test: verify expected license type from mapping in UrlToLicenseMapping tests

[vincent067]

Summary

This PR addresses issue #492 by adding verification that the license content fetched from URLs actually matches the expected license type defined in the UrlToLicenseMapping.

Problem

The existing tests verified that license URLs were accessible and returned content, but they did not validate that the content corresponds to the expected license type (e.g., MIT, Apache-2.0) as defined in the mapping.

Solution

• Modified the CompareLicense method to accept the expectedLicenseType parameter
• Added VerifyLicenseType method that validates license content against known patterns for each license type
• Updated the test method to pass the mapped license value to the comparer

License Type Validation

The new validation checks for:

• MIT: Contains "MIT LICENSE" or "THE MIT LICENSE"
• Apache-2.0: Contains "APACHE LICENSE", "APACHE 2.0", or "VERSION 2.0"
• BSD-3-Clause: Contains "BSD", "3-CLAUSE", or redistribution terms
• MS-PL: Contains "MICROSOFT", "MS-PL", or "MICROSOFT PUBLIC LICENSE"

Testing

The existing verified snapshots continue to work, and the additional license type validation ensures the mapping is correct.

Fixes #492

Summary by CodeRabbit

Release Notes

• New Features

  • Added CSV as a new output format option for license reports
  • Introduced --include-columns command-line option to filter displayed columns in output
  • Updated table and markdown formatters to support selective column display

• Tests

  • Enhanced license-type validation in license mapping tests

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR extends the output formatting system to support CSV export with selective column inclusion. It adds an IncludedColumns CLI option, implements a CsvOutputFormatter class, updates the table formatter to support column filtering, and modifies a URL-to-license mapping test to validate expected license types from the mapping.

Changes

Cohort / File(s)	Summary
Output Type & Core Interfaces src/NuGetUtility/OutputType.cs, src/NuGetLicense/ICommandLineOptions.cs, src/NuGetLicense/ICommandLineOptionsParser.cs	Added Csv enum value to OutputType; introduced IncludedColumns nullable property to ICommandLineOptions; extended GetOutputFormatter signature to accept string? includedColumns parameter.
CLI & Wiring src/NuGetLicense/Program.cs, src/NuGetLicense/CommandLineOptionsParser.cs, src/NuGetLicense/LicenseValidationOrchestrator.cs	Added --include-columns (-c) CLI option to Program; implemented ParseIncludedColumns helper and updated GetOutputFormatter to parse and route columns to formatters; updated orchestrator to pass options.IncludedColumns through the formatter construction pipeline.
Output Formatters src/NuGetLicense/Output/Csv/CsvOutputFormatter.cs, src/NuGetLicense/Output/Table/TableOutputFormatter.cs	Added new CsvOutputFormatter class with CSV serialization, result filtering (errors-only/ignored packages), and dynamic column selection with escaping; updated TableOutputFormatter to accept optional includedColumns parameter and filter displayed columns by case-insensitive name matching.
Test Updates tests/NuGetUtility.UrlToLicenseMapping.Test/UrlToLicenseMappingTest.cs	Extended test to validate license types from URL→license mapping alongside content verification; added licenseTypeMatches condition and enhanced CompareLicense to accept expected license type validation.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• Added CSV output format #468: Adds CSV output support; this PR directly extends that feature by adding column-filtering capability to the CSV formatter and wiring it through the CLI and orchestrator.
• Split LicenseValidationHandler into parser and orchestrator #418: Refactored command-line options parsing and GetOutputFormatter contract; this PR extends those interfaces and implementation with the new includedColumns parameter.
• Migrate to McMaster.CommandLineUtils with source generation #428: Introduced ICommandLineOptions interface; this PR adds the IncludedColumns property to that contract alongside related CLI updates.

