license_finder 1.0.0.0-java → 1.1.1-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2bfbd9c59602704b7c3a40d8ecd9e31e52891a59
-  data.tar.gz: 3f06d5b52cdb43ddf1d8e1f7e0181a6dc1812d37
+  metadata.gz: 5748734ffbeee366e0396f06f2560233e6c121b4
+  data.tar.gz: 6896b31ebe755429dea0111105ec7ade8c05072e
 SHA512:
-  metadata.gz: ea159ba85c83ae2758bf0ccf26345f596c42f814d5b37e2e67d8fca3d51dd9bd72837bdc4d402092f8f47200c788deb9876166ac921ebad802a9aa78e53f6a6e
-  data.tar.gz: bf0c2f24a983fc2318bacdf4c89dbbbbaff3ad3a656e7fe5fe419895e0d740743b1298903ce423d6bea16c2573d02feecc710b32ee8a1de8a32702c65fdffe60
+  metadata.gz: c63f791ef6170d0b928a8ff909d3a32850bcf5e3687862160dd92ea5a7f2e59b5e9e90c2ec3dd9c5baa56b7e8969fdda83fc3b4cdd93ecc09e19dbfa1e77e6ed
+  data.tar.gz: 90825a990cffb6b80bf4e4f4b61c3340fa27966580ccc6a33e91c8e72873d656d39b3dee0a9cd6d6caece82911f18febb6e7368b538873bc5b8eafff5753edd3

data/.travis.yml

@@ -3,7 +3,6 @@ rvm:
   - 2.0.0
   - 1.9.3
   - jruby-19mode
-  - jruby-20mode
   - ruby-head
   - jruby-head
 
@@ -12,7 +11,8 @@ matrix:
     - rvm: ruby-head
     - rvm: jruby-head
 
-env: JAVA_OPTS='-client -XX:+TieredCompilation -XX:TieredStopAtLevel=1' JRUBY_OPTS='-J-Djruby.launch.inproc=true'
+env:
+  - JAVA_OPTS='-client -XX:+TieredCompilation -XX:TieredStopAtLevel=1' JRUBY_OPTS='-J-Djruby.launch.inproc=true' PATH=$PATH:$HOME/gradle/bin
 
 notifications:
   email:
@@ -23,8 +23,9 @@ notifications:
     on_start: true
 
 before_install:
-  - sudo apt-get update
-  
-install:
-  - sudo apt-get install gradle -qq -y
-  - bundle install
+  - cd /tmp
+  - wget http://services.gradle.org/distributions/gradle-1.11-all.zip
+  - unzip gradle*
+  - rm gradle*.zip
+  - mv gradle* ~/gradle
+  - cd -

data/CHANGELOG.rdoc

@@ -1,4 +1,32 @@
-=== 1.0.0 / Unreleased
+=== 1.1.1 / 2014-07-29
+
+* Bugfixes
+
+  * Process incorrectly-defined dependencies.
+    [Original issue.](https://github.com/pivotal/LicenseFinder/issues/108)
+  * Allow license_finder to process incorrectly-defined dependencies.
+
+=== 1.0.1 / 2014-05-28
+
+* Features
+
+  * For dependencies with multiple licenses, the dependency is listed as
+    'multiple licenses' along with the names of each license
+  * Added 'ignore_dependencies' config option to allow specific
+    dependencies to be excluded from reports.
+
+* Bugfixes
+
+  * Dependency reports generate when license_finder.yml updates
+  * Dependency reports generate when config is changed through the command line
+
+=== 1.0.0.1 / 2014-05-23
+
+* Bugfixes
+
+  * LicenseFinder detects its own license
+
+=== 1.0.0 / 2014-04-03
 
 * Features
 

data/Rakefile

@@ -12,10 +12,10 @@ RSpec::Core::RakeTask.new(:spec) do |t|
   t.rspec_opts = %w[--color]
 end
 
-
 desc "Run all cukes in features/"
 Cucumber::Rake::Task.new(:features) do |t|
-  t.cucumber_opts = "features --format pretty"
+  tags = RUBY_PLATFORM =~ /darwin/ ? "" : "--tags ~@ios"
+  t.cucumber_opts = "features --format pretty #{tags}"
 end
 
 task :default => [:spec, :features]

data/db/migrate/201311192003_reassociate_manual_approval.rb

@@ -6,9 +6,8 @@ Sequel.migration do
         (SELECT state
         FROM
           approvals
-        INNER JOIN
-          dependencies
-            ON approvals.id = dependencies.approval_id)
+        WHERE
+          approvals.id = dependencies.approval_id)
     EOS
   end
 end

