gitlab-license_finder 6.14.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.force-build +0 -0
- data/.gitignore +13 -0
- data/.rspec +1 -0
- data/.rubocop.yml +70 -0
- data/CHANGELOG.md +981 -0
- data/CONTRIBUTING.md +121 -0
- data/Dockerfile +249 -0
- data/Gemfile +2 -0
- data/LICENSE +22 -0
- data/README.md +555 -0
- data/Rakefile +77 -0
- data/TODO.md +12 -0
- data/VERSION +1 -0
- data/appveyor.yml +21 -0
- data/bin/license_finder +6 -0
- data/bin/license_finder_pip.py +43 -0
- data/ci/pipelines/pull-request.yml.erb +141 -0
- data/ci/pipelines/release.yml.erb +200 -0
- data/ci/scripts/containerize-tests.sh +14 -0
- data/ci/scripts/pushscript.sh +32 -0
- data/ci/scripts/run-rubocop.sh +15 -0
- data/ci/scripts/run-tests.sh +24 -0
- data/ci/scripts/test.ps1 +81 -0
- data/ci/scripts/updateChangelog.sh +84 -0
- data/ci/tasks/build-and-push-gem.yml +10 -0
- data/ci/tasks/build-windows.yml +6 -0
- data/ci/tasks/build.yml +16 -0
- data/ci/tasks/rubocop.yml +15 -0
- data/ci/tasks/run-tests.yml +10 -0
- data/ci/tasks/update-changelog.yml +18 -0
- data/dlf +12 -0
- data/examples/Gemfile +4 -0
- data/examples/custom_erb_template.rb +24 -0
- data/examples/extract_license_data.rb +63 -0
- data/examples/sample_template.erb +7 -0
- data/lib/license_finder/cli/approvals.rb +28 -0
- data/lib/license_finder/cli/base.rb +107 -0
- data/lib/license_finder/cli/dependencies.rb +44 -0
- data/lib/license_finder/cli/ignored_dependencies.rb +32 -0
- data/lib/license_finder/cli/ignored_groups.rb +32 -0
- data/lib/license_finder/cli/inherited_decisions.rb +50 -0
- data/lib/license_finder/cli/licenses.rb +26 -0
- data/lib/license_finder/cli/main.rb +221 -0
- data/lib/license_finder/cli/makes_decisions.rb +38 -0
- data/lib/license_finder/cli/patched_thor.rb +33 -0
- data/lib/license_finder/cli/permitted_licenses.rb +32 -0
- data/lib/license_finder/cli/project_name.rb +32 -0
- data/lib/license_finder/cli/restricted_licenses.rb +32 -0
- data/lib/license_finder/cli.rb +20 -0
- data/lib/license_finder/configuration.rb +186 -0
- data/lib/license_finder/core.rb +118 -0
- data/lib/license_finder/decision_applier.rb +70 -0
- data/lib/license_finder/decisions.rb +312 -0
- data/lib/license_finder/decisions_factory.rb +13 -0
- data/lib/license_finder/diff.rb +51 -0
- data/lib/license_finder/license/any_matcher.rb +15 -0
- data/lib/license_finder/license/definitions.rb +366 -0
- data/lib/license_finder/license/header_matcher.rb +17 -0
- data/lib/license_finder/license/matcher.rb +24 -0
- data/lib/license_finder/license/none_matcher.rb +11 -0
- data/lib/license_finder/license/template.rb +19 -0
- data/lib/license_finder/license/templates/0BSD.txt +10 -0
- data/lib/license_finder/license/templates/Apache1_1.txt +16 -0
- data/lib/license_finder/license/templates/Apache2.txt +172 -0
- data/lib/license_finder/license/templates/BSD.txt +24 -0
- data/lib/license_finder/license/templates/CC01.txt +30 -0
- data/lib/license_finder/license/templates/CDDL1.txt +131 -0
- data/lib/license_finder/license/templates/EPL1.txt +86 -0
- data/lib/license_finder/license/templates/GPLv2.txt +339 -0
- data/lib/license_finder/license/templates/GPLv3.txt +674 -0
- data/lib/license_finder/license/templates/ISC.txt +2 -0
- data/lib/license_finder/license/templates/LGPL.txt +165 -0
- data/lib/license_finder/license/templates/LGPL2_1.txt +169 -0
- data/lib/license_finder/license/templates/MIT.txt +9 -0
- data/lib/license_finder/license/templates/MPL1_1.txt +469 -0
- data/lib/license_finder/license/templates/MPL2.txt +373 -0
- data/lib/license_finder/license/templates/NewBSD.txt +21 -0
- data/lib/license_finder/license/templates/OFL.txt +91 -0
- data/lib/license_finder/license/templates/Python.txt +47 -0