Suggested reviewers

• sensslen

Poem

🐰 A rabbit hops through columns so neat,
CSV rows make parsing complete!
With filters to choose what to show,
The license mapper validates below,
Our output now dances with flexible grace! ✨

🚥 Pre-merge checks | ✅ 1 | ❌ 4

❌ Failed checks (4 warnings)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The PR title describes the test fix for license type verification but omits the CSV output feature additions that comprise significant portions of the changeset.	Revise title to reflect main changes or split PR into separate commits for CSV feature and test fix, then retitle to match primary objective.
Linked Issues check	⚠️ Warning	The PR addresses #492 by updating UrlToLicenseMappingTest.cs to validate expected license types; CSV output feature changes appear unrelated to the linked issue.	Verify CSV output feature is required by #492 or separate it into a distinct PR to maintain issue-objective alignment.
Out of Scope Changes check	⚠️ Warning	CSV output feature (CsvOutputFormatter, OutputType.Csv enum, --include-columns option) and related formatter changes are not mentioned in issue #492 requirements.	Move CSV feature changes to a separate PR or document their necessity in the linked issue to clarify scope.
Docstring Coverage	⚠️ Warning	Docstring coverage is 7.14% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

⚔️ Resolve merge conflicts

• Resolve merge conflict in branch fix/issue-492-verify-license-mapping

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[sonarqubecloud]

Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (3)

tests/NuGetUtility.UrlToLicenseMapping.Test/UrlToLicenseMappingTest.cs (1)

143-158: Consider failing explicitly for unhandled license types instead of defaulting to true.

The _ => true catch-all allows unknown license types to pass validation silently. While all currently mapped license types (MIT, Apache-2.0, BSD-3-Clause, MS-PL) are covered, if someone adds a new mapping using LicenseExpressions.Gpl20, Gpl30, or Bsd20 from LicenseExpressions.cs, the test would pass without actual validation—exactly the false positive scenario issue #492 aimed to prevent.

♻️ Proposed fix to fail fast on unknown license types

                 "MS-PL" => normalizedContent.Contains("MICROSOFT") || 
                            normalizedContent.Contains("MS-PL") ||
                            normalizedContent.Contains("MICROSOFT PUBLIC LICENSE"),
-                _ => true // If we don't have specific validation for this license type, allow it to pass
+                _ => throw new NotSupportedException($"No validation pattern defined for license type: {expectedLicenseType}. Please add a case to VerifyLicenseType.")
             };

This ensures that adding new license mappings without corresponding validation patterns causes an immediate, actionable test failure rather than a silent pass.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@tests/NuGetUtility.UrlToLicenseMapping.Test/UrlToLicenseMappingTest.cs`
around lines 143 - 158, The switch's catch-all currently returns true, allowing
unknown license types to silently pass; update the switch on expectedLicenseType
(which inspects normalizedContent) to fail explicitly for unhandled types—e.g.,
replace the default arm (_ => true) with a failing result (return false or throw
an InvalidOperationException/assertion) so any new mapping (e.g.,
LicenseExpressions.Gpl20/Gpl30/Bsd20) without a corresponding validation case
causes the test to fail and forces adding a proper validation branch.

src/NuGetLicense/CommandLineOptionsParser.cs (1)

180-195: Consider deduplicating semicolon-list parsing logic.

ParseIncludedColumns and the inline-list branch in ParseStringArrayOrFile now implement near-identical splitting/trimming behavior, which can drift over time.

Possible refactor

+        private static string[] ParseSemicolonSeparatedValues(string value)
+        {
+            string[] parts = value.Split([';'], StringSplitOptions.RemoveEmptyEntries);
+            for (int i = 0; i < parts.Length; i++)
+            {
+                parts[i] = parts[i].Trim();
+            }
+            return Array.FindAll(parts, part => part.Length > 0);
+        }
+
         private string[] ParseStringArrayOrFile(string? value)
         {
             if (value is null)
             {
                 return Array.Empty<string>();
             }
@@
-            string[] parts = value.Split([';'], StringSplitOptions.RemoveEmptyEntries);
-            // Trim each part manually for .NET Framework compatibility
-            for (int i = 0; i < parts.Length; i++)
-            {
-                parts[i] = parts[i].Trim();
-            }
-            return Array.FindAll(parts, part => part.Length > 0);
+            return ParseSemicolonSeparatedValues(value);
         }

         private string[] ParseIncludedColumns(string? value)
         {
             if (value is null)
             {
                 return Array.Empty<string>();
             }

