license_finder 0.5.0 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- data/.travis.yml +22 -0
- data/README.markdown +56 -92
- data/Rakefile +1 -1
- data/bin/license_finder +1 -1
- data/features/approve_dependencies.feature +49 -0
- data/features/html_report.feature +48 -0
- data/features/license_finder.feature +36 -0
- data/features/license_finder_rake_task.feature +36 -0
- data/features/rails_rake.feature +9 -0
- data/features/step_definitions/steps.rb +78 -31
- data/features/text_report.feature +27 -0
- data/lib/{templates/Apache.txt → data/licenses/Apache2.txt} +0 -0
- data/lib/{templates → data/licenses}/BSD.txt +0 -0
- data/lib/{templates → data/licenses}/GPLv2.txt +0 -0
- data/lib/{templates → data/licenses}/ISC.txt +0 -0
- data/lib/{templates → data/licenses}/LGPL.txt +0 -0
- data/lib/{templates → data/licenses}/MIT.txt +0 -0
- data/lib/{templates → data/licenses}/NewBSD.txt +0 -0
- data/lib/{templates → data/licenses}/Ruby.txt +0 -0
- data/lib/{templates → data/licenses}/SimplifiedBSD.txt +0 -0
- data/lib/license_finder.rb +11 -32
- data/lib/license_finder/bundle.rb +33 -0
- data/lib/license_finder/bundled_gem.rb +20 -14
- data/lib/license_finder/cli.rb +4 -3
- data/lib/license_finder/configuration.rb +34 -0
- data/lib/license_finder/dependency.rb +27 -22
- data/lib/license_finder/dependency_list.rb +35 -13
- data/lib/license_finder/license.rb +11 -1
- data/lib/license_finder/license/apache2.rb +8 -0
- data/lib/license_finder/license/bsd.rb +2 -0
- data/lib/license_finder/license/gplv2.rb +2 -0
- data/lib/license_finder/license/isc.rb +1 -0
- data/lib/license_finder/license/lgpl.rb +1 -0
- data/lib/license_finder/license/mit.rb +4 -1
- data/lib/license_finder/license/new_bsd.rb +3 -0
- data/lib/license_finder/license/ruby.rb +2 -2
- data/lib/license_finder/license/simplified_bsd.rb +3 -0
- data/lib/license_finder/license_url.rb +10 -0
- data/lib/license_finder/possible_license_file.rb +2 -2
- data/lib/license_finder/railtie.rb +1 -3
- data/lib/license_finder/reporter.rb +51 -0
- data/lib/license_finder/viewable.rb +31 -0
- data/lib/tasks/license_finder.rake +3 -28
- data/lib/templates/dependency.html.erb +54 -0
- data/lib/templates/dependency_list.html.erb +38 -0
- data/license_finder.gemspec +12 -4
- data/spec/lib/license_finder/bundled_gem_spec.rb +5 -3
- data/spec/lib/license_finder/dependency_list_spec.rb +54 -9
- data/spec/lib/license_finder/dependency_spec.rb +93 -57
- data/spec/lib/license_finder/license/apache_spec.rb +2 -2
- data/spec/lib/license_finder/license/mit_spec.rb +1 -1
- data/spec/lib/license_finder/license_spec.rb +14 -0
- data/spec/lib/license_finder/license_url_spec.rb +20 -0
- data/spec/lib/license_finder/reporter_spec.rb +5 -0
- data/spec/lib/license_finder_spec.rb +2 -0
- data/spec/spec_helper.rb +0 -1
- data/spec/support/license_examples.rb +6 -0
- metadata +68 -33
- data/features/executables/license_finder.feature +0 -19
- data/features/rake_tasks/action_items.feature +0 -27
- data/features/rake_tasks/action_items_ok.feature +0 -23
- data/features/rake_tasks/generate_dependencies.feature +0 -62
- data/features/rake_tasks/init.feature +0 -26
- data/features/rake_tasks/regressions.feature +0 -18
- data/lib/license_finder/bundler_dependency_query.rb +0 -51
- data/lib/license_finder/finder.rb +0 -39
- data/lib/license_finder/license/apache.rb +0 -5
- data/spec/lib/license_finder/finder_spec.rb +0 -36
@@ -1,19 +0,0 @@
|
|
1
|
-
Feature: License Finder command line executable
|
2
|
-
|
3
|
-
Scenario: I want to check if any of my dependencies are not approved
|
4
|
-
Given I have an application setup with rake and license finder
|
5
|
-
