license_finder 0.9.4 → 0.9.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 3b65d1f533fe92270a5d6924fb5bb496c39f5bbb
-  data.tar.gz: 61b8c1a0c33212a69497fa1f95ba3c3825794dd6
+  metadata.gz: 914d2f2e411442bf2e8f37f7b17b5dd963f9c4be
+  data.tar.gz: 985aa512713ab48aaed47129747e1f7b3b1d10de
 SHA512:
-  metadata.gz: 3e3315d6de234859334ea3d7426bf6aec588c1b381ab081839d7a0e59e325c9ad1375229b36c0c4ff9b95062c727accf11d7b9019ced480cd4b4ac6c13a3dd1b
-  data.tar.gz: c5a56556655e5852ae8156f02838262d4d3f4064f0dc53c652385073779551b404b8cde0199bece774a2c7c1f667309b1feb3c02cf798191beccc2920b2bb9bd
+  metadata.gz: c312d903761a6688929d0dc5c2b55d2e282cf2668d6f3d3d107341b9b86f75a206c7b5add0eac1c758117d89a028cd91f7ef5c8013ecce851a0f19e06f5e1eb9
+  data.tar.gz: 91f606929437fc775f297b0377a567b18b7f95109bd1a7e000706d5636c523d2381d5922116bfb3e8bdf7b412fe68cd3459b37f31b01aa81c21f66dd975a223e

data/.gitignore

@@ -1,13 +1,6 @@
 pkg/*
-*.gem
-.bundle
 Gemfile.lock
 .rvmrc
 .idea/*
 tmp/
-dependencies.*
-doc/dependencies.*
-db/schema.rb
-config/
 .pairs
-*.swp

data/.travis.yml

@@ -2,15 +2,13 @@ rvm:
   - 2.1.0
   - 2.0.0
   - 1.9.3
-  - 1.9.2
   - jruby-19mode
-  - rbx-19mode
+  - jruby-20mode
   - ruby-head
   - jruby-head
 
 matrix:
   allow_failures:
-    - rvm: rbx-19mode
     - rvm: ruby-head
     - rvm: jruby-head
 

data/CHANGELOG.rdoc

@@ -1,3 +1,16 @@
+=== 0.9.5 / 2014-01-30
+
+* Features
+
+  * Add more aliases for known licenses
+  * Drop support for ruby 1.9.2
+  * Large refactoring to simply things, and make it easier to add new package managers
+  
+* Bugfixes
+
+  * Make node dependency json parsing more robust
+  * Clean up directories created during test runs
+
 === 0.9.4 / 2014-01-05
 
 * Features

data/db/migrate/201307251004_data_fix_manual_licenses.rb

@@ -1,6 +1,6 @@
 Sequel.migration do
   up do
-  DB << <<EOS
+    LicenseFinder::DB << <<-SQL
 UPDATE dependencies
 SET license_manual = 1
 WHERE id
@@ -10,6 +10,6 @@ IN
   INNER JOIN license_aliases l
     ON d.license_id = l.id
   WHERE l.manual = 1)
-EOS
+    SQL
   end
 end

data/db/migrate/201307251107_reassociate_license.rb

@@ -1,23 +1,23 @@
 Sequel.migration do
   up do
-  DB << <<EOS
-UPDATE dependencies
-SET license_id =
-(SELECT la.id
-FROM
-  license_aliases la,
-  license_aliases la_orig
-WHERE
-  la.name = la_orig.name AND
-  la_orig.id = license_id
-LIMIT 1)
-EOS
+    LicenseFinder::DB << <<-SQL
+      UPDATE dependencies
+      SET license_id =
+      (SELECT la.id
+      FROM
+        license_aliases la,
+        license_aliases la_orig
+      WHERE
+        la.name = la_orig.name AND
+        la_orig.id = license_id
+      LIMIT 1)
+    SQL
 
