diff options
author | Bob Badour <bbadour@google.com> | 2022-01-31 13:05:53 -0800 |
---|---|---|
committer | Bob Badour <bbadour@google.com> | 2022-01-31 14:16:23 -0800 |
commit | c817845ea5da2686a192a1a29f8bf98ae460c980 (patch) | |
tree | 82d75cd904e0bd232f6af78dfe14a8ff6af6c16b | |
parent | 91af68b1e10daa8ca1cf2433430eafe5c079a36f (diff) | |
download | build-c817845ea5da2686a192a1a29f8bf98ae460c980.tar.gz |
license metadata reverse trace
Introduce the below command-line tool:
rtrace outputs a list of targets and conditions causing one or more
projects or target nodes to require sharing to resolve a restricted
condition.
Bug: 68860345
Bug: 151177513
Bug: 151953481
Bug: 213388645
Bug: 210912771
Test: m all
Test: m systemlicense
Test: m rtrace; out/soong/host/linux-x85/rtrace -rtrace=...
where ... is a project or license metadata file followed by the path to
the .meta_lic file for the system image. In my case if
$ export PRODUCT=$(realpath $ANDROID_PRODUCT_OUT --relative-to=$PWD)
... can be expressed as:
system/core ${PRODUCT}/gen/META/lic_intermediates/${PRODUCT}/system.img.meta_lic
or
${PRODUCT}/gen/META/lic_intermediates/${PRODUCT}/system.img.meta_lic ${PRODUCT}/gen/META/lic_intermediates/${PRODUCT}/system.img.meta_lic
Change-Id: I40a0586699d9b8a8dd2bd4ba26756c9649ebf964
-rw-r--r-- | tools/compliance/Android.bp | 7 | ||||
-rw-r--r-- | tools/compliance/cmd/rtrace/rtrace.go | 185 | ||||
-rw-r--r-- | tools/compliance/cmd/rtrace/rtrace_test.go | 316 | ||||
-rw-r--r-- | tools/compliance/policy_policy.go | 4 | ||||
-rw-r--r-- | tools/compliance/policy_policy_test.go | 2 | ||||
-rw-r--r-- | tools/compliance/policy_resolve.go | 33 | ||||
-rw-r--r-- | tools/compliance/resolutionset.go | 16 |
7 files changed, 556 insertions, 7 deletions
diff --git a/tools/compliance/Android.bp b/tools/compliance/Android.bp index 7037670b93..43132822c6 100644 --- a/tools/compliance/Android.bp +++ b/tools/compliance/Android.bp @@ -60,6 +60,13 @@ blueprint_go_binary { } blueprint_go_binary { + name: "rtrace", + srcs: ["cmd/rtrace/rtrace.go"], + deps: ["compliance-module"], + testSrcs: ["cmd/rtrace/rtrace_test.go"], +} + +blueprint_go_binary { name: "shippedlibs", srcs: ["cmd/shippedlibs/shippedlibs.go"], deps: ["compliance-module"], diff --git a/tools/compliance/cmd/rtrace/rtrace.go b/tools/compliance/cmd/rtrace/rtrace.go new file mode 100644 index 0000000000..a2ff5941cc --- /dev/null +++ b/tools/compliance/cmd/rtrace/rtrace.go @@ -0,0 +1,185 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package main + +import ( + "flag" + "fmt" + "io" + "os" + "path/filepath" + "sort" + "strings" + + "android/soong/tools/compliance" +) + +var ( + sources = newMultiString("rtrace", "Projects or metadata files to trace back from. (required; multiple allowed)") + stripPrefix = flag.String("strip_prefix", "", "Prefix to remove from paths. i.e. path to root") + + failNoneRequested = fmt.Errorf("\nNo license metadata files requested") + failNoSources = fmt.Errorf("\nNo projects or metadata files to trace back from") + failNoLicenses = fmt.Errorf("No licenses found") +) + +type context struct { + sources []string + stripPrefix string +} + +func init() { + flag.Usage = func() { + fmt.Fprintf(os.Stderr, `Usage: %s {options} file.meta_lic {file.meta_lic...