      "container",
+			roots:     []string{"container.zip.meta_lic"},
+			stripPrefix: "out/target/product/fictional/data/",
+			expectedOut: []string{
+				"container.zip",
+				"container.zip/bin1",
+				"container.zip/bin2",
+				"container.zip/liba.so",
+				"container.zip/libb.so",
+			},
+		},
+		{
+			condition: "restricted",
+			name:      "application",
+			roots:     []string{"application.meta_lic"},
+			stripPrefix: "out/target/product/fictional/bin/",
+			expectedOut: []string{"application"},
+		},
+		{
+			condition: "restricted",
+			name:      "binary",
+			roots:     []string{"bin/bin1.meta_lic"},
+			stripPrefix: "out/target/product/fictional/system/",
+			expectedOut: []string{"bin/bin1"},
+		},
+		{
+			condition: "restricted",
+			name:      "library",
+			roots:     []string{"lib/libd.so.meta_lic"},
+			stripPrefix: "out/target/product/fictional/system/",
+			expectedOut: []string{"lib/libd.so"},
+		},
+		{
+			condition: "proprietary",
+			name:      "apex",
+			roots:     []string{"highest.apex.meta_lic"},
+			stripPrefix: "out/target/product/fictional/system/apex/",
+			expectedOut: []string{
+				"highest.apex",
+				"highest.apex/bin/bin1",
+				"highest.apex/bin/bin2",
+				"highest.apex/lib/liba.so",
+				"highest.apex/lib/libb.so",
+			},
+		},
+		{
+			condition: "proprietary",
+			name:      "container",
+			roots:     []string{"container.zip.meta_lic"},
+			stripPrefix: "out/target/product/fictional/data/",
+			expectedOut: []string{
+				"container.zip",
+				"container.zip/bin1",
+				"container.zip/bin2",
+				"container.zip/liba.so",
+				"container.zip/libb.so",
+			},
+		},
+		{
+			condition: "proprietary",
+			name:      "application",
+			roots:     []string{"application.meta_lic"},
+			stripPrefix: "out/target/product/fictional/bin/",
+			expectedOut: []string{"application"},
+		},
+		{
+			condition: "proprietary",
+			name:      "binary",
+			roots:     []string{"bin/bin1.meta_lic"},
+			stripPrefix: "out/target/product/fictional/system/",
+			expectedOut: []string{"bin/bin1"},
+		},
+		{
+			condition: "proprietary",
+			name:      "library",
+			roots:     []string{"lib/libd.so.meta_lic"},
+			stripPrefix: "out/target/product/fictional/system/",
+			expectedOut: []string{"lib/libd.so"},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.condition+" "+tt.name, func(t *testing.T) {
+			stdout := &bytes.Buffer{}
+			stderr := &bytes.Buffer{}
+
+			rootFiles := make([]string, 0, len(tt.roots))
+			for _, r := range tt.roots {
+				rootFiles = append(rootFiles, "testdata/"+tt.condition+"/"+r)
+			}
+
+			ctx := context{stdout, stderr, os.DirFS("."), tt.stripPrefix}
+
+			err := billOfMaterials(&ctx, rootFiles...)
+			if err != nil {
+				t.Fatalf("bom: error = %w, stderr = %v", err, stderr)
+				return
+			}
+			if stderr.Len() > 0 {
+				t.Errorf("bom: gotStderr = %v, want none", stderr)
+			}
+
+			t.Logf("got stdout: %s", stdout.String())
+
+			t.Logf("want stdout: %s", strings.Join(tt.expectedOut, "\n"))
+
+			out := bufio.NewScanner(stdout)
+			lineno := 0
+			for out.Scan() {
+				line := out.Text()
+				if strings.TrimLeft(line, " ") == "" {
+					continue
+				}
+				if len(tt.expectedOut) <= lineno {
+					t.Errorf("bom: unexpected output at line %d: got %q, want nothing (wanted %d lines)", lineno+1, line, len(tt.expectedOut))
+				} else if tt.expectedOut[lineno] != line {
+					t.Errorf("bom: unexpected output at line %d: got %q, want %q", lineno+1, line, tt.expectedOut[lineno])
+				}
+				lineno++
+			}
+			for ; lineno < len(tt.expectedOut); lineno++ {
+				t.Errorf("bom: missing output line %d: ended early, want %q", lineno+1, tt.expectedOut[lineno])
+			}
+		})
+	}
+}

