gitlab-license_finder 6.14.2.1

data/lib/license_finder/license/text.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+module LicenseFinder
+  class License
+    module Text
+      SPACES = /\s+/.freeze
+      QUOTES = /['`"]{1,2}/.freeze
+      YEAR_PLACEHOLDERS = /<year>/.freeze
+      PLACEHOLDERS = /<[^<>]+>/.freeze
+      SPECIAL_SINGLE_QUOTES = /[‘’]/.freeze
+      SPECIAL_DOUBLE_QUOTES = /[“”„«»]/.freeze
+      ALPHABET_ORDERED_LIST = /\\\([a-z]\\\)\\\s/.freeze
+      ALPHABET_ORDERED_LIST_OPTIONAL = '(\([a-z]\)\s)?'
+      LIST_BULLETS = /(\d{1,2}\\\.|\\\*|\\\-)\\\s/.freeze
+      LIST_BULLETS_OPTIONAL = '(\d{1,2}.|\*|\-)?\s*'
+      NEWLINE_CHARACTER = /\n+/.freeze
+      QUOTE_COMMENT_CHARACTER = /^\s*\>+/.freeze
+      ESCAPED_QUOTES = /\\\"/.freeze
+
+      def self.normalize_punctuation(text)
+        text.dup.force_encoding('UTF-8')
+            .gsub(SPECIAL_DOUBLE_QUOTES, '"')
+            .gsub(SPECIAL_SINGLE_QUOTES, "'")
+            .gsub(QUOTE_COMMENT_CHARACTER, '')
+            .gsub(SPACES, ' ')
+            .gsub(NEWLINE_CHARACTER, ' ')
+            .gsub(ESCAPED_QUOTES, '"')
+            .gsub(QUOTES, '"')
+            .strip
+      rescue ArgumentError => _e
+        text
+      end
+
+      def self.compile_to_regex(text)
+        Regexp.new(Regexp.escape(normalize_punctuation(text))
+                       .gsub(YEAR_PLACEHOLDERS, '(\S*)')
+                       .gsub(PLACEHOLDERS, '(.*)')
+                       .gsub(',', '(,)?')
+                       .gsub('HOLDER', '(HOLDER|OWNER)')
+                       .gsub(ALPHABET_ORDERED_LIST, ALPHABET_ORDERED_LIST_OPTIONAL)
+                       .gsub(LIST_BULLETS, LIST_BULLETS_OPTIONAL))
+      end
+    end
+  end
+end