And my app depends on a gem "gpl_licensed_gem" licensed with "GPL"
|
6
|
-
And my app depends on a gem "mit_licensed_gem" licensed with "MIT"
|
7
|
-
And I whitelist the "MIT" license
|
8
|
-
When I run "license_finder"
|
9
|
-
Then I should see "gpl_licensed_gem" in its output
|
10
|
-
And I should not see "mit_licensed_gem" in its output
|
11
|
-
And it should exit with status code 1
|
12
|
-
|
13
|
-
Scenario: I want my build to pass when all dependencies are approved
|
14
|
-
Given I have an application setup with rake and license finder
|
15
|
-
And my app depends on a gem "mit_licensed_gem" licensed with "MIT"
|
16
|
-
And I whitelist the following licenses: "MIT, other"
|
17
|
-
When I run "license_finder"
|
18
|
-
Then it should exit with status code 0
|
19
|
-
And I should see "All gems are approved for use" in its output
|
@@ -1,27 +0,0 @@
|
|
1
|
-
Feature: rake license:action_items
|
2
|
-
As a user
|
3
|
-
I want a rake task "license:action_items" that lists any dependencies with licenses that fall outside of my whitelist
|
4
|
-
So that I know the limitations of distributing my application
|
5
|
-
|
6
|
-
Background:
|
7
|
-
Given I have an application setup with rake and license finder
|
8
|
-
|
9
|
-
Scenario: Application with non-free dependency
|
10
|
-
Given my app depends on a gem "gpl_licensed_gem" licensed with "GPL"
|
11
|
-
And my app depends on a gem "mit_licensed_gem" licensed with "MIT"
|
12
|
-
And I whitelist the "MIT" license
|
13
|
-
When I run "rake license:action_items"
|
14
|
-
Then I should see "gpl_licensed_gem" in its output
|
15
|
-
And I should not see "mit_licensed_gem" in its output
|
16
|
-
|
17
|
-
Scenario: Application with action items
|
18
|
-
Given my app depends on a gem "gpl_licensed_gem" licensed with "GPL"
|
19
|
-
And I whitelist the "MIT" license
|
20
|
-
When I run "rake license:action_items"
|
21
|
-
Then it should exit with status code 1
|
22
|
-
|
23
|
-
Scenario: Application with no action items
|
24
|
-
Given I whitelist the "MIT" license
|
25
|
-
When I run "rake license:action_items"
|
26
|
-
Then I should see "All gems are approved for use" in its output
|
27
|
-
And it should exit with status code 0
|
@@ -1,23 +0,0 @@
|
|
1
|
-
Feature: rake license:action_items:ok
|
2
|
-
As a user
|
3
|
-
I want a rake task "license:action_items:ok" that returns 0/1 exit codes based on whether or not there any action items
|
4
|
-
So that I can create a CI build that fails if there are any action items
|
5
|
-
|
6
|
-
Background:
|
7
|
-
Given I have an application setup with rake and license finder
|
8
|
-
|
9
|
-
Scenario: Application with action items
|
10
|
-
Given my app depends on a gem "gpl_licensed_gem" licensed with "GPL"
|
11
|
-
And I whitelist the "MIT" license
|
12
|
-
When I run "rake license:action_items:ok"
|
13
|
-
Then it should exit with status code 1
|
14
|
-
|
15
|
-
Scenario: Application with no action items
|
16
|
-
Given I whitelist the following licenses: "MIT"
|
17
|
-
When I run "rake license:action_items:ok"
|
18
|
-
Then I should see "All gems are approved for use" in its output
|
19
|
-
And it should exit with status code 0
|
20
|
-
|
21
|
-
Scenario: Deprecation for version 1.0
|
22
|
-
When I run "rake license:action_items:ok"
|
23
|
-
Then I should see "rake license:action_items:ok is deprecated and will be removed in version 1.0. Use rake license:action_items instead." in its output
|
@@ -1,62 +0,0 @@
|
|
1
|
-
Feature: rake license:generate_dependencies
|
2
|
-
As a user
|
3
|
-
I want a rake task the generates a list of all my application's dependencies and their licenses
|
4
|
-