} + +Outputs a space-separated Target ActsOn Origin Condition tuple for each +resolution in the graph. When -dot flag given, outputs nodes and edges +in graphviz directed graph format. + +If one or more '-c condition' conditions are given, outputs the +resolution for the union of the conditions. Otherwise, outputs the +resolution for all conditions. + +In plain text mode, when '-label_conditions' is requested, the Target +and Origin have colon-separated license conditions appended: +i.e. target:condition1:condition2 etc. + +Options: +`, filepath.Base(os.Args[0])) + flag.PrintDefaults() + } +} + +// newMultiString creates a flag that allows multiple values in an array. +func newMultiString(name, usage string) *multiString { + var f multiString + flag.Var(&f, name, usage) + return &f +} + +// multiString implements the flag `Value` interface for multiple strings. +type multiString []string + +func (ms *multiString) String() string { return strings.Join(*ms, ", ") } +func (ms *multiString) Set(s string) error { *ms = append(*ms, s); return nil } + +func main() { + flag.Parse() + + // Must specify at least one root target. + if flag.NArg() == 0 { + flag.Usage() + os.Exit(2) + } + + if len(*sources) == 0 { + flag.Usage() + fmt.Fprintf(os.Stderr, "\nMust specify at least 1 --rtrace source.\n") + os.Exit(2) + } + + ctx := &context{ + sources: *sources, + stripPrefix: *stripPrefix, + } + _, err := traceRestricted(ctx, os.Stdout, os.Stderr, flag.Args()...) + if err != nil { + if err == failNoneRequested { + flag.Usage() + } + fmt.Fprintf(os.Stderr, "%s\n", err.Error()) + os.Exit(1) + } + os.Exit(0) +} + +// traceRestricted implements the rtrace utility. +func traceRestricted(ctx *context, stdout, stderr io.Writer, files ...string) (*compliance.LicenseGraph, error) { + if len(files) < 1 { + return nil, failNoneRequested + } + + if len(ctx.sources) < 1 { + return nil, failNoSources + } + + // Read the license graph from the license metadata files (*.meta_lic). + licenseGraph, err := compliance.ReadLicenseGraph(os.DirFS("."), stderr, files) + if err != nil { + return nil, fmt.Errorf("Unable to read license metadata file(s) %q: %v\n", files, err) + } + if licenseGraph == nil { + return nil, failNoLicenses + } + + sourceMap := make(map[string]struct{}) + for _, source := range ctx.sources { + sourceMap[source] = struct{}{} + } + + compliance.TraceTopDownConditions(licenseGraph, func(tn *compliance.TargetNode) compliance.LicenseConditionSet { + if _, isPresent := sourceMap[tn.Name()]; isPresent { + return compliance.ImpliesRestricted + } + for _, project := range tn.Projects() { + if _, isPresent := sourceMap[project]; isPresent { + return compliance.ImpliesRestricted + } + } + return compliance.NewLicenseConditionSet() + }) + + // targetOut calculates the string to output for `target` adding `sep`-separated conditions as needed. + targetOut := func(target *compliance.TargetNode, sep string) string { + tOut := strings.TrimPrefix(target.Name(), ctx.stripPrefix) + return tOut + } + + // outputResolution prints a resolution in the requested format to `stdout`, where one can read + // a resolution as `tname` resolves conditions named in `cnames`. + // `tname` is the name of the target the resolution traces back to. + // `cnames` is the list of conditions to resolve. + outputResolution := func(tname string, cnames []string) { + // ... one edge per line with names in a colon-separated tuple. + fmt.Fprintf(stdout, "%s %s\n", tname, strings.Join(cnames, ":")) + } + + // Sort the resolutions by targetname for repeatability/stability. + actions := compliance.WalkResolutionsForCondition(licenseGraph, compliance.ImpliesShared).AllActions() + targets := make(compliance.TargetNodeList, 0, len(actions)) + for tn := range actions { + if tn.LicenseConditions().MatchesAnySet(compliance.ImpliesRestricted) { + targets = append(targets, tn) + } + } + sort.Sort(targets) + + // Output the sorted targets. + for _, target := range targets { + var tname string + tname = targetOut(target, ":") + + // cnames accumulates the list of condition names originating at a single