- data/lib/license_finder/license/templates/Ruby.txt +52 -0
- data/lib/license_finder/license/templates/SimplifiedBSD.txt +19 -0
- data/lib/license_finder/license/templates/WTFPL.txt +14 -0
- data/lib/license_finder/license/templates/Zlib.txt +17 -0
- data/lib/license_finder/license/text.rb +45 -0
- data/lib/license_finder/license.rb +117 -0
- data/lib/license_finder/license_aggregator.rb +59 -0
- data/lib/license_finder/logger.rb +69 -0
- data/lib/license_finder/package.rb +202 -0
- data/lib/license_finder/package_delta.rb +61 -0
- data/lib/license_finder/package_manager.rb +181 -0
- data/lib/license_finder/package_managers/bower.rb +37 -0
- data/lib/license_finder/package_managers/bundler.rb +110 -0
- data/lib/license_finder/package_managers/cargo.rb +38 -0
- data/lib/license_finder/package_managers/carthage.rb +68 -0
- data/lib/license_finder/package_managers/cocoa_pods.rb +61 -0
- data/lib/license_finder/package_managers/composer.rb +63 -0
- data/lib/license_finder/package_managers/conan.rb +28 -0
- data/lib/license_finder/package_managers/conda.rb +131 -0
- data/lib/license_finder/package_managers/dep.rb +43 -0
- data/lib/license_finder/package_managers/dotnet.rb +83 -0
- data/lib/license_finder/package_managers/erlangmk.rb +50 -0
- data/lib/license_finder/package_managers/glide.rb +36 -0
- data/lib/license_finder/package_managers/go_15vendorexperiment.rb +87 -0
- data/lib/license_finder/package_managers/go_dep.rb +80 -0
- data/lib/license_finder/package_managers/go_modules.rb +93 -0
- data/lib/license_finder/package_managers/go_workspace.rb +116 -0
- data/lib/license_finder/package_managers/govendor.rb +73 -0
- data/lib/license_finder/package_managers/gradle.rb +99 -0
- data/lib/license_finder/package_managers/gvt.rb +69 -0
- data/lib/license_finder/package_managers/maven.rb +65 -0
- data/lib/license_finder/package_managers/mix.rb +131 -0
- data/lib/license_finder/package_managers/npm.rb +57 -0
- data/lib/license_finder/package_managers/nuget.rb +154 -0
- data/lib/license_finder/package_managers/pip.rb +70 -0
- data/lib/license_finder/package_managers/pipenv.rb +63 -0
- data/lib/license_finder/package_managers/rebar.rb +65 -0
- data/lib/license_finder/package_managers/sbt.rb +50 -0
- data/lib/license_finder/package_managers/spm.rb +93 -0
- data/lib/license_finder/package_managers/trash.rb +43 -0
- data/lib/license_finder/package_managers/yarn.rb +107 -0
- data/lib/license_finder/package_utils/activation.rb +40 -0
- data/lib/license_finder/package_utils/conan_info_parser.rb +77 -0
- data/lib/license_finder/package_utils/gradle_dependency_finder.rb +15 -0
- data/lib/license_finder/package_utils/license_files.rb +41 -0
- data/lib/license_finder/package_utils/licensing.rb +39 -0
- data/lib/license_finder/package_utils/maven_dependency_finder.rb +15 -0
- data/lib/license_finder/package_utils/notice_files.rb +40 -0
- data/lib/license_finder/package_utils/possible_license_file.rb +27 -0
- data/lib/license_finder/package_utils/pypi.rb +41 -0
- data/lib/license_finder/package_utils/sbt_dependency_finder.rb +15 -0
- data/lib/license_finder/packages/bower_package.rb +42 -0
- data/lib/license_finder/packages/bundler_package.rb +33 -0
- data/lib/license_finder/packages/cargo_package.rb +28 -0
- data/lib/license_finder/packages/carthage_package.rb +18 -0
- data/lib/license_finder/packages/cocoa_pods_package.rb +22 -0
- data/lib/license_finder/packages/composer_package.rb +13 -0
- data/lib/license_finder/packages/conan_package.rb +23 -0
- data/lib/license_finder/packages/conda_package.rb +74 -0
- data/lib/license_finder/packages/erlangmk_package.rb +114 -0
- data/lib/license_finder/packages/go_package.rb +32 -0
- data/lib/license_finder/packages/gradle_package.rb +30 -0