-  DB << <<CLEANUP
-DELETE
-FROM license_aliases
-WHERE
-id NOT IN (SELECT license_id FROM dependencies)
-CLEANUP
+    LicenseFinder::DB << <<-SQL
+      DELETE
+      FROM license_aliases
+      WHERE
+      id NOT IN (SELECT license_id FROM dependencies)
+    SQL
   end
 end

data/db/migrate/201311192002_add_manually_approved_to_dependencies.rb

@@ -0,0 +1,7 @@
+Sequel.migration do
+  change do
+    alter_table(:dependencies) do
+      add_column :manually_approved, TrueClass
+    end
+  end
+end

data/db/migrate/201311192003_reassociate_manual_approval.rb

@@ -0,0 +1,14 @@
+Sequel.migration do
+  up do
+    LicenseFinder::DB << <<-EOS
+        UPDATE dependencies
+        SET manually_approved =
+        (SELECT state
+        FROM
+          approvals
+        INNER JOIN
+          dependencies
+            ON approvals.id = dependencies.approval_id)
+    EOS
+  end
+end

data/db/migrate/201311192010_drop_approvals.rb

@@ -0,0 +1,5 @@
+Sequel.migration do
+  change do
+    drop_table(:approvals)
+  end
+end

data/features/cli.feature

@@ -16,7 +16,7 @@ Feature: License Finder command line executable
 
   Scenario: Auditing an application with whitelisted licenses
     Given I have an app with license finder that depends on a MIT licensed gem
-    When I whitelist MIT and 'other' and New BSD and Apache 2.0 licenses
+    When I whitelist MIT, New BSD, Apache 2.0, Ruby, and other licenses
     Then it should exit with status code 0
     And I should see all dependencies approved for use
 

data/features/html_report.feature

@@ -20,5 +20,5 @@ Feature: HTML Report
 
   Scenario: Dependency summary
     And my app depends on MIT and GPL licensed gems
-    When I whitelist MIT and 'other' and New BSD and Apache 2.0 licenses
+    When I whitelist MIT, New BSD, Apache 2.0, Ruby, and other licenses
     Then I should see only see GPL liceneses as unapproved in the html

data/features/{non_bundler_dependencies.feature → manually_managed_dependencies.feature}

@@ -1,19 +1,19 @@
-Feature: Tracking non-Bundler Dependencies
-  So that I can track JS and other dependencies not tracked by Bundler
+Feature: Tracking Unmanaged Dependencies
+  So that I can track dependencies not managed by Bundler, NPM, etc.
   As an application developer using license finder
-  I want to be able to manually manage non-Bundler dependencies
+  I want to be able to manually track unmanaged dependencies
 
-  Scenario: Adding a non-Bundler dependency
+  Scenario: Adding a manually managed dependency
     Given I have an app with license finder
     When I add my JS dependency
     Then I should see the JS dependency in the console output
 
-  Scenario: Auto approving a non-Bundler dependency I add
+  Scenario: Auto approving a manually managed dependency I add
     Given I have an app with license finder
     When I add my JS dependency with an approval flag
     Then I should not see the JS dependency in the console output since it is approved
 
-  Scenario: Removing a non-Bundler dependency
+  Scenario: Removing a manually managed dependency
     Given I have an app with license finder and a JS dependency
     When I remove my JS dependency
     Then I should not see the JS dependency in the console output

data/features/step_definitions/html_report_steps.rb

@@ -49,16 +49,9 @@ end
 Then(/^I should see only see GPL liceneses as unapproved in the html$/) do
   html = File.read(@user.dependencies_html_path)
   page = Capybara.string(html)
-  page.should have_content '12 total'
-  page.should have_content '1 unapproved'
   page.should have_content '1 GPL'
-  page.should have_content '1 other'
-  if @user.jruby?
-    page.should have_content '9 MIT'
-    page.should have_content '1 Apache 2.0'
-  else
-    page.should have_content '10 MIT'
-  end
+  action_items = page.find('.action-items')
+  action_items.should have_content '(GPL)'
 end
 
 def is_html_status?(gem, approval)

data/features/step_definitions/shared_steps.rb

@@ -14,8 +14,8 @@ When(/^I run license_finder$/) do
   @output = @user.execute_command "license_finder --quiet"
 end
 
-When(/^I whitelist MIT and 'other' and New BSD and Apache 2.0 licenses$/) do
-  @user.configure_license_finder_whitelist ["MIT","other","New BSD","Apache 2.0"]
+When(/^I whitelist MIT, New BSD, Apache 2.0, Ruby, and other licenses$/) do
+  @user.configure_license_finder_whitelist ["MIT","other","New BSD","Apache 2.0","Ruby"]
   @output = @user.execute_command "license_finder --quiet"
 end
 
@@ -139,7 +139,7 @@ module DSL
     end
 
     def execute_command(command)
-      Bundler.with_clean_env do
+      ::Bundler.with_clean_env do
         @output = `cd #{app_path} && bundle exec #{command}`
       end
 