So that I can manually approve a dependency with a non-whitelisted license
|
5
|
-
|
6
|
-
Scenario: Manually approve non-whitelisted dependency
|
7
|
-
Given I have an application setup with rake and license finder
|
8
|
-
And my app depends on a gem "gpl_gem" licensed with "GPL"
|
9
|
-
And I whitelist the "MIT" license
|
10
|
-
|
11
|
-
When I run "rake license:generate_dependencies"
|
12
|
-
Then I should see the following settings for "gpl_gem":
|
13
|
-
"""
|
14
|
-
version: "0.0.0"
|
15
|
-
license: "GPL"
|
16
|
-
approved: false
|
17
|
-
"""
|
18
|
-
|
19
|
-
When I update the settings for "gpl_gem" with the following content:
|
20
|
-
"""
|
21
|
-
approved: true
|
22
|
-
"""
|
23
|
-
And I run "rake license:action_items"
|
24
|
-
Then I should not see "gpl_gem" in its output
|
25
|
-
|
26
|
-
Scenario: Manually adding a javascript dependency to dependencies.yml
|
27
|
-
Given I have an application setup with rake and license finder
|
28
|
-
When I run "rake license:generate_dependencies"
|
29
|
-
And I add the following content to "dependencies.yml":
|
30
|
-
"""
|
31
|
-
- name: "my_javascript_library"
|
32
|
-
version: "0.0.0"
|
33
|
-
license: "GPL"
|
34
|
-
approved: false
|
35
|
-
"""
|
36
|
-
And I run "rake license:action_items"
|
37
|
-
Then I should see "my_javascript_library" in its output
|
38
|
-
|
39
|
-
When I update the settings for "my_javascript_library" with the following content:
|
40
|
-
"""
|
41
|
-
approved: true
|
42
|
-
"""
|
43
|
-
And I run "rake license:action_items"
|
44
|
-
Then I should not see "my_javascript_library" in its output
|
45
|
-
|
46
|
-
Scenario: I want to see the group that my dependencies belong to in the dependencies.txt
|
47
|
-
Given I have an application setup with rake and license finder
|
48
|
-
And my app depends on a gem "mit_gem" licensed with "MIT" in the "production" bundler groups
|
49
|
-
When I run "rake license:generate_dependencies"
|
50
|
-
Then license finder should generate a file "dependencies.txt" containing:
|
51
|
-
"""
|
52
|
-
mit_gem 0.0.0, MIT, production
|
53
|
-
"""
|
54
|
-
|
55
|
-
Scenario: I have specified multiple groups for my gem
|
56
|
-
Given I have an application setup with rake and license finder
|
57
|
-
And my app depends on a gem "mit_gem" licensed with "MIT" in the "production, demo, staging" bundler groups
|
58
|
-
When I run "rake license:generate_dependencies"
|
59
|
-
Then license finder should generate a file "dependencies.txt" containing:
|
60
|
-
"""
|
61
|
-
mit_gem 0.0.0, MIT, production, demo, staging
|
62
|
-
"""
|
@@ -1,26 +0,0 @@
|
|
1
|
-
Feature: rake license:init
|
2
|
-
As a user
|
3
|
-
I want a rake task the generates a sample license finder configuration for me
|
4
|
-
So that I can easily get started using License Finder
|
5
|
-
|
6
|
-
Scenario: No license finder configuration
|
7
|
-
Given I have a rails application with license finder
|
8
|
-
When I run "rake license:init"
|
9
|
-
Then license finder should generate a file "config/license_finder.yml" with the following content:
|
10
|
-
"""
|
11
|
-
---
|
12
|
-
whitelist:
|
13
|
-
#- MIT
|
14
|
-
#- Apache 2.0
|
15
|
-
ignore_groups:
|
16
|
-
#- test
|
17
|
-
#- development
|
18
|
-
dependencies_file_dir: './'
|
19
|
-
"""
|
20
|
-
|
21
|
-
Scenario: The project including LicenseFinder does not already have a config directory
|
22
|
-
Given I have an application with license finder
|
23
|
-
And my application's rake file requires license finder
|
24
|
-
And my application does not have a config directory
|
25
|
-
When I run "rake license:init"
|
26
|
-
Then the config directory should exist
|
@@ -1,18 +0,0 @@
|
|
1
|
-
Feature: Catch Regressions!