- data/lib/license_finder/packages/manual_package.rb +27 -0
- data/lib/license_finder/packages/maven_package.rb +27 -0
- data/lib/license_finder/packages/merged_package.rb +44 -0
- data/lib/license_finder/packages/mix_package.rb +13 -0
- data/lib/license_finder/packages/npm_package.rb +171 -0
- data/lib/license_finder/packages/nuget_package.rb +13 -0
- data/lib/license_finder/packages/pip_package.rb +50 -0
- data/lib/license_finder/packages/rebar_package.rb +13 -0
- data/lib/license_finder/packages/sbt_package.rb +22 -0
- data/lib/license_finder/packages/spm_package.rb +18 -0
- data/lib/license_finder/packages/yarn_package.rb +13 -0
- data/lib/license_finder/platform.rb +15 -0
- data/lib/license_finder/project_finder.rb +62 -0
- data/lib/license_finder/report.rb +33 -0
- data/lib/license_finder/reports/csv_report.rb +99 -0
- data/lib/license_finder/reports/diff_report.rb +29 -0
- data/lib/license_finder/reports/erb_report.rb +58 -0
- data/lib/license_finder/reports/html_report.rb +13 -0
- data/lib/license_finder/reports/json_report.rb +30 -0
- data/lib/license_finder/reports/junit_report.rb +19 -0
- data/lib/license_finder/reports/markdown_report.rb +9 -0
- data/lib/license_finder/reports/merged_report.rb +16 -0
- data/lib/license_finder/reports/templates/bootstrap.css +9 -0
- data/lib/license_finder/reports/templates/html_report.erb +113 -0
- data/lib/license_finder/reports/templates/junit_report.erb +41 -0
- data/lib/license_finder/reports/templates/markdown_report.erb +49 -0
- data/lib/license_finder/reports/templates/xml_report.erb +19 -0
- data/lib/license_finder/reports/text_report.rb +12 -0
- data/lib/license_finder/reports/xml_report.rb +19 -0
- data/lib/license_finder/scanner.rb +83 -0
- data/lib/license_finder/shared_helpers/cmd.rb +13 -0
- data/lib/license_finder/shared_helpers/common_path.rb +29 -0
- data/lib/license_finder/version.rb +6 -0
- data/lib/license_finder.rb +14 -0
- data/license_finder.gemspec +72 -0
- data/release/instructions.md +8 -0
- data/swift-all-keys.asc +240 -0
- metadata +544 -0
data/CONTRIBUTING.md
ADDED
@@ -0,0 +1,121 @@
|
|
1
|
+
# Contributing
|
2
|
+
|
3
|
+
## TL;DR
|
4
|
+
|
5
|
+
* Fork the project from https://github.com/pivotal/LicenseFinder
|
6
|
+
* Create a feature branch.
|
7
|
+
* Make your feature addition or bug fix. Please make sure there is appropriate test coverage.
|
8
|
+
* Rebase on top of master.
|
9
|
+
* Send a pull request with commit messages tagged with an entry specified here: https://keepachangelog.com/en/1.0.0/.
|
10
|
+
|
11
|
+
## Running Tests
|
12
|
+
|
13
|
+
You can use the [LicenseFinder docker image](https://hub.docker.com/r/licensefinder/license_finder/) to run the tests by using the `dlf` script.
|
14
|
+
There are 2 sets of tests to run in order to confirm that License Finder is working as intended:
|
15
|
+
|
16
|
+
```
|
17
|
+
./dlf rake spec
|
18
|
+
./dlf bundle exec rake features
|
19
|
+
```
|
20
|
+
|
21
|
+
The `spec` task runs all the unit test and the `features` task will run all the feature test.
|
22
|
+
Note that the feature test needs to be wrapped in `bundle exec`, or else it
|
23
|
+
will use the gem version installed inside the docker image.
|
24
|
+
|
25
|
+
## Useful Tips
|
26
|
+
|
27
|
+
To build the docker image simply call `docker build .` or explicitly pass the `Dockerfile`. Prebuilt versions of the
|
28
|
+
dockerfile can also be found on [Dockerhub](https://hub.docker.com/r/licensefinder/license_finder/tags/).
|
29
|
+
|
30
|
+
To launch the docker image and interact with it via bash:
|
31
|
+
```
|
32
|
+
docker run -v $PWD:/scan -it licensefinder/license_finder /bin/bash -l
|
33
|
+
|
34
|
+
```
|
35
|
+
`-v $PWD:/scan` will mount the current working directory to the /scan path.