@@ -192,7 +192,7 @@ module DSL
     end
 
     def bundle_app
-      Bundler.with_clean_env do
+      ::Bundler.with_clean_env do
         `bundle install --gemfile=#{File.join(app_path, "Gemfile")} --path=#{bundle_path}`
       end
     end
@@ -210,10 +210,6 @@ module DSL
       File.open(dependencies_file_path, 'w+') { |f| yield f }
     end
 
-    def jruby?
-      `ruby -v`.match /^jruby/
-    end
-
     private
 
     def add_to_gemfile(line)

data/lib/license_finder.rb

@@ -7,32 +7,36 @@ module LicenseFinder
 
   Error = Class.new(StandardError)
 
-  autoload :Bundle,               'license_finder/bundle'
-  autoload :PackageSaver,         'license_finder/package_saver'
-  autoload :Bower,                'license_finder/bower'
   autoload :CLI,                  'license_finder/cli'
-  autoload :Configuration,        'license_finder/configuration'
   autoload :DependencyManager,    'license_finder/dependency_manager'
+  autoload :PackageSaver,         'license_finder/package_saver'
   autoload :License,              'license_finder/license'
   autoload :LicenseUrl,           'license_finder/license_url'
+  autoload :PossibleLicenseFile,  'license_finder/possible_license_file'
+  autoload :PossibleLicenseFiles, 'license_finder/possible_license_files'
+  autoload :Configuration,        'license_finder/configuration'
+  autoload :Platform,             'license_finder/platform'
+
+  autoload :Bower,                'license_finder/bower'
+  autoload :Bundler,              'license_finder/bundler'
   autoload :NPM,                  'license_finder/npm'
   autoload :Pip,                  'license_finder/pip'
   autoload :Package,              'license_finder/package'
-  autoload :Platform,             'license_finder/platform'
-  autoload :PossibleLicenseFile,  'license_finder/possible_license_file'
-  autoload :PossibleLicenseFiles, 'license_finder/possible_license_files'
-  autoload :YmlToSql,             'license_finder/yml_to_sql'
+  autoload :BowerPackage,         'license_finder/bower_package'
+  autoload :BundlerPackage,       'license_finder/bundler_package'
+  autoload :PipPackage,           'license_finder/pip_package'
+  autoload :NpmPackage,           'license_finder/npm_package'
 
-  autoload :Approval,     'license_finder/tables/approval'
-  autoload :BundlerGroup, 'license_finder/tables/bundler_group'
-  autoload :Dependency,   'license_finder/tables/dependency'
-  autoload :LicenseAlias, 'license_finder/tables/license_alias'
+  autoload :BundlerGroup,         'license_finder/tables/bundler_group'
+  autoload :Dependency,           'license_finder/tables/dependency'
+  autoload :LicenseAlias,         'license_finder/tables/license_alias'
+  autoload :YmlToSql,             'license_finder/yml_to_sql'
 
-  autoload :DependencyReport, 'license_finder/reports/dependency_report'
-  autoload :HtmlReport,       'license_finder/reports/html_report'
-  autoload :MarkdownReport,   'license_finder/reports/markdown_report'
-  autoload :Reporter,         'license_finder/reports/reporter'
-  autoload :TextReport,       'license_finder/reports/text_report'
+  autoload :DependencyReport,     'license_finder/reports/dependency_report'
+  autoload :HtmlReport,           'license_finder/reports/html_report'
+  autoload :MarkdownReport,       'license_finder/reports/markdown_report'
+  autoload :Reporter,             'license_finder/reports/reporter'
+  autoload :TextReport,           'license_finder/reports/text_report'
   autoload :DetailedTextReport,   'license_finder/reports/detailed_text_report'
 
   def self.config

data/lib/license_finder/bower.rb

@@ -1,32 +1,19 @@
 require 'json'
-require 'license_finder/package'
 
 module LicenseFinder
   class Bower
 
     def self.current_packages
-      return @packages if @packages
-
       output = `bower list --json`
 
       json = JSON(output)
 