-            // Parse as semicolon-separated inline values
-            string[] parts = value.Split([';'], StringSplitOptions.RemoveEmptyEntries);
-            // Trim each part manually for .NET Framework compatibility
-            for (int i = 0; i < parts.Length; i++)
-            {
-                parts[i] = parts[i].Trim();
-            }
-            return Array.FindAll(parts, part => part.Length > 0);
+            return ParseSemicolonSeparatedValues(value);
         }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/NuGetLicense/CommandLineOptionsParser.cs` around lines 180 - 195,
ParseIncludedColumns duplicates the semicolon-splitting/trimming logic found in
the inline-list branch of ParseStringArrayOrFile; extract that logic into a
single helper (e.g., SplitAndTrimSemicolonList or ParseSemicolonSeparatedValues)
that accepts a nullable string and returns string[] (splits on ';', trims each
entry, removes empties) while preserving the manual Trim loop for .NET Framework
compatibility, then replace the body of ParseIncludedColumns and the inline-list
branch in ParseStringArrayOrFile to call that helper.

src/NuGetLicense/Output/Csv/CsvOutputFormatter.cs (1)

55-57: Normalize included column names consistently with table output matching.

Table output strips spaces before matching, but CSV currently requires exact key names. The same CLI input can behave differently across formats.

Proposed refactor

-            var columnsToInclude = _includedColumns.Length > 0
-                ? allColumns.Where(c => _includedColumns.Contains(c.Key, StringComparer.OrdinalIgnoreCase)).ToList()
-                : allColumns.ToList();
+            static string Normalize(string value) => value.Replace(" ", "", StringComparison.Ordinal);
+            HashSet<string> requested = _includedColumns
+                .Select(Normalize)
+                .ToHashSet(StringComparer.OrdinalIgnoreCase);
+
+            var columnsToInclude = _includedColumns.Length > 0
+                ? allColumns.Where(c => requested.Contains(Normalize(c.Key))).ToList()
+                : allColumns.ToList();

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/NuGetLicense/Output/Csv/CsvOutputFormatter.cs` around lines 55 - 57, The
CSV formatter currently matches _includedColumns against column keys exactly
whereas the table output strips spaces; update the columnsToInclude logic in
CsvOutputFormatter (the block that defines columnsToInclude) to normalize both
sides the same way the table does: create a normalizedIncluded collection by
trimming/stripping spaces and applying case-insensitivity to each entry from
_includedColumns, and then filter allColumns by comparing a similarly normalized
c.Key (remove spaces and use OrdinalIgnoreCase) against that normalizedIncluded
set so CSV and table formats behave identically.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@src/NuGetLicense/Output/Csv/CsvOutputFormatter.cs`:
- Around line 39-63: The CSV column map in CsvOutputFormatter (the allColumns
Dictionary<string, Func<LicenseValidationResult, string?>>) is missing the
"PackageProjectUrl" key, so "--include-columns PackageProjectUrl" doesn't match;
add an entry like ["PackageProjectUrl"] = r => r.PackageProjectUrl (or the
appropriate property on LicenseValidationResult) to the allColumns initializer
so the existing include/filter logic (_includedColumns, columnsToInclude) will
recognize and output that column consistently with other formats.

In `@src/NuGetLicense/Program.cs`:
- Around line 71-72: The CLI help text for the IncludedColumns option uses a
non-existent column token "License"; update the Option attribute Description on
the IncludedColumns property so the example uses the correct column key
"LicenseExpression" (e.g., "Package;Version;LicenseExpression") and ensure the
Available columns list still includes LicenseExpression; modify the Description
string in the IncludedColumns property to reflect this replacement.

---

Nitpick comments:
In `@src/NuGetLicense/CommandLineOptionsParser.cs`:
- Around line 180-195: ParseIncludedColumns duplicates the
semicolon-splitting/trimming logic found in the inline-list branch of
ParseStringArrayOrFile; extract that logic into a single helper (e.g.,
SplitAndTrimSemicolonList or ParseSemicolonSeparatedValues) that accepts a
nullable string and returns string[] (splits on ';', trims each entry, removes
empties) while preserving the manual Trim loop for .NET Framework compatibility,
then replace the body of ParseIncludedColumns and the inline-list branch in
ParseStringArrayOrFile to call that helper.

In `@src/NuGetLicense/Output/Csv/CsvOutputFormatter.cs`:
- Around line 55-57: The CSV formatter currently matches _includedColumns
against column keys exactly whereas the table output strips spaces; update the
columnsToInclude logic in CsvOutputFormatter (the block that defines
columnsToInclude) to normalize both sides the same way the table does: create a
normalizedIncluded collection by trimming/stripping spaces and applying
case-insensitivity to each entry from _includedColumns, and then filter
allColumns by comparing a similarly normalized c.Key (remove spaces and use
OrdinalIgnoreCase) against that normalizedIncluded set so CSV and table formats
behave identically.