|
36
|
+
|
37
|
+
## Adding Package Managers
|
38
|
+
|
39
|
+
There are a few steps to adding a new package manager.
|
40
|
+
The main things which need to be implemented are mentioned in [Package Manager](https://github.com/pivotal/LicenseFinder/blob/master/lib/license_finder/package_manager.rb).
|
41
|
+
|
42
|
+
[Here](https://github.com/pivotal/LicenseFinder/compare/v2.0.0...v2.0.1) is how
|
43
|
+
support was added for `rebar`, an `erlang` package manager.
|
44
|
+
|
45
|
+
There are feature tests and unit tests for each currently supported package manager.
|
46
|
+
* [Feature test example](https://github.com/pivotal/LicenseFinder/blob/master/features/features/package_managers/gvt_spec.rb)
|
47
|
+
* [Unit test example](https://github.com/pivotal/LicenseFinder/blob/master/spec/lib/license_finder/package_managers/gvt_spec.rb)
|
48
|
+
|
49
|
+
## Adding Licenses
|
50
|
+
|
51
|
+
Add new licenses to `lib/license_finder/license/definitions.rb`. There are
|
52
|
+
existing tools for matching licenses; see, for example, the MIT license, which
|
53
|
+
can be detected in many different ways.
|
54
|
+
|
55
|
+
|
56
|
+
## Adding Reports
|
57
|
+
|
58
|
+
If you need `license_finder` to output additional package data, consider
|
59
|
+
submitting a pull request which adds new columns to
|
60
|
+
`lib/license_finder/reports/csv_report.rb`.
|
61
|
+
|
62
|
+
It is also possible to generate a custom report from an ERB template. Use this
|
63
|
+
[example](https://github.com/pivotal/LicenseFinder/blob/master/examples/custom_erb_template.rb) as a starting
|
64
|
+
point. These reports will have access to the helpers in
|
65
|
+
[`LicenseFinder::ErbReport`](https://github.com/pivotal/LicenseFinder/blob/master/lib/license_finder/reports/erb_report.rb).
|
66
|
+
|
67
|
+
If you need a report with more detailed data or in a different format, we
|
68
|
+
recommend writing a custom ruby script. This
|
69
|
+
[example](https://github.com/pivotal/LicenseFinder/blob/master/examples/extract_license_data.rb) will get you
|
70
|
+
started.
|
71
|
+
|
72
|
+
If you come up with something useful, consider posting it to the Google Group
|
73
|
+
[license-finder@googlegroups.com](license-finder@googlegroups.com).
|
74
|
+
|
75
|
+
|
76
|
+
## Development Dependencies
|
77
|
+
|
78
|
+
To successfully run the test suite, you will need the following installed:
|
79
|
+
- NPM (requires Node)
|
80
|
+
- Yarn (requires Node)
|
81
|
+
- Bower (requires Node and NPM)
|
82
|
+
- Maven (requires Java)
|
83
|
+
- Gradle (requires Java)
|
84
|
+
- Pip (requires python)
|
85
|
+
- Rebar (requires erlang)
|
86
|
+
- GoDep, GoWorkspace, govendor, Glide, Dep, and Gvt (requires golang)
|
87
|
+
- CocoaPods (requires ruby)
|
88
|
+
- Bundler (requires ruby)
|
89
|
+
- Carthage (requires homebrew)
|
90
|
+
- Mix (requires Elixir)
|
91
|
+
- Conan
|
92
|
+
- NuGet
|
93
|
+
- dotnet
|
94
|
+
- Conda (requires python)
|
95
|
+
|
96
|
+
The [LicenseFinder docker image](https://hub.docker.com/r/licensefinder/license_finder/) already contains these dependencies.
|
97
|
+
|
98
|
+
If you run `rake check_dependencies`, you'll see exactly which package managers you're missing.
|
99
|
+
|
100
|
+
### Python
|
101
|
+
|
102
|
+
For the python dependency tests you will want to have virtualenv
|
103
|
+
installed, to allow pip to work without sudo. For more details, see
|
104
|
+
this [post on virtualenv][].
|
105
|
+
|
106
|
+
[post on virtualenv]: http://hackercodex.com/guide/python-development-environment-on-mac-osx/#virtualenv
|
107
|
+
|
108
|
+
You'll need a pip version >= 6.0.