tools/compliance/cmd/shippedlibs.go

@@ -0,0 +1,137 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"bytes"
+	"compliance"
+	"flag"
+	"fmt"
+	"io"
+	"io/fs"
+	"os"
+	"path/filepath"
+)
+
+var (
+	outputFile  = flag.String("o", "-", "Where to write the library list. (default stdout)")
+
+	failNoneRequested = fmt.Errorf("\nNo license metadata files requested")
+	failNoLicenses    = fmt.Errorf("No licenses found")
+)
+
+type context struct {
+	stdout      io.Writer
+	stderr      io.Writer
+	rootFS      fs.FS
+}
+
+func init() {
+	flag.Usage = func() {
+		fmt.Fprintf(os.Stderr, `Usage: %s {options} file.meta_lic {file.meta_lic...}
+
+Outputs a list of libraries used in the shipped images.
+
+Options:
+`, filepath.Base(os.Args[0]))
+		flag.PrintDefaults()
+	}
+}
+
+func main() {
+	flag.Parse()
+
+	// Must specify at least one root target.
+	if flag.NArg() == 0 {
+		flag.Usage()
+		os.Exit(2)
+	}
+
+	if len(*outputFile) == 0 {
+		flag.Usage()
+		fmt.Fprintf(os.Stderr, "must specify file for -o; use - for stdout\n")
+		os.Exit(2)
+	} else {
+		dir, err := filepath.Abs(filepath.Dir(*outputFile))
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "cannot determine path to %q: %w\n", *outputFile, err)
+			os.Exit(1)
+		}
+		fi, err := os.Stat(dir)
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "cannot read directory %q of %q: %w\n", dir, *outputFile, err)
+			os.Exit(1)
+		}
+		if !fi.IsDir() {
+			fmt.Fprintf(os.Stderr, "parent %q of %q is not a directory\n", dir, *outputFile)
+			os.Exit(1)
+		}
+	}
+
+	var ofile io.Writer
+	ofile = os.Stdout
+	if *outputFile != "-" {
+		ofile = &bytes.Buffer{}
+	}
+
+	ctx := &context{ofile, os.Stderr, os.DirFS(".")}
+
+	err := shippedLibs(ctx, flag.Args()...)
+	if err != nil {
+		if err == failNoneRequested {
+			flag.Usage()
+		}
+		fmt.Fprintf(os.Stderr, "%s\n", err.Error())
+		os.Exit(1)
+	}
+	if *outputFile != "-" {
+		err := os.WriteFile(*outputFile, ofile.(*bytes.Buffer).Bytes(), 0666)
+		if err != nil {
+			fmt.Fprintf(os.Stderr, "could not write output to %q: %w\n", *outputFile, err)
+			os.Exit(1)
+		}
+	}
+	os.Exit(0)
+}
+
+// shippedLibs implements the shippedlibs utility.
+func shippedLibs(ctx *context, files ...string) error {
+	// Must be at least one root file.
+	if len(files) < 1 {
+		return failNoneRequested
+	}
+
+	// Read the license graph from the license metadata files (*.meta_lic).
+	licenseGraph, err := compliance.ReadLicenseGraph(ctx.rootFS, ctx.stderr, files)
+	if err != nil {
+		return fmt.Errorf("Unable to read license metadata file(s) %q: %v\n", files, err)
+	}
+	if licenseGraph == nil {
+		return failNoLicenses
+	}
+
+	// rs contains all notice resolutions.
+	rs := compliance.ResolveNotices(licenseGraph)
+
+	ni, err := compliance.IndexLicenseTexts(ctx.rootFS, licenseGraph, rs)
+	if err != nil {
+		return fmt.Errorf("Unable to read license text file(s) for %q: %v\n", files, err)
+	}
+
+	for lib := range ni.Libraries() {
+		fmt.Fprintln(ctx.stdout, lib)
+	}
+	return nil
+}