In `@tests/NuGetUtility.UrlToLicenseMapping.Test/UrlToLicenseMappingTest.cs`:
- Around line 143-158: The switch's catch-all currently returns true, allowing
unknown license types to silently pass; update the switch on expectedLicenseType
(which inspects normalizedContent) to fail explicitly for unhandled types—e.g.,
replace the default arm (_ => true) with a failing result (return false or throw
an InvalidOperationException/assertion) so any new mapping (e.g.,
LicenseExpressions.Gpl20/Gpl30/Bsd20) without a corresponding validation case
causes the test to fail and forces adding a proper validation branch.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 4eb23be4-5673-4ad6-9cdc-3c9cc8630337

📥 Commits

Reviewing files that changed from the base of the PR and between 2dbc992 and bca418e.

📒 Files selected for processing (9)

• src/NuGetLicense/CommandLineOptionsParser.cs
• src/NuGetLicense/ICommandLineOptions.cs
• src/NuGetLicense/ICommandLineOptionsParser.cs
• src/NuGetLicense/LicenseValidationOrchestrator.cs
• src/NuGetLicense/Output/Csv/CsvOutputFormatter.cs
• src/NuGetLicense/Output/Table/TableOutputFormatter.cs
• src/NuGetLicense/Program.cs
• src/NuGetUtility/OutputType.cs
• tests/NuGetUtility.UrlToLicenseMapping.Test/UrlToLicenseMappingTest.cs

[coderabbitai]

⚠️ Potential issue | 🟠 Major

PackageProjectUrl is missing from CSV column definitions, breaking a documented include-column value.

--include-columns PackageProjectUrl currently yields no match here and can fall back to all columns, which is surprising. Program advertises this column, and table output supports it.

Proposed fix

             var allColumns = new Dictionary<string, Func<LicenseValidationResult, string?>>(StringComparer.OrdinalIgnoreCase)
             {
                 ["Package"] = r => r.PackageId,
                 ["Version"] = r => r.PackageVersion.ToString(),
                 ["LicenseInformationOrigin"] = r => r.LicenseInformationOrigin.ToString(),
                 ["LicenseExpression"] = r => r.License,
                 ["LicenseUrl"] = r => r.LicenseUrl,
+                ["PackageProjectUrl"] = r => r.PackageProjectUrl,
                 ["Copyright"] = r => r.Copyright,
                 ["Authors"] = r => r.Authors,
                 ["Description"] = r => r.Description,
                 ["Summary"] = r => r.Summary,
                 ["Error"] = r => r.ValidationErrors.Any() ? string.Join("; ", r.ValidationErrors.Select(e => e.Error)) : null,
                 ["ErrorContext"] = r => r.ValidationErrors.Any() ? string.Join("; ", r.ValidationErrors.Select(e => e.Context)) : null
             };