|
109
|
+
|
110
|
+
### JRuby
|
111
|
+
|
112
|
+
If you're running the test suite with jruby, you're probably going to
|
113
|
+
want to set up some environment variables:
|
114
|
+
|
115
|
+
```
|
116
|
+
JAVA_OPTS='-client -XX:+TieredCompilation -XX:TieredStopAtLevel=1' JRUBY_OPTS='-J-Djruby.launch.inproc=true'
|
117
|
+
```
|
118
|
+
|
119
|
+
### Gradle
|
120
|
+
|
121
|
+
You'll need a gradle version >= 1.8.
|
data/Dockerfile
ADDED
@@ -0,0 +1,249 @@
|
|
1
|
+
FROM ubuntu:bionic
|
2
|
+
|
3
|
+
WORKDIR /tmp
|
4
|
+
|
5
|
+
# Versioning
|
6
|
+
ENV PIP_INSTALL_VERSION 19.0.2
|
7
|
+
ENV PIP3_INSTALL_VERSION 20.0.2
|
8
|
+
ENV GO_LANG_VERSION 1.14.3
|
9
|
+
ENV MAVEN_VERSION 3.6.0
|
10
|
+
ENV SBT_VERSION 1.3.3
|
11
|
+
ENV GRADLE_VERSION 5.6.4
|
12
|
+
ENV RUBY_VERSION 2.7.1
|
13
|
+
ENV MIX_VERSION 1.0
|
14
|
+
ENV COMPOSER_ALLOW_SUPERUSER 1
|
15
|
+
|
16
|
+
# programs needed for building
|
17
|
+
RUN apt-get update && apt-get install -y \
|
18
|
+
build-essential \
|
19
|
+
curl \
|
20
|
+
sudo \
|
21
|
+
unzip \
|
22
|
+
wget \
|
23
|
+
gnupg2 \
|
24
|
+
apt-utils \
|
25
|
+
software-properties-common \
|
26
|
+
bzr
|
27
|
+
|
28
|
+
RUN add-apt-repository ppa:git-core/ppa && apt-get update && apt-get install -y git
|
29
|
+
|
30
|
+
# nodejs seems to be required for the one of the gems
|
31
|
+
RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - && \
|
32
|
+
apt-get -y install nodejs
|
33
|
+
|
34
|
+
# install yarn
|
35
|
+
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add - && \
|
36
|
+
echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list && \
|
37
|
+
apt-get update && \
|
38
|
+
apt-get install yarn
|
39
|
+
|
40
|
+
# install bower
|
41
|
+
RUN npm install -g bower && \
|
42
|
+
echo '{ "allow_root": true }' > /root/.bowerrc
|
43
|
+
|
44
|
+
# install jdk 12
|
45
|
+
RUN curl -L -o openjdk12.tar.gz https://download.java.net/java/GA/jdk12.0.2/e482c34c86bd4bf8b56c0b35558996b9/10/GPL/openjdk-12.0.2_linux-x64_bin.tar.gz && \
|
46
|
+
tar xvf openjdk12.tar.gz && \
|
47
|
+
rm openjdk12.tar.gz && \
|
48
|
+
sudo mv jdk-12.0.2 /opt/ && \
|
49
|
+
sudo rm /opt/jdk-12.0.2/lib/src.zip
|
50
|
+
ENV JAVA_HOME=/opt/jdk-12.0.2
|
51
|
+
ENV PATH=$PATH:$JAVA_HOME/bin
|
52
|
+
RUN java -version
|
53
|
+
|
54
|
+
# install rebar3
|
55
|
+
RUN curl -o rebar3 https://s3.amazonaws.com/rebar3/rebar3 && \
|
56
|
+
sudo chmod +x rebar3 && \
|
57
|
+
sudo mv rebar3 /usr/local/bin/rebar3
|
58
|
+
|
59
|
+
# install and update python and python-pip
|
60
|
+
RUN apt-get install -y python python-pip python3-pip && \
|
61
|
+
python3 -m pip install pip==$PIP3_INSTALL_VERSION --upgrade && \
|
62
|
+
python -m pip install pip==$PIP_INSTALL_VERSION --upgrade --force
|
63
|
+
|
64
|
+
# install maven
|
65
|
+
RUN curl -O https://archive.apache.org/dist/maven/maven-3/$MAVEN_VERSION/binaries/apache-maven-$MAVEN_VERSION-bin.tar.gz && \
|
66
|
+
tar -xf apache-maven-$MAVEN_VERSION-bin.tar.gz; rm -rf apache-maven-$MAVEN_VERSION-bin.tar.gz && \
|
67
|
+
mv apache-maven-$MAVEN_VERSION /usr/local/lib/maven && \