data/lib/license_finder/license.rb

@@ -0,0 +1,117 @@
+# frozen_string_literal: true
+
+require 'license_finder/license/text'
+require 'license_finder/license/template'
+
+require 'license_finder/license/matcher'
+require 'license_finder/license/header_matcher'
+require 'license_finder/license/any_matcher'
+require 'license_finder/license/none_matcher'
+
+require 'license_finder/license/definitions'
+
+module LicenseFinder
+  class License
+    class << self
+      def all
+        @all ||= Definitions.all
+      end
+
+      def find_by_name(name)
+        name ||= 'unknown'
+        license = all.detect { |l| l.matches_name? l.stripped_name(name) }
+
+        if license
+          license
+        elsif name.include?(OrLicense.operator)
+          OrLicense.new(name)
+        elsif name.include?(AndLicense.operator)
+          AndLicense.new(name)
+        else
+          Definitions.build_unrecognized(name)
+        end
+      end
+
+      def find_by_text(text)
+        all.detect { |l| l.matches_text? text }
+      end
+    end
+
+    def initialize(settings)
+      @short_name  = settings.fetch(:short_name)
+      @pretty_name = settings.fetch(:pretty_name, short_name)
+      @other_names = settings.fetch(:other_names, [])
+      @url         = settings.fetch(:url)
+      @matcher     = settings.fetch(:matcher) { Matcher.from_template(Template.named(short_name)) }
+    end
+
+    attr_reader :url
+
+    def name
+      pretty_name
+    end
+
+    def stripped_name(name)
+      name.sub(/^The /i, '')
+    end
+
+    def matches_name?(name)
+      names.map(&:downcase).include? name.to_s.downcase
+    end
+
+    def matches_text?(text)
+      matcher.matches_text?(text)
+    end
+
+    def eql?(other)
+      name == other.name
+    end
+
+    def hash
+      name.hash
+    end
+
+    def unrecognized_matcher?
+      matcher.is_a?(NoneMatcher)
+    end
+
+    private
+
+    attr_reader :short_name, :pretty_name, :other_names
+    attr_reader :matcher
+
+    def names
+      ([short_name, pretty_name] + other_names).uniq
+    end
+  end
+  class AndLicense < License
+    def self.operator
+      ' AND '
+    end
+
+    def initialize(name, operator = AndLicense.operator)
+      @short_name = name
+      @pretty_name = name
+      @url = nil
+      @matcher = NoneMatcher.new
+      # removes heading and trailing parentesis and splits
+      name = name[1..-2] if name.start_with?('(')
+      names = name.split(operator)
+      @sub_licenses = names.map do |sub_name|
+        License.find_by_name(sub_name)
+      end
+    end
+
+    attr_reader :sub_licenses
+  end
+
+  class OrLicense < AndLicense
+    def self.operator
+      ' OR '
+    end
+
+    def initialize(name)
+      super(name, OrLicense.operator)
+    end
+  end
+end

data/lib/license_finder/license_aggregator.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+module LicenseFinder
+  class LicenseAggregator
+    def initialize(config, aggregate_paths)
+      @config = config
+      @aggregate_paths = aggregate_paths
+    end
+
+    def dependencies
+      aggregate_packages
+    end
+
+    def any_packages?
+      finders.map do |finder|
+        finder.prepare_projects if @config.prepare
+        finder.any_packages?
+      end.reduce(:|)
+    end
+
+    def unapproved
+      aggregate_packages.reject(&:approved?)
+    end
+
+    def restricted
+      aggregate_packages.select(&:restricted?)
+    end
+
+    private
+
+    def finders
+      return @finders unless @finders.nil?
+
+      @finders = if @aggregate_paths.nil?
+                   [LicenseFinder::Core.new(@config)]
+                 else
+                   @aggregate_paths.map do |path|
+                     # Passing file paths as values instead of allowing them to evaluate in config
+                     LicenseFinder::Core.new(@config.merge(project_path: path,
+                                                           log_directory: @config.log_directory || @config.project_path,
+                                                           decisions_file: @config.decisions_file_path))
+                   end
+                 end
+    end
+
+    def aggregate_packages
+      return @packages unless @packages.nil?
+
+      all_packages = finders.flat_map do |finder|
+        finder.prepare_projects if @config.prepare
+        finder.acknowledged.map { |dep| MergedPackage.new(dep, [finder.project_path]) }
+      end
+      @packages = all_packages.group_by { |package| [package.name, package.version] }
+                              .map do |_, packages|
+        MergedPackage.new(packages[0].dependency, packages.flat_map(&:aggregate_paths))
+      end
+    end
+  end
+end