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	var allColumns = new Dictionary<string, Func<LicenseValidationResult, string?>>(StringComparer.OrdinalIgnoreCase)
	{
	["Package"] = r => r.PackageId,
	["Version"] = r => r.PackageVersion.ToString(),
	["LicenseInformationOrigin"] = r => r.LicenseInformationOrigin.ToString(),
	["LicenseExpression"] = r => r.License,
	["LicenseUrl"] = r => r.LicenseUrl,
	["Copyright"] = r => r.Copyright,
	["Authors"] = r => r.Authors,
	["Description"] = r => r.Description,
	["Summary"] = r => r.Summary,
	["Error"] = r => r.ValidationErrors.Any() ? string.Join("; ", r.ValidationErrors.Select(e => e.Error)) : null,
	["ErrorContext"] = r => r.ValidationErrors.Any() ? string.Join("; ", r.ValidationErrors.Select(e => e.Context)) : null
	};
	// Determine which columns to include
	var columnsToInclude = _includedColumns.Length > 0
	? allColumns.Where(c => _includedColumns.Contains(c.Key, StringComparer.OrdinalIgnoreCase)).ToList()
	: allColumns.ToList();
	// If no valid columns specified, use all columns
	if (columnsToInclude.Count == 0)
	{
	columnsToInclude = allColumns.ToList();
	}
	var allColumns = new Dictionary<string, Func<LicenseValidationResult, string?>>(StringComparer.OrdinalIgnoreCase)
	{
	["Package"] = r => r.PackageId,
	["Version"] = r => r.PackageVersion.ToString(),
	["LicenseInformationOrigin"] = r => r.LicenseInformationOrigin.ToString(),
	["LicenseExpression"] = r => r.License,
	["LicenseUrl"] = r => r.LicenseUrl,
	["PackageProjectUrl"] = r => r.PackageProjectUrl,
	["Copyright"] = r => r.Copyright,
	["Authors"] = r => r.Authors,
	["Description"] = r => r.Description,
	["Summary"] = r => r.Summary,
	["Error"] = r => r.ValidationErrors.Any() ? string.Join("; ", r.ValidationErrors.Select(e => e.Error)) : null,
	["ErrorContext"] = r => r.ValidationErrors.Any() ? string.Join("; ", r.ValidationErrors.Select(e => e.Context)) : null
	};
	// Determine which columns to include
	var columnsToInclude = _includedColumns.Length > 0
	? allColumns.Where(c => _includedColumns.Contains(c.Key, StringComparer.OrdinalIgnoreCase)).ToList()
	: allColumns.ToList();
	// If no valid columns specified, use all columns
	if (columnsToInclude.Count == 0)
	{
	columnsToInclude = allColumns.ToList();
	}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/NuGetLicense/Output/Csv/CsvOutputFormatter.cs` around lines 39 - 63, The
CSV column map in CsvOutputFormatter (the allColumns Dictionary<string,
Func<LicenseValidationResult, string?>>) is missing the "PackageProjectUrl" key,
so "--include-columns PackageProjectUrl" doesn't match; add an entry like
["PackageProjectUrl"] = r => r.PackageProjectUrl (or the appropriate property on
LicenseValidationResult) to the allColumns initializer so the existing
include/filter logic (_includedColumns, columnsToInclude) will recognize and
output that column consistently with other formats.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

CLI help example uses a non-existent column token.

The example shows License, but the implemented column key is LicenseExpression. This can cause user confusion and failed filtering attempts.

Proposed wording fix

-        [Option("-c|--include-columns", Description = "Specifies which columns to include in the output. Provide a semicolon-separated list of column names (e.g., \"Package;Version;License\"). Available columns: Package, Version, LicenseInformationOrigin, LicenseExpression, LicenseUrl, Copyright, Authors, PackageProjectUrl, Error, ErrorContext. If omitted, all relevant columns are shown.")]
+        [Option("-c|--include-columns", Description = "Specifies which columns to include in the output. Provide a semicolon-separated list of column names (e.g., \"Package;Version;LicenseExpression\"). Available columns: Package, Version, LicenseInformationOrigin, LicenseExpression, LicenseUrl, Copyright, Authors, PackageProjectUrl, Error, ErrorContext. If omitted, all relevant columns are shown.")]

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	[Option("-c|--include-columns", Description = "Specifies which columns to include in the output. Provide a semicolon-separated list of column names (e.g., \"Package;Version;License\"). Available columns: Package, Version, LicenseInformationOrigin, LicenseExpression, LicenseUrl, Copyright, Authors, PackageProjectUrl, Error, ErrorContext. If omitted, all relevant columns are shown.")]
	public string? IncludedColumns { get; set; }
	[Option("-c|--include-columns", Description = "Specifies which columns to include in the output. Provide a semicolon-separated list of column names (e.g., \"Package;Version;LicenseExpression\"). Available columns: Package, Version, LicenseInformationOrigin, LicenseExpression, LicenseUrl, Copyright, Authors, PackageProjectUrl, Error, ErrorContext. If omitted, all relevant columns are shown.")]
	public string? IncludedColumns { get; set; }

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@src/NuGetLicense/Program.cs` around lines 71 - 72, The CLI help text for the
IncludedColumns option uses a non-existent column token "License"; update the
Option attribute Description on the IncludedColumns property so the example uses
the correct column key "LicenseExpression" (e.g.,
"Package;Version;LicenseExpression") and ensure the Available columns list still
includes LicenseExpression; modify the Description string in the IncludedColumns
property to reflect this replacement.

[sensslen]

@vincent067 thank you for your contribution but I cannot accept this PR as 1. it contains a lot of code from a prior PR of yours that I will not accept as csv output support is already in main and released. 2. This test does not add anything. The expected license texts are already included as text files in the repository. Adding this code just complicates maintanance and does not improve test coverage.