origin that apply to `target`. + cnames := target.LicenseConditions().Names() + + // Output 1 line for each attachesTo+actsOn combination. + outputResolution(tname, cnames) + } + fmt.Fprintf(stdout, "restricted conditions trace to %d targets\n", len(targets)) + if 0 == len(targets) { + fmt.Fprintln(stdout, " (check for typos in project names or metadata files)") + } + return licenseGraph, nil +} diff --git a/tools/compliance/cmd/rtrace/rtrace_test.go b/tools/compliance/cmd/rtrace/rtrace_test.go new file mode 100644 index 0000000000..658aa965ea --- /dev/null +++ b/tools/compliance/cmd/rtrace/rtrace_test.go @@ -0,0 +1,316 @@ +// Copyright 2021 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package main + +import ( + "bytes" + "fmt" + "os" + "strings" + "testing" +) + +func TestMain(m *testing.M) { + // Change into the parent directory before running the tests + // so they can find the testdata directory. + if err := os.Chdir(".."); err != nil { + fmt.Printf("failed to change to testdata directory: %s\n", err) + os.Exit(1) + } + os.Exit(m.Run()) +} + +func Test_plaintext(t *testing.T) { + tests := []struct { + condition string + name string + roots []string + ctx context + expectedOut []string + }{ + { + condition: "firstparty", + name: "apex", + roots: []string{"highest.apex.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "firstparty", + name: "apex_trimmed", + roots: []string{"highest.apex.meta_lic"}, + ctx: context{ + sources: []string{"testdata/firstparty/bin/bin1.meta_lic"}, + stripPrefix: "testdata/firstparty/", + }, + expectedOut: []string{}, + }, + { + condition: "firstparty", + name: "container", + roots: []string{"container.zip.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "firstparty", + name: "application", + roots: []string{"application.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "firstparty", + name: "binary", + roots: []string{"bin/bin1.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "firstparty", + name: "library", + roots: []string{"lib/libd.so.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "notice", + name: "apex", + roots: []string{"highest.apex.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "notice", + name: "apex_trimmed", + roots: []string{"highest.apex.meta_lic"}, + ctx: context{ + sources: []string{"testdata/notice/bin/bin1.meta_lic"}, + stripPrefix: "testdata/notice/", + }, + expectedOut: []string{}, + }, + { + condition: "notice", + name: "container", + roots: []string{"container.zip.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "notice", + name: "application", + roots: []string{"application.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "notice", + name: "binary", + roots: []string{"bin/bin1.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "notice", + name: "library", + roots: []string{"lib/libd.so.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "reciprocal", + name: "apex", + roots: []string{"highest.apex.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "reciprocal", + name: "apex_trimmed", + roots: []string{"highest.apex.meta_lic"}, + ctx: context{ + sources: []string{"testdata/reciprocal/bin/bin1.meta_lic"}, + stripPrefix: "testdata/reciprocal/", + }, + expectedOut: []string{}, + }, + { + condition: "reciprocal", + name: "container", + roots: []string{"container.zip.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "reciprocal", + name: "application", + roots: []string{"application.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "reciprocal", + name: "binary", + roots: []string{"bin/bin1.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "reciprocal", + name: "library", + roots: []string{"lib/libd.so.