-      @packages = json.fetch("dependencies",[]).map do |package|
-        package = package[1]
-        pkg_meta = package.fetch("pkgMeta", Hash.new)
-
-        Package.new(OpenStruct.new(
-          :name => pkg_meta.fetch("name", nil),
-          :version => pkg_meta.fetch("version", nil),
-          :full_gem_path => package.fetch("canonicalDir", nil),
-          :license => self.harvest_license(pkg_meta),
-          :summary => pkg_meta.fetch("description", nil),
-          :description => pkg_meta.fetch("readme", nil)
-        ))
+      json.fetch("dependencies",[]).map do |package|
+        BowerPackage.new(package[1])
       end
     end
 
-    def self.has_package_file?
+    def self.active?
       File.exists?(package_path)
     end
 
@@ -35,23 +22,5 @@ module LicenseFinder
     def self.package_path
       Pathname.new('bower.json').expand_path
     end
-
-    def self.harvest_license(package)
-      license = package.fetch("licenses", []).first
-
-      if license.is_a? Hash
-        license = license.fetch("type", nil)
-      end
-
-      if license.nil?
-        license = package.fetch("license", nil)
-
-        if license.is_a? Hash
-          license = license.fetch("type", nil)
-        end
-      end
-
-      license
-    end
   end
 end

data/lib/license_finder/bower_package.rb

@@ -0,0 +1,63 @@
+module LicenseFinder
+  class BowerPackage < Package
+    def initialize(bower_module)
+      @bower_module = bower_module
+      @module_metadata = bower_module.fetch("pkgMeta", Hash.new)
+    end
+
+    def name
+      module_metadata.fetch("name", nil)
+    end
+
+    def version
+      module_metadata.fetch("version", nil)
+    end
+
+    def summary
+      module_metadata.fetch("description", nil)
+    end
+
+    def description
+      module_metadata.fetch("readme", nil)
+    end
+
+    def children
+      [] # no way to determine child deps from bower (maybe?)
+    end
+
+    def groups
+      [] # no concept of dev/test groups in bower (maybe?)
+    end
+
+    def homepage
+      nil # no way to extract homepage from bower (maybe?)
+    end
+
+    private
+
+    attr_reader :bower_module
+    attr_reader :module_metadata
+
+    def install_path
+      bower_module.fetch("canonicalDir", nil)
+    end
+
+    def license_from_spec
+      license = module_metadata.fetch("licenses", []).first
+
+      if license.is_a? Hash
+        license = license.fetch("type", nil)
+      end
+
+      if license.nil?
+        license = module_metadata.fetch("license", nil)
+
+        if license.is_a? Hash
+          license = license.fetch("type", nil)
+        end
+      end
+
+      license
+    end
+  end
+end

data/lib/license_finder/bundler.rb

@@ -0,0 +1,73 @@
+require "bundler"
+
+module LicenseFinder
+  class Bundler
+    attr_writer :ignore_groups
+
+    class << self
+      def current_packages(config = LicenseFinder.config, bundler_definition=nil)
+        new(config, bundler_definition).packages
+      end
+
+      def active?
+        File.exists?(gemfile_path)
+      end
+
+      def gemfile_path
+        Pathname.new("Gemfile").expand_path
+      end
+    end
+
+    def initialize(config, bundler_definition=nil)
+      @definition = bundler_definition || ::Bundler::Definition.build(self.class.gemfile_path, lockfile_path, nil)
+      @config = config
+    end
+
+    def packages
+      return @packages if @packages
+
+      top_level_gems = Set.new
+
+      @packages ||= definition.specs_for(included_groups).map do |gem_def|
+        bundler_def = bundler_defs.detect { |bundler_def| bundler_def.name == gem_def.name }
+
+        top_level_gems << format_name(gem_def)
+
+        BundlerPackage.new(gem_def, bundler_def)
+      end
+
+      @packages.each do |gem|
+        gem.children = children_for(gem, top_level_gems)
+      end
+
+      @packages
+    end
+
+    private
+    attr_reader :definition
+
+    def ignore_groups
+      @ignore_groups ||= @config.ignore_groups
+    end
+
+    def bundler_defs
+      @bundler_defs ||= definition.dependencies
+    end
+
+    def included_groups
+      definition.groups - ignore_groups.map(&:to_sym)
+    end
+
+    def lockfile_path
+      self.class.gemfile_path.dirname.join('Gemfile.lock')
+    end
+
+    def children_for(gem, top_level_gems)
+      gem.gem_def.dependencies.map(&:name).select { |name| top_level_gems.include? name }
+    end
+
+    def format_name(gem)
+      gem.name.split(" ")[0]
+    end
+  end
+end