|
2
|
-
|
3
|
-
Scenario Outline: Generating dependencies multiple times should not lose information
|
4
|
-
Given I have an application setup with rake and license finder
|
5
|
-
And my application depends on a gem "descriptive_gem" with:
|
6
|
-
| license | summary | description |
|
7
|
-
| MIT | summary | description |
|
8
|
-
When I run "<command>"
|
9
|
-
And I run "<command>"
|
10
|
-
Then license finder should generate a file "dependencies.txt" containing:
|
11
|
-
"""
|
12
|
-
descriptive_gem 0.0.0, MIT, summary, description, default
|
13
|
-
"""
|
14
|
-
|
15
|
-
Examples:
|
16
|
-
| command |
|
17
|
-
| rake license:generate_dependencies |
|
18
|
-
| rake license:action_items |
|
@@ -1,51 +0,0 @@
|
|
1
|
-
module LicenseFinder
|
2
|
-
class BundlerDependencyQuery
|
3
|
-
def dependencies
|
4
|
-
bundler_definition.specs_for(requested_groups).map do |spec|
|
5
|
-
dependency = define_a_new_dependency_from_a_gemspec(spec)
|
6
|
-
add_additional_information_from_bundler_to_a_dependency(dependency)
|
7
|
-
end
|
8
|
-
end
|
9
|
-
|
10
|
-
private
|
11
|
-
|
12
|
-
def add_additional_information_from_bundler_to_a_dependency(dependency)
|
13
|
-
bundler_dependency = find_bundlers_representation_of_a_dependency_by_name(dependency.name)
|
14
|
-
|
15
|
-
if bundler_dependency
|
16
|
-
dependency.bundler_groups = bundler_dependency.groups
|
17
|
-
end
|
18
|
-
|
19
|
-
dependency
|
20
|
-
end
|
21
|
-
|
22
|
-
def define_a_new_dependency_from_a_gemspec(gemspec)
|
23
|
-
BundledGem.new(gemspec).dependency
|
24
|
-
end
|
25
|
-
|
26
|
-
def find_bundlers_representation_of_a_dependency_by_name(name)
|
27
|
-
bundler_dependencies.detect { |dep| dep.name == name }
|
28
|
-
end
|
29
|
-
|
30
|
-
def requested_groups
|
31
|
-
bundler_definition.groups - LicenseFinder.config.ignore_groups
|
32
|
-
end
|
33
|
-
|
34
|
-
def gemfile_path
|
35
|
-
Pathname.new("Gemfile").expand_path
|
36
|
-
end
|
37
|
-
|
38
|
-
def lockfile_path
|
39
|
-
root = gemfile_path.dirname
|
40
|
-
root.join('Gemfile.lock')
|
41
|
-
end
|
42
|
-
|
43
|
-
def bundler_dependencies
|
44
|
-
@bundler_dependencies ||= bundler_definition.dependencies
|
45
|
-
end
|
46
|
-
|
47
|
-
def bundler_definition
|
48
|
-
@bundler_definition ||= Bundler::Definition.build(gemfile_path, lockfile_path, nil)
|
49
|
-
end
|
50
|
-
end
|
51
|
-
end
|
@@ -1,39 +0,0 @@
|
|
1
|
-
module LicenseFinder
|
2
|
-
class Finder
|
3
|
-
def from_bundler
|
4
|
-
require 'bundler'
|
5
|
-