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "restricted", + name: "apex", + roots: []string{"highest.apex.meta_lic"}, + expectedOut: []string{ + "testdata/restricted/lib/liba.so.meta_lic restricted_allows_dynamic_linking", + "testdata/restricted/lib/libb.so.meta_lic restricted", + }, + }, + { + condition: "restricted", + name: "apex_trimmed_bin1", + roots: []string{"highest.apex.meta_lic"}, + ctx: context{ + sources: []string{"testdata/restricted/bin/bin1.meta_lic"}, + stripPrefix: "testdata/restricted/", + }, + expectedOut: []string{"lib/liba.so.meta_lic restricted_allows_dynamic_linking"}, + }, + { + condition: "restricted", + name: "apex_trimmed_bin2", + roots: []string{"highest.apex.meta_lic"}, + ctx: context{ + sources: []string{"testdata/restricted/bin/bin2.meta_lic"}, + stripPrefix: "testdata/restricted/", + }, + expectedOut: []string{"lib/libb.so.meta_lic restricted"}, + }, + { + condition: "restricted", + name: "container", + roots: []string{"container.zip.meta_lic"}, + expectedOut: []string{ + "testdata/restricted/lib/liba.so.meta_lic restricted_allows_dynamic_linking", + "testdata/restricted/lib/libb.so.meta_lic restricted", + }, + }, + { + condition: "restricted", + name: "application", + roots: []string{"application.meta_lic"}, + expectedOut: []string{"testdata/restricted/lib/liba.so.meta_lic restricted_allows_dynamic_linking"}, + }, + { + condition: "restricted", + name: "binary", + roots: []string{"bin/bin1.meta_lic"}, + expectedOut: []string{"testdata/restricted/lib/liba.so.meta_lic restricted_allows_dynamic_linking"}, + }, + { + condition: "restricted", + name: "library", + roots: []string{"lib/libd.so.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "proprietary", + name: "apex", + roots: []string{"highest.apex.meta_lic"}, + expectedOut: []string{"testdata/proprietary/lib/libb.so.meta_lic restricted"}, + }, + { + condition: "proprietary", + name: "apex_trimmed_bin1", + roots: []string{"highest.apex.meta_lic"}, + ctx: context{ + sources: []string{"testdata/proprietary/bin/bin1.meta_lic"}, + stripPrefix: "testdata/proprietary/", + }, + expectedOut: []string{}, + }, + { + condition: "proprietary", + name: "apex_trimmed_bin2", + roots: []string{"highest.apex.meta_lic"}, + ctx: context{ + sources: []string{"testdata/proprietary/bin/bin2.meta_lic"}, + stripPrefix: "testdata/proprietary/", + }, + expectedOut: []string{"lib/libb.so.meta_lic restricted"}, + }, + { + condition: "proprietary", + name: "container", + roots: []string{"container.zip.meta_lic"}, + expectedOut: []string{"testdata/proprietary/lib/libb.so.meta_lic restricted"}, + }, + { + condition: "proprietary", + name: "application", + roots: []string{"application.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "proprietary", + name: "binary", + roots: []string{"bin/bin1.meta_lic"}, + expectedOut: []string{}, + }, + { + condition: "proprietary", + name: "library", + roots: []string{"lib/libd.so.meta_lic"}, + expectedOut: []string{}, + }, + } + for _, tt := range tests { + t.Run(tt.condition+" "+tt.name, func(t *testing.T) { + expectedOut := &bytes.Buffer{} + for _, eo := range tt.expectedOut { + expectedOut.WriteString(eo) + expectedOut.WriteString("\n") + } + fmt.Fprintf(expectedOut, "restricted conditions trace to %d targets\n", len(tt.expectedOut)) + if 0 == len(tt.expectedOut) { + fmt.Fprintln(expectedOut, " (check for typos in project names or metadata files)") + } + + stdout := &bytes.Buffer{} + stderr := &bytes.Buffer{} + + rootFiles := make([]string, 0, len(tt.roots)) + for _, r := range tt.roots { + rootFiles = append(rootFiles, "testdata/"+tt.condition+"/"+r) + } + if len(tt.ctx.sources) < 1 { + tt.ctx.sources = rootFiles + } + _, err := traceRestricted(&tt.ctx, stdout, stderr, rootFiles...) + t.Logf("rtrace: stderr = %v", stderr) + t.Logf("rtrace: stdout = %v", stdout) + if err != nil { + t.Fatalf("rtrace: error = %v", err) + return + } + if stderr.Len() > 0 { + t.Errorf("rtrace: gotStderr = %v, want none", stderr) + } + out := stdout.String() + expected := expectedOut.String() + if out != expected { + outList := strings.Split(out, "\n") + expectedList := strings.Split(expected, "\n") + startLine := 0 + for startLine < len(outList) && startLine < len(expectedList) && outList[startLine] == expectedList[startLine] { + startLine++ + } + t.Errorf("rtrace: gotStdout = %v, want %v, somewhere near line %d Stdout = %v, want %v", + out, expected, startLine+1, outList[startLine], expectedList[startLine]) + } + }) + } +} diff --git a/tools/compliance/policy_policy.go b/tools/compliance/policy_policy.go index 442025ea63..60bdf48e22 100644 --- a/tools/compliance/policy_policy.go +++ b/tools/compliance/policy_policy.go @@ -218,7 +218,7 @@ func depConditionsPropagatingToTarget(lg *LicenseGraph, e *TargetEdge, depCondit // aggregation, per policy it ceases to be a pure aggregation in the context of // that derivative work. The `treatAsAggregate` parameter will be false for // non-aggregates and for aggregates in non-aggregate contexts. -func targetConditionsPropagatingToDep(lg *LicenseGraph, e *TargetEdge, targetConditions LicenseConditionSet, treatAsAggregate bool) LicenseConditionSet { +func targetConditionsPropagatingToDep(lg *LicenseGraph, e *TargetEdge, targetConditions LicenseConditionSet, treatAsAggregate bool, conditionsFn TraceConditions) LicenseConditionSet { result := targetConditions // reverse direction -- none of these apply to things depended-on, only to targets depending-on. @@ -232,7 +232,7 @@ func targetConditionsPropagatingToDep(lg *LicenseGraph, e *TargetEdge, targetCon if treatAsAggregate { // If the author of a pure aggregate licenses it restricted, apply restricted to immediate dependencies. // Otherwise, restricted does not propagate back down to dependencies. - if !LicenseConditionSetFromNames(e.target, e.target.proto.LicenseConditions...).MatchesAnySet(ImpliesRestricted) { + if !conditionsFn(e.target).MatchesAnySet(ImpliesRestricted) { result = result.Difference(ImpliesRestricted) } return result diff --git a/tools/compliance/policy_policy_test.go b/tools/compliance/policy_policy_test.go index 32dd5fd52d..27ce16c54a 100644 --- a/tools/compliance/policy_policy_test.go +++ b/tools/compliance/policy_policy_test.go @@ -282,7 +282,7 @@ func TestPolicy_edgeConditions(t *testing.T) { targetConditions = targetConditions.Union(otn.licenseConditions) } t.Logf("calculate dep conditions for edge=%s, target conditions=%v, treatAsAggregate=%v", edge.String(), targetConditions.Names(), tt.treatAsAggregate) - cs := targetConditionsPropagatingToDep(lg, edge, targetConditions, tt.treatAsAggregate) + cs := targetConditionsPropagatingToDep(lg, edge, targetConditions, tt.treatAsAggregate, AllResolutions) t.Logf("calculated dep conditions as %v", cs.Names()) actual := cs.Names() sort.Strings(actual) diff --git a/tools/compliance/policy_resolve.go b/tools/compliance/policy_resolve.go index 336894af0a..d357aec2b0 100644 --- a/tools/compliance/policy_resolve.go +++ b/tools/compliance/policy_resolve.go @@ -18,6 +18,16 @@ import ( "sync" ) +var ( + // AllResolutions is a TraceConditions function that resolves all + // unfiltered license conditions. + AllResolutions = TraceConditions(func(tn *TargetNode) LicenseConditionSet { return tn.licenseConditions }) +) + +// TraceConditions is a function that returns the conditions to trace for each +// target node `tn`. +type