data/lib/license_finder/logger.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+
+require 'logger'
+
+module LicenseFinder
+  class Logger
+    MODE_QUIET = :quiet
+    MODE_INFO = :info
+    MODE_DEBUG = :debug
+
+    attr_reader :mode
+
+    def initialize(mode = nil)
+      @system_logger = ::Logger.new(STDOUT)
+      @system_logger.formatter = proc do |_, _, _, msg|
+        "#{msg}\n"
+      end
+
+      self.mode = mode || MODE_INFO
+    end
+
+    [MODE_INFO, MODE_DEBUG].each do |level|
+      define_method level do |prefix, string, options = {}|
+        msg = format('%s: %s', prefix, colorize(string, options[:color]))
+        log(msg, level)
+      end
+    end
+
+    private
+
+    attr_reader :system_logger
+
+    def colorize(string, color)
+      case color
+      when :red
+        "\e[31m#{string}\e[0m"
+      when :green
+        "\e[32m#{string}\e[0m"
+      when :magenta
+        "\e[35m#{string}\e[0m"
+      else
+        string
+      end
+    end
+
+    def mode=(verbose)
+      @mode = verbose
+
+      return if quiet?
+
+      level = @mode.equal?(MODE_DEBUG) ? ::Logger::DEBUG : ::Logger::INFO
+      system_logger.level = level
+    end
+
+    def log(msg, method)
+      return if quiet?
+
+      system_logger.send(method, msg)
+    end
+
+    def debug?
+      @mode.equal?(MODE_DEBUG)
+    end
+
+    def quiet?
+      @mode.equal?(MODE_QUIET)
+    end
+  end
+end

data/lib/license_finder/package.rb

@@ -0,0 +1,202 @@
+# frozen_string_literal: true
+
+require 'license_finder/package_utils/licensing'
+require 'license_finder/package_utils/license_files'
+require 'license_finder/package_utils/notice_files'
+
+module LicenseFinder
+  # Super-class that adapts data from different package management
+  # systems (gems, npm, pip, etc.) to a common interface.
+  #
+  # Guidance on adding a new system
+  #
+  # - subclass Package, and initialize based on the data you receive from the
+  #   package manager
+  # - if the package specs will report license names, pass :spec_licenses in the
+  #   constructor options
+  # - if the package's files can be searched for licenses pass :install_path in
+  #   the constructor options
+  # - otherwise, override #licenses_from_spec or #license_files
+  class Package
+    attr_reader :logger
+
+    def self.license_names_from_standard_spec(spec)
+      licenses = spec['licenses'] || [spec['license']].compact
+      licenses = [licenses] unless licenses.is_a?(Array)
+      licenses = licenses.flatten
+      licenses.map do |license|
+        if license.is_a? Hash
+          license['type']
+        else
+          license
+        end
+      end
+    end
+
+    def initialize(name, version = nil, options = {})
+      @logger = options[:logger] || Core.default_logger
+
+      ## DESCRIPTION
+      @name = name
+      @version = version || ''
+      @authors = options[:authors] || ''
+      @summary = options[:summary] || ''
+      @description = options[:description] || ''
+      @homepage = options[:homepage] || ''
+      @package_url = options[:package_url].to_s
+      @children = options[:children] || []
+      @parents = Set.new # will be figured out later by package manager
+      @groups = options[:groups] || []
+
+      ## APPROVAL
+      @permitted = false
+      @restricted = false
+      @manual_approval = nil
+
+      ## LICENSING
+      @license_names_from_spec = options[:spec_licenses] || []
+      @install_path = options[:install_path]
+      @missing = options[:missing] || false
+      @decided_licenses = Set.new
+    end
+
+    ## DESCRIPTION
+
+    attr_accessor :homepage, :package_url
+
+    attr_reader :name, :version, :authors,
+                :summary, :description,
+                :children, :parents, :groups
+
+    ## APPROVAL
+
+    def approved_manually!(approval)
+      @manual_approval = approval
+    end
+
+    def approved_manually?
+      !@manual_approval.nil?
+    end
+
+    def approved?
+      # Question: is `!restricted?` redundant?
+      # DecisionApplier does not call `permitted!` or `approved_manually!`
+      # if a Package has been restricted.
+      (approved_manually? || permitted?) && !restricted?
+    end
+
+    def permitted!
+      @permitted = true
+    end
+
+    def permitted?
+      @permitted
+    end