Bundler.load.specs.map { |spec| BundledGem.new(spec) }.sort_by &:sort_order
|
6
|
-
end
|
7
|
-
|
8
|
-
def write_files
|
9
|
-
new_list = generate_list
|
10
|
-
|
11
|
-
File.open(LicenseFinder.config.dependencies_yaml, 'w+') do |f|
|
12
|
-
f.puts new_list.to_yaml
|
13
|
-
end
|
14
|
-
|
15
|
-
File.open(LicenseFinder.config.dependencies_text, 'w+') do |f|
|
16
|
-
f.puts new_list.to_s
|
17
|
-
end
|
18
|
-
end
|
19
|
-
|
20
|
-
def action_items
|
21
|
-
new_list = generate_list
|
22
|
-
new_list.action_items
|
23
|
-
end
|
24
|
-
|
25
|
-
private
|
26
|
-
|
27
|
-
def generate_list
|
28
|
-
bundler_list = DependencyList.from_bundler
|
29
|
-
|
30
|
-
if File.exists?(LicenseFinder.config.dependencies_yaml)
|
31
|
-
yml = File.open(LicenseFinder.config.dependencies_yaml).readlines.join
|
32
|
-
existing_list = DependencyList.from_yaml(yml)
|
33
|
-
existing_list.merge(bundler_list)
|
34
|
-
else
|
35
|
-
bundler_list
|
36
|
-
end
|
37
|
-
end
|
38
|
-
end
|
39
|
-
end
|
@@ -1,36 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
describe LicenseFinder::Finder do
|
4
|
-
before do
|
5
|
-
config = stub(LicenseFinder).config.stub!
|
6
|
-
config.dependencies_yaml { './dependencies.yml' }
|
7
|
-
config.dependencies_text { './dependencies.txt' }
|
8
|
-
end
|
9
|
-
|
10
|
-
it "should generate a yml file and txt file" do
|
11
|
-
stub(File).exists?('./dependencies.yml') {false}
|
12
|
-
|
13
|
-
yml_output = StringIO.new
|
14
|
-
txt_output = StringIO.new
|
15
|
-
stub(File).open('./dependencies.yml', 'w+').yields(yml_output)
|
16
|
-
stub(File).open('./dependencies.txt', 'w+').yields(txt_output)
|
17
|
-
stub(LicenseFinder::DependencyList).from_bundler.stub!.to_yaml {"output"}
|
18
|
-
LicenseFinder::Finder.new.write_files
|
19
|
-
yml_output.string.should == "output\n"
|
20
|
-
end
|
21
|
-
|
22
|
-
it 'should update an existing yml file' do
|
23
|
-
stub(File).exists?('./dependencies.yml') {true}
|
24
|
-
|
25
|
-
yml_output = StringIO.new
|
26
|
-
txt_output = StringIO.new
|
27
|
-
stub(File).open('./dependencies.yml').stub!.readlines {['existing yml']}
|
28
|
-
stub(File).open('./dependencies.yml', 'w+').yields(yml_output)
|
29
|
-
stub(File).open('./dependencies.txt', 'w+').yields(txt_output)
|
30
|
-
|
31
|
-
stub(LicenseFinder::DependencyList).from_yaml.stub!.merge.stub!.to_yaml {"output"}
|
32
|
-
stub(LicenseFinder::DependencyList).from_bundler
|
33
|
-
LicenseFinder::Finder.new.write_files
|
34
|
-
yml_output.string.should == "output\n"
|
35
|
-
end
|
36
|
-
end
|