TraceConditions func(tn *TargetNode) LicenseConditionSet + // ResolveBottomUpConditions performs a bottom-up walk of the LicenseGraph // propagating conditions up the graph as necessary according to the properties // of each edge and according to each license condition in question. @@ -29,6 +39,14 @@ import ( // not resolve the library and its transitive closure, but the later top-down // walk will. func ResolveBottomUpConditions(lg *LicenseGraph) { + TraceBottomUpConditions(lg, AllResolutions) +} + +// TraceBottomUpConditions performs a bottom-up walk of the LicenseGraph +// propagating trace conditions from `conditionsFn` up the graph as necessary +// according to the properties of each edge and according to each license +// condition in question. +func TraceBottomUpConditions(lg *LicenseGraph, conditionsFn TraceConditions) { // short-cut if already walked and cached lg.mu.Lock() @@ -70,7 +88,7 @@ func ResolveBottomUpConditions(lg *LicenseGraph) { // needs to walk again in non-aggregate context delete(cmap, target) } else { - target.resolution |= target.licenseConditions + target.resolution |= conditionsFn(target) amap[target] = struct{}{} } if treatAsAggregate { @@ -123,6 +141,13 @@ func ResolveBottomUpConditions(lg *LicenseGraph) { // dependency except restricted. For restricted, the policy is to share the // source of any libraries linked to restricted code and to provide notice. func ResolveTopDownConditions(lg *LicenseGraph) { + TraceTopDownConditions(lg, AllResolutions) +} + +// TraceTopDownCondtions performs a top-down walk of the LicenseGraph +// propagating trace conditions returned by `conditionsFn` from target to +// dependency. +func TraceTopDownConditions(lg *LicenseGraph, conditionsFn TraceConditions) { // short-cut if already walked and cached lg.mu.Lock() @@ -139,7 +164,7 @@ func ResolveTopDownConditions(lg *LicenseGraph) { lg.mu.Unlock() // start with the conditions propagated up the graph - ResolveBottomUpConditions(lg) + TraceBottomUpConditions(lg, conditionsFn) // amap contains the set of targets already walked. (guarded by mu) amap := make(map[*TargetNode]struct{}) @@ -156,7 +181,7 @@ func ResolveTopDownConditions(lg *LicenseGraph) { walk = func(fnode *TargetNode, cs LicenseConditionSet, treatAsAggregate bool) { defer wg.Done() mu.Lock() - fnode.resolution |= fnode.licenseConditions + fnode.resolution |= conditionsFn(fnode) fnode.resolution |= cs amap[fnode] = struct{}{} if treatAsAggregate { @@ -168,7 +193,7 @@ func ResolveTopDownConditions(lg *LicenseGraph) { for _, edge := range fnode.edges { func(edge *TargetEdge) { // dcs holds the dpendency conditions inherited from the target - dcs := targetConditionsPropagatingToDep(lg, edge, cs, treatAsAggregate) + dcs := targetConditionsPropagatingToDep(lg, edge, cs, treatAsAggregate, conditionsFn) dnode := edge.dependency mu.Lock() defer mu.Unlock() diff --git a/tools/compliance/resolutionset.go b/tools/compliance/resolutionset.go index ef898834a0..7c8f333b68 100644 --- a/tools/compliance/resolutionset.go +++ b/tools/compliance/resolutionset.go @@ -86,6 +86,22 @@ func (rs ResolutionSet) Resolutions(attachesTo *TargetNode) ResolutionList { return result } +// AllActions returns the set of actions required to resolve the set omitting +// the attachment. +func (rs ResolutionSet) AllActions() ActionSet { + result := make(ActionSet) + for _, as := range rs { + for actsOn, cs := range as { + if _, ok := result[actsOn]; ok { + result[actsOn] = cs.Union(result[actsOn]) + } else { + result[actsOn] = cs + } + } + } + return result +} + // String returns a human-readable string representation of the set. func (rs ResolutionSet) String() string { var sb strings.Builder |