tools/compliance/cmd/shippedlibs_test.go

@@ -0,0 +1,227 @@
+// Copyright 2021 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package main
+
+import (
+	"bufio"
+	"bytes"
+	"os"
+	"strings"
+	"testing"
+)
+
+func Test(t *testing.T) {
+	tests := []struct {
+		condition   string
+		name        string
+		roots       []string
+		expectedOut []string
+	}{
+		{
+			condition: "firstparty",
+			name:      "apex",
+			roots:     []string{"highest.apex.meta_lic"},
+			expectedOut: []string{"Android"},
+		},
+		{
+			condition: "firstparty",
+			name:      "container",
+			roots:     []string{"container.zip.meta_lic"},
+			expectedOut: []string{"Android"},
+		},
+		{
+			condition: "firstparty",
+			name:      "application",
+			roots:     []string{"application.meta_lic"},
+			expectedOut: []string{"Android"},
+		},
+		{
+			condition: "firstparty",
+			name:      "binary",
+			roots:     []string{"bin/bin1.meta_lic"},
+			expectedOut: []string{"Android"},
+		},
+		{
+			condition: "firstparty",
+			name:      "library",
+			roots:     []string{"lib/libd.so.meta_lic"},
+			expectedOut: []string{"Android"},
+		},
+		{
+			condition: "notice",
+			name:      "apex",
+			roots:     []string{"highest.apex.meta_lic"},
+			expectedOut: []string{"Android", "Device", "External"},
+		},
+		{
+			condition: "notice",
+			name:      "container",
+			roots:     []string{"container.zip.meta_lic"},
+			expectedOut: []string{"Android", "Device", "External"},
+		},
+		{
+			condition: "notice",
+			name:      "application",
+			roots:     []string{"application.meta_lic"},
+			expectedOut: []string{"Android", "Device"},
+		},
+		{
+			condition: "notice",
+			name:      "binary",
+			roots:     []string{"bin/bin1.meta_lic"},
+			expectedOut: []string{"Android", "Device", "External"},
+		},
+		{
+			condition: "notice",
+			name:      "library",
+			roots:     []string{"lib/libd.so.meta_lic"},
+			expectedOut: []string{"External"},
+		},
+		{
+			condition: "reciprocal",
+			name:      "apex",
+			roots:     []string{"highest.apex.meta_lic"},
+			expectedOut: []string{"Android", "Device", "External"},
+		},
+		{
+			condition: "reciprocal",
+			name:      "container",
+			roots:     []string{"container.zip.meta_lic"},
+			expectedOut: []string{"Android", "Device", "External"},
+		},
+		{
+			condition: "reciprocal",
+			name:      "application",
+			roots:     []string{"application.meta_lic"},
+			expectedOut: []string{"Android", "Device"},
+		},
+		{
+			condition: "reciprocal",
+			name:      "binary",
+			roots:     []string{"bin/bin1.meta_lic"},
+			expectedOut: []string{"Android", "Device", "External"},
+		},
+		{
+			condition: "reciprocal",
+			name:      "library",
+			roots:     []string{"lib/libd.so.meta_lic"},
+			expectedOut: []string{"External"},
+		},
+		{
+			condition: "restricted",
+			name:      "apex",
+			roots:     []string{"highest.apex.meta_lic"},
+			expectedOut: []string{"Android", "Device", "External"},
+		},
+		{
+			condition: "restricted",
+			name:      "container",
+			roots:     []string{"container.zip.meta_lic"},
+			expectedOut: []string{"Android", "Device", "External"},
+		},
+		{
+			condition: "restricted",
+			name:      "application",
+			roots:     []string{"application.meta_lic"},
+			expectedOut: []string{"Android", "Device"},