|
68
|
+
ln -s /usr/local/lib/maven/bin/mvn /usr/local/bin/mvn
|
69
|
+
|
70
|
+
# install sbt
|
71
|
+
RUN mkdir -p /usr/local/share/sbt-launcher-packaging && \
|
72
|
+
curl --progress \
|
73
|
+
--retry 3 \
|
74
|
+
--retry-delay 15 \
|
75
|
+
--location "https://github.com/sbt/sbt/releases/download/v${SBT_VERSION}/sbt-${SBT_VERSION}.tgz" \
|
76
|
+
--output "/tmp/sbt-${SBT_VERSION}.tgz" && \
|
77
|
+
tar -xzf "/tmp/sbt-${SBT_VERSION}.tgz" -C /usr/local/share/sbt-launcher-packaging --strip-components=1 && \
|
78
|
+
ln -s /usr/local/share/sbt-launcher-packaging/bin/sbt /usr/local/bin/sbt && \
|
79
|
+
rm -f "/tmp/sbt-${SBT_VERSION}.tgz"
|
80
|
+
|
81
|
+
# install gradle
|
82
|
+
RUN curl -L -o gradle.zip https://services.gradle.org/distributions/gradle-$GRADLE_VERSION-bin.zip && \
|
83
|
+
unzip -q gradle.zip && \
|
84
|
+
rm gradle.zip && \
|
85
|
+
mv gradle-$GRADLE_VERSION /root/gradle
|
86
|
+
ENV PATH=/root/gradle/bin:$PATH
|
87
|
+
|
88
|
+
#install go
|
89
|
+
WORKDIR /go
|
90
|
+
RUN wget https://storage.googleapis.com/golang/go$GO_LANG_VERSION.linux-amd64.tar.gz -O go.tar.gz && tar --strip-components=1 -xf go.tar.gz && rm -f go.tar.gz
|
91
|
+
ENV GOROOT /go
|
92
|
+
ENV PATH=$PATH:/go/bin
|
93
|
+
|
94
|
+
# godep is now required for license_finder to work for project that are still managed with GoDep
|
95
|
+
ENV GOROOT=/go
|
96
|
+
ENV GOPATH=/gopath
|
97
|
+
ENV PATH=$PATH:$GOPATH/bin
|
98
|
+
RUN mkdir /gopath && \
|
99
|
+
go get github.com/tools/godep && \
|
100
|
+
go get github.com/FiloSottile/gvt && \
|
101
|
+
go get github.com/Masterminds/glide && \
|
102
|
+
go get github.com/kardianos/govendor && \
|
103
|
+
go get github.com/golang/dep/cmd/dep && \
|
104
|
+
go get -u github.com/rancher/trash && \
|
105
|
+
go clean -cache
|
106
|
+
|
107
|
+
WORKDIR /tmp
|
108
|
+
# Fix the locale
|
109
|
+
RUN apt-get install -y locales
|
110
|
+
RUN locale-gen en_US.UTF-8
|
111
|
+
ENV LANG=en_US.UTF-8
|
112
|
+
ENV LANGUAGE=en_US:en
|
113
|
+
ENV LC_ALL=en_US.UTF-8
|
114
|
+
|
115
|
+
# install Cargo
|
116
|
+
RUN curl https://sh.rustup.rs -sSf | bash -ls -- -y --profile minimal
|
117
|
+
|
118
|
+
#install rvm
|
119
|
+
RUN apt-add-repository -y ppa:rael-gc/rvm && \
|
120
|
+
apt update && apt install -y rvm && \
|
121
|
+
/usr/share/rvm/bin/rvm install --default $RUBY_VERSION
|
122
|
+
|
123
|
+
# install bundler
|
124
|
+
RUN bash -lc "gem update --system && gem install bundler"
|
125
|
+
|
126
|
+
#install mix
|
127
|
+
RUN wget https://packages.erlang-solutions.com/erlang-solutions_${MIX_VERSION}_all.deb && \
|
128
|
+
sudo dpkg -i erlang-solutions_${MIX_VERSION}_all.deb && \
|
129
|
+
sudo rm -f erlang-solutions_${MIX_VERSION}_all.deb && \
|
130
|
+
sudo apt-get update && \
|
131
|
+
sudo apt-get install -y esl-erlang && \
|
132
|
+
sudo apt-get install -y elixir
|
133
|
+
|
134
|
+
# install conan
|
135
|
+
RUN apt-get install -y python-dev && \
|
136
|
+
pip install --no-cache-dir --ignore-installed six --ignore-installed colorama \
|
137
|
+
--ignore-installed requests --ignore-installed chardet \