data/db/migrate/201403181732_rename_manual_fields.rb

@@ -0,0 +1,10 @@
+Sequel.migration do
+  up do
+    alter_table(:dependencies) do
+      rename_column :manual,            :added_manually
+      rename_column :manually_approved, :approved_manually
+      rename_column :license_manual,    :license_assigned_manually
+      drop_column :approval_id
+    end
+  end
+end

data/db/migrate/201403190028_add_manual_approvals.rb

@@ -0,0 +1,22 @@
+Sequel.migration do
+  up do
+    create_table(:manual_approvals) do
+      primary_key :id
+      foreign_key :dependency_id, :dependencies, unique: true, on_delete: :cascade
+      String :approver, null: true
+      String :notes, null: true
+    end
+
+    LicenseFinder::DB << <<-SQL
+      INSERT INTO manual_approvals
+        (dependency_id)
+      SELECT id
+      FROM dependencies
+      WHERE approved_manually;
+    SQL
+
+    alter_table(:dependencies) do
+      drop_column :approved_manually
+    end
+  end
+end

data/db/migrate/201403191419_add_timestamps_to_manual_approvals.rb

@@ -0,0 +1,15 @@
+Sequel.migration do
+  change do
+    alter_table(:manual_approvals) do
+      add_column :created_at, DateTime
+      add_column :updated_at, DateTime
+    end
+
+    LicenseFinder::DB << <<-SQL
+      UPDATE manual_approvals
+      SET
+        created_at = datetime('now'),
+        updated_at = datetime('now')
+    SQL
+  end
+end

data/db/migrate/201403191645_remove_license_aliases.rb

@@ -0,0 +1,23 @@
+Sequel.migration do
+  up do
+    alter_table(:dependencies) do
+      add_column :license_name, String
+    end
+
+    LicenseFinder::DB << <<-SQL
+      UPDATE dependencies
+      SET license_name =
+      (SELECT name
+      FROM
+        license_aliases
+      WHERE
+        license_id = license_aliases.id)
+    SQL
+
+    alter_table(:dependencies) do
+      drop_column :license_id
+    end
+
+    drop_table(:license_aliases)
+  end
+end

data/features/cli.feature

@@ -1,36 +1,37 @@
 Feature: License Finder command line executable
-  So that I can report and manage my application's dependencies and licenses to my business
+  So that I can manage my application's dependencies and licenses
   As an application developer
   I want a command-line interface
 
-  Scenario: Running without a configuration file
-    Given I have an app with license finder that has no config directory
-    When I run license_finder
-    Then it creates a config directory with the license_finder config
-
-  Scenario: Auditing an application with non-whitelisted licenses
-    Given I have an app with license finder that depends on a MIT licensed gem
+  Scenario: Auditing an application with unapproved licenses
+    Given I have an app with an unapproved dependency
     When I run license_finder
     Then it should exit with status code 1
-    And should list my MIT gem in the output
+    And should list my unapproved dependency in the output
 
-  Scenario: Auditing an application with whitelisted licenses
-    Given I have an app with license finder that depends on a MIT licensed gem
-    When I whitelist MIT, New BSD, Apache 2.0, Ruby, and other licenses
+  Scenario: Auditing an application with approved licenses
+    Given I have an app with an unapproved dependency
+    When I whitelist everything I can think of
     Then it should exit with status code 0
     And I should see all dependencies approved for use
 
-  Scenario: Keep manually set license dependencies
-    Given I have a project that depends on mime-types with a manual license type
-    When I run license_finder
-    Then the mime-types license remains set with my manual license type
-
   Scenario: Viewing help for license_finder subcommand
-    Given I have an app with license finder
+    Given I have an app
     When I run license_finder help on a specific command
     Then I should see the correct subcommand usage instructions
 
   Scenario: Viewing help for license_finder default
-    Given I have an app with license finder
+    Given I have an app
     When I run license_finder help
-    Then I should the correct default usage instructions
+    Then I should see the default usage instructions
+
+  Scenario: Running without a configuration file
+    Given I have an app that has no config directory
+    When I run license_finder
+    Then it creates a config directory with the license_finder config
+
+  Scenario: Viewing License Finder's own license
+    Given I have an app
+    When I run license_finder
+    Then I should see License Finder has the MIT license
+

data/features/cocoapods_dependencies.feature

@@ -0,0 +1,10 @@
+@ios
+Feature: Tracking CocoaPods Dependencies
+  So that I can track CocoaPods dependencies
+  As an application developer using license finder
+  I want to be able to manage CocoaPods dependencies
+
+  Scenario: See the dependencies from the Podfile
+    Given A Podfile with dependencies
+    When I run license_finder
+    Then I should see a CocoaPods dependency with a license