+		},
+		{
+			condition: "restricted",
+			name:      "binary",
+			roots:     []string{"bin/bin1.meta_lic"},
+			expectedOut: []string{"Android", "Device", "External"},
+		},
+		{
+			condition: "restricted",
+			name:      "library",
+			roots:     []string{"lib/libd.so.meta_lic"},
+			expectedOut: []string{"External"},
+		},
+		{
+			condition: "proprietary",
+			name:      "apex",
+			roots:     []string{"highest.apex.meta_lic"},
+			expectedOut: []string{"Android", "Device", "External"},
+		},
+		{
+			condition: "proprietary",
+			name:      "container",
+			roots:     []string{"container.zip.meta_lic"},
+			expectedOut: []string{"Android", "Device", "External"},
+		},
+		{
+			condition: "proprietary",
+			name:      "application",
+			roots:     []string{"application.meta_lic"},
+			expectedOut: []string{"Android", "Device"},
+		},
+		{
+			condition: "proprietary",
+			name:      "binary",
+			roots:     []string{"bin/bin1.meta_lic"},
+			expectedOut: []string{"Android", "Device", "External"},
+		},
+		{
+			condition: "proprietary",
+			name:      "library",
+			roots:     []string{"lib/libd.so.meta_lic"},
+			expectedOut: []string{"External"},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.condition+" "+tt.name, func(t *testing.T) {
+			stdout := &bytes.Buffer{}
+			stderr := &bytes.Buffer{}
+
+			rootFiles := make([]string, 0, len(tt.roots))
+			for _, r := range tt.roots {
+				rootFiles = append(rootFiles, "testdata/"+tt.condition+"/"+r)
+			}
+
+			ctx := context{stdout, stderr, os.DirFS(".")}
+
+			err := shippedLibs(&ctx, rootFiles...)
+			if err != nil {
+				t.Fatalf("shippedLibs: error = %w, stderr = %v", err, stderr)
+				return
+			}
+			if stderr.Len() > 0 {
+				t.Errorf("shippedLibs: gotStderr = %v, want none", stderr)
+			}
+
+			t.Logf("got stdout: %s", stdout.String())
+
+			t.Logf("want stdout: %s", strings.Join(tt.expectedOut, "\n"))
+
+			out := bufio.NewScanner(stdout)
+			lineno := 0
+			for out.Scan() {
+				line := out.Text()
+				if strings.TrimLeft(line, " ") == "" {
+					continue
+				}
+				if len(tt.expectedOut) <= lineno {
+					t.Errorf("shippedLibs: unexpected output at line %d: got %q, want nothing (wanted %d lines)", lineno+1, line, len(tt.expectedOut))
+				} else if tt.expectedOut[lineno] != line {
+					t.Errorf("shippedLibs: unexpected output at line %d: got %q, want %q", lineno+1, line, tt.expectedOut[lineno])
+				}
+				lineno++
+			}
+			for ; lineno < len(tt.expectedOut); lineno++ {
+				t.Errorf("shippedLibs: missing output line %d: ended early, want %q", lineno+1, tt.expectedOut[lineno])
+			}
+		})
+	}
+}

tools/compliance/noticeindex.go

@@ -270,6 +270,23 @@ func (ni *NoticeIndex) InstallHashLibs(installPath string, h hash) []string {
 	return result
 }
 
+// Libraries returns the ordered channel of indexed library names.
+func (ni *NoticeIndex) Libraries() chan string {
+	c := make(chan string)
+	go func() {
+		libs := make([]string, 0, len(ni.libHash))
+		for lib := range ni.libHash {
+			libs = append(libs, lib)
+		}
+		sort.Strings(libs)
+		for _, lib := range libs {
+			c <- lib
+		}
+		close(c)
+	}()
+	return c
+}
+
 // HashText returns the file content of the license text hashed as `h`.
 func (ni *NoticeIndex) HashText(h hash) []byte {
 	return ni.text[h]