|
138
|
+
--ignore-installed urllib3 \
|
139
|
+
--upgrade setuptools && \
|
140
|
+
pip install --no-cache-dir -Iv conan==1.11.2 && \
|
141
|
+
conan config install https://github.com/conan-io/conanclientcert.git
|
142
|
+
|
143
|
+
|
144
|
+
# install NuGet (w. mono)
|
145
|
+
# https://docs.microsoft.com/en-us/nuget/install-nuget-client-tools#macoslinux
|
146
|
+
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF &&\
|
147
|
+
echo "deb https://download.mono-project.com/repo/ubuntu stable-bionic main" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list &&\
|
148
|
+
apt-get update &&\
|
149
|
+
apt-get install -y mono-complete &&\
|
150
|
+
curl -o "/usr/local/bin/nuget.exe" "https://dist.nuget.org/win-x86-commandline/latest/nuget.exe" &&\
|
151
|
+
curl -o "/usr/local/bin/nugetv3.5.0.exe" "https://dist.nuget.org/win-x86-commandline/v3.5.0/nuget.exe"
|
152
|
+
|
153
|
+
# install dotnet core
|
154
|
+
RUN wget -q https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb &&\
|
155
|
+
sudo dpkg -i packages-microsoft-prod.deb &&\
|
156
|
+
rm packages-microsoft-prod.deb &&\
|
157
|
+
sudo apt-get update &&\
|
158
|
+
sudo apt-get install -y dotnet-runtime-2.1 dotnet-sdk-2.1 dotnet-sdk-2.2 dotnet-sdk-3.0 dotnet-sdk-3.1
|
159
|
+
|
160
|
+
# install Composer
|
161
|
+
# The ARG and ENV are for installing tzdata which is part of this installaion.
|
162
|
+
# https://serverfault.com/questions/949991/how-to-install-tzdata-on-a-ubuntu-docker-image
|
163
|
+
ENV TZ=GMT
|
164
|
+
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 4F4EA0AAE5267A6C &&\
|
165
|
+
echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu bionic main" | sudo tee /etc/apt/sources.list.d/php.list &&\
|
166
|
+
apt-get update &&\
|
167
|
+
export DEBIAN_FRONTEND=noninteractive &&\
|
168
|
+
apt-get install -y php7.4-cli &&\
|
169
|
+
EXPECTED_COMPOSER_INSTALLER_CHECKSUM="$(curl --silent https://composer.github.io/installer.sig)" &&\
|
170
|
+
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" &&\
|
171
|
+
ACTUAL_COMPOSER_INSTALLER_CHECKSUM="$(php -r "echo hash_file('sha384', 'composer-setup.php');")" &&\
|
172
|
+
test "${ACTUAL_COMPOSER_INSTALLER_CHECKSUM}" = "${EXPECTED_COMPOSER_INSTALLER_CHECKSUM}" || (echo "ERROR: Invalid installer checksum" >&2; false) &&\
|
173
|
+
php composer-setup.php &&\
|
174
|
+
php -r "unlink('composer-setup.php');" &&\
|
175
|
+
mv composer.phar /usr/bin/composer
|
176
|
+
|
177
|
+
# install miniconda
|
178
|
+
# See https://docs.conda.io/en/latest/miniconda_hashes.html
|
179
|
+
# for latest versions and SHAs.
|
180
|
+
RUN \
|
181
|
+
conda_installer=Miniconda3-py38_4.9.2-Linux-x86_64.sh &&\
|
182
|
+
ref='1314b90489f154602fd794accfc90446111514a5a72fe1f71ab83e07de9504a7' &&\
|
183
|
+
wget -q https://repo.anaconda.com/miniconda/${conda_installer} &&\
|
184
|
+
sha=`openssl sha256 "${conda_installer}" | cut -d' ' -f2` &&\
|
185
|
+
([ "$sha" = "${ref}" ] || (echo "Verification failed: ${sha} != ${ref}"; false)) &&\
|
186
|
+
(echo; echo "yes") | sh "${conda_installer}"