+
+    def restricted!
+      @restricted = true
+    end
+
+    def restricted?
+      @restricted
+    end
+
+    attr_reader :manual_approval
+
+    ## EQUALITY
+
+    def <=>(other)
+      eq_name = name <=> other.name
+      return eq_name unless eq_name.zero?
+
+      version <=> other.version
+    end
+
+    def eql?(other)
+      name == other.name && version == other.version
+    end
+
+    def hash
+      [name, version].hash
+    end
+
+    ## LICENSING
+
+    attr_reader :license_names_from_spec # stubbed in tests, otherwise private
+    attr_reader :install_path # checked in tests, otherwise private
+
+    def licenses
+      @licenses ||= activations.map(&:license).sort_by(&:name).to_set
+    end
+
+    def activations
+      licensing.activations.tap do |activations|
+        activations.each { |activation| log_activation activation }
+      end
+    end
+
+    def licensing
+      Licensing.new(self, @decided_licenses, licenses_from_spec, license_files)
+    end
+
+    def decide_on_license(license)
+      @decided_licenses << license
+    end
+
+    def licenses_from_spec
+      license_names_from_spec
+        .map { |name| License.find_by_name(name) }
+        .to_set
+    end
+
+    def license_files
+      LicenseFiles.find(install_path, logger: logger)
+    end
+
+    def notice_files
+      NoticeFiles.find(install_path, logger: logger)
+    end
+
+    def package_manager
+      'unknown'
+    end
+
+    def missing?
+      @missing
+    end
+
+    def log_activation(activation)
+      preamble = format('package %s:', activation.package.name)
+      if activation.sources.empty?
+        logger.debug activation.package.class, format('%s no licenses found', preamble)
+      else
+        activation.sources.each do |source|
+          logger.debug activation.package.class, format("%s found license '%s' %s", preamble, activation.license.name, source)
+        end
+      end
+    end
+  end
+end
+
+require 'license_finder/packages/manual_package'
+require 'license_finder/packages/bower_package'
+require 'license_finder/packages/go_package'
+require 'license_finder/packages/bundler_package'
+require 'license_finder/packages/pip_package'
+require 'license_finder/packages/npm_package'
+require 'license_finder/packages/maven_package'
+require 'license_finder/packages/gradle_package'
+require 'license_finder/packages/cocoa_pods_package'
+require 'license_finder/packages/carthage_package'
+require 'license_finder/packages/spm_package'
+require 'license_finder/packages/rebar_package'
+require 'license_finder/packages/erlangmk_package'
+require 'license_finder/packages/mix_package'
+require 'license_finder/packages/merged_package'
+require 'license_finder/packages/nuget_package'
+require 'license_finder/packages/conan_package'
+require 'license_finder/packages/yarn_package'
+require 'license_finder/packages/sbt_package'
+require 'license_finder/packages/cargo_package'
+require 'license_finder/packages/composer_package'
+require 'license_finder/packages/conda_package'

data/lib/license_finder/package_delta.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+module LicenseFinder
+  class PackageDelta
+    STATUSES = %i[added removed unchanged].freeze
+
+    def initialize(status, current_package, previous_package)
+      @status = status
+      @current_package = current_package
+      @previous_package = previous_package
+    end
+
+    def name
+      pick_package.name
+    end
+
+    def version
+      pick_package.version
+    end
+
+    def aggregate_paths
+      pick_package.aggregate_paths
+    end
+
+    attr_reader :status
+
+    def licenses
+      pick_package.licenses
+    end
+
+    def merged_package?
+      pick_package.class == MergedPackage
+    end
+
+    def method_missing(_method_name)
+      nil
+    end
+
+    def self.added(package)
+      new(:added, package, nil)
+    end
+
+    def self.removed(package)
+      new(:removed, nil, package)
+    end
+
+    def self.unchanged(current_package, previous_package)
+      new(:unchanged, current_package, previous_package)
+    end
+
+    def <=>(other)
+      STATUSES.index(status) <=> STATUSES.index(other.status)
+    end
+
+    private
+
+    def pick_package
+      @current_package || @previous_package
+    end
+  end
+end