|
187
|
+
|
188
|
+
# install Swift Package Manager
|
189
|
+
# Based on https://github.com/apple/swift-docker/blob/main/5.3/ubuntu/18.04/Dockerfile
|
190
|
+
# The GPG download steps has been modified. Keys are now on LF repo and copied instaad of downloaded.
|
191
|
+
# Refer to https://swift.org/download/#using-downloads in the Linux section on how to download the keys
|
192
|
+
RUN apt-get -q install -y \
|
193
|
+
libatomic1 \
|
194
|
+
libcurl4 \
|
195
|
+
libxml2 \
|
196
|
+
libedit2 \
|
197
|
+
libsqlite3-0 \
|
198
|
+
libc6-dev \
|
199
|
+
binutils \
|
200
|
+
libgcc-5-dev \
|
201
|
+
libstdc++-5-dev \
|
202
|
+
zlib1g-dev \
|
203
|
+
libpython2.7 \
|
204
|
+
tzdata \
|
205
|
+
git \
|
206
|
+
pkg-config \
|
207
|
+
&& rm -r /var/lib/apt/lists/*
|
208
|
+
|
209
|
+
# pub 4096R/ED3D1561 2019-03-22 [SC] [expires: 2023-03-23]
|
210
|
+
# Key fingerprint = A62A E125 BBBF BB96 A6E0 42EC 925C C1CC ED3D 1561
|
211
|
+
# uid Swift 5.x Release Signing Key <swift-infrastructure@swift.org
|
212
|
+
ARG SWIFT_SIGNING_KEY=A62AE125BBBFBB96A6E042EC925CC1CCED3D1561
|
213
|
+
ARG SWIFT_PLATFORM=ubuntu18.04
|
214
|
+
ARG SWIFT_BRANCH=swift-5.3.3-release
|
215
|
+
ARG SWIFT_VERSION=swift-5.3.3-RELEASE
|
216
|
+
ARG SWIFT_WEBROOT=https://download.swift.org
|
217
|
+
|
218
|
+
ENV SWIFT_SIGNING_KEY=$SWIFT_SIGNING_KEY \
|
219
|
+
SWIFT_PLATFORM=$SWIFT_PLATFORM \
|
220
|
+
SWIFT_BRANCH=$SWIFT_BRANCH \
|
221
|
+
SWIFT_VERSION=$SWIFT_VERSION \
|
222
|
+
SWIFT_WEBROOT=$SWIFT_WEBROOT
|
223
|
+
|
224
|
+
COPY swift-all-keys.asc .
|
225
|
+
RUN set -e; \
|
226
|
+
SWIFT_WEBDIR="$SWIFT_WEBROOT/$SWIFT_BRANCH/$(echo $SWIFT_PLATFORM | tr -d .)" \
|
227
|
+
&& SWIFT_BIN_URL="$SWIFT_WEBDIR/$SWIFT_VERSION/$SWIFT_VERSION-$SWIFT_PLATFORM.tar.gz" \
|
228
|
+
&& SWIFT_SIG_URL="$SWIFT_BIN_URL.sig" \
|
229
|
+
# - Grab curl here so we cache better up above
|
230
|
+
&& export DEBIAN_FRONTEND=noninteractive \
|
231
|
+
&& apt-get -q update && apt-get -q install -y curl && rm -rf /var/lib/apt/lists/* \
|
232
|
+
# - Download the GPG keys, Swift toolchain, and toolchain signature, and verify.
|
233
|
+
&& export GNUPGHOME="$(mktemp -d)" \
|
234
|
+
&& curl -fsSL "$SWIFT_BIN_URL" -o swift.tar.gz "$SWIFT_SIG_URL" -o swift.tar.gz.sig \
|
235
|
+
&& gpg --import swift-all-keys.asc \
|
236
|
+
&& gpg --batch --verify swift.tar.gz.sig swift.tar.gz \
|
237
|
+
# - Unpack the toolchain, set libs permissions, and clean up.
|
238
|
+
&& tar -xzf swift.tar.gz --directory / --strip-components=1 \
|
239
|
+
&& chmod -R o+r /usr/lib/swift \
|
240
|
+
&& rm -rf "$GNUPGHOME" swift.tar.gz.sig swift.tar.gz \
|
241
|
+
set +e
|
242
|
+
|
243
|
+
# install license_finder
|
244
|
+
COPY . /LicenseFinder
|
245
|
+
RUN bash -lc "cd /LicenseFinder && bundle config set no-cache 'true' && bundle install -j4 && rake install"
|
246
|
+
|
247
|
+
WORKDIR /
|
248
|
+
|
249
|
+
CMD cd /scan && /bin/bash -l
|
data/Gemfile
ADDED
data/LICENSE
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
The MIT License
|
2
|
+
|
3
|
+
Copyright (c) 2012-2020 Pivotal Software, Inc. All Rights Reserved.
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in
|
13
|
+
all copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
21
|
+
THE SOFTWARE.
|
22
|
+
|