data/features/configure_bundler_groups.feature

@@ -0,0 +1,23 @@
+Feature: Ignore Bundle Groups
+  As a developer
+  I want to ignore certain bundler groups
+  So that any gems I use in development, or for testing, are automatically approved for use
+
+  Scenario: Bundler groups can be ignored
+    Given I have an app
+    And I ignore the test group
+    When I get the ignored groups
+    Then I should see the test group in the output
+
+  Scenario: Ignored bundler groups are not evaluated for licenses
+    Given I have an app that depends on a gem in the test bundler group
+    And I ignore the test group
+    When I run license_finder
+    Then I should not see the test gem in the output
+
+  Scenario: Bundler groups can be removed from the ignore list
+    Given I have an app
+    And I ignore the test group
+    And I stop ignoring the test group
+    When I get the ignored groups
+    Then I should not see the test group in the output

data/features/configure_ignore_dependencies.feature

@@ -0,0 +1,16 @@
+Feature: Ignore Dependencies
+  As a developer
+  I want to ignore certain dependencies
+  To avoid noisy doc changes when there are safe dependencies with high version churn
+
+  Scenario: Select dependencies can be ignored
+    Given I have an app that depends on bundler
+    And I ignore the bundler dependency
+    When I get the ignored dependencies 
+    Then I should see 'bundler' in the output
+    And I should not see 'bundler' in the dependency docs
+
+  Scenario: Ignored dependencies do not appear in the unapproved list
+    Given I have an app that depends on bundler
+    When I ignore the bundler dependency
+    Then the bundler dependency is not listed as an action item

data/features/{project_name.feature → configure_project_name.feature}

@@ -4,7 +4,7 @@ Feature: Project names
   So that license audit reports indicate their associated project
 
   Scenario: Specifying a project name
-    Given I have an app with license finder
+    Given I have an app
     When I set the project name to new_project
     And I run license_finder
     Then I should see the project name new_project in the html

data/features/{whitelist.feature → configure_whitelist.feature}

@@ -4,24 +4,24 @@ Feature: Whitelist licenses
   So that any dependencies with those licenses do not show up as action items
 
   Scenario: Adding a license to the whitelist
-    Given I have an app with license finder
+    Given I have an app
     When I whitelist the Expat license
     And I view the whitelisted licenses
     Then I should see Expat in the output
 
-  Scenario: Whitelisting the BSD License should approve BSD licensed dependencies
-    Given I have an app with license finder that depends on an BSD license
+  Scenario: Depending on whitelisted licenses
+    Given I have an app that depends on an BSD license
     When I whitelist the BSD license
     Then I should not see a BSD licensed gem unapproved
 
   Scenario: Removing a license from the whitelist
-    Given I have an app with license finder
+    Given I have an app
     When I whitelist the Expat license
     And I remove Expat from the whitelist
     And I view the whitelisted licenses
     Then I should not see Expat in the output
 
-  Scenario: Whitelist with MIT License aliased name "Expat" should whitelist "MIT" licenses
-    Given I have an app with license finder that depends on an MIT license
+  Scenario: Whitelisting license aliases
+    Given I have an app that depends on an MIT license
     When I whitelist the Expat license
     Then I should not see a MIT licensed gem unapproved

data/features/manually_added.feature

@@ -0,0 +1,19 @@
+Feature: Manually Adding Dependencies
+  So that I can track dependencies not managed by Bundler, NPM, etc.
+  As an application developer using license finder
+  I want to be able to manually add dependencies
+
+  Scenario: Manually adding dependency
+    Given I have an app
+    When I add my JS dependency
+    Then I should see the JS dependency in the console output
+
+  Scenario: Auto approving a manually added dependency
+    Given I have an app
+    When I add my JS dependency with an approval flag
+    Then I should not see the JS dependency in the console output
+
+  Scenario: Removing a manually added dependency
+    Given I have an app and a JS dependency
+    When I remove my JS dependency
+    Then I should not see the JS dependency in the console output

data/features/{approve_dependencies.feature → manually_approved.feature}

@@ -3,8 +3,8 @@ Feature: Approving non-whitelisted Dependencies
   As an application developer using license finder
   I want to be able to manually approve dependencies that have licenses which fall outside of my whitelist
 
-  Scenario: Approving a non-whitelisted dependency via the `license_finder` command
-    Given I have an app with license finder that depends on a GPL licensed gem
+  Scenario: Approving a non-whitelisted dependency
+    Given I have an app that depends on a GPL licensed gem
     When I approve that gem
     Then I should not see that gem in the console output
     And I should see that gem approved in dependencies.html

data/features/manually_assigned_license.feature

@@ -0,0 +1,16 @@
+Feature: Setting a dependency's license
+  So that my dependencies all have the correct licenses
+  As an application developer
+  I want to be able to manually set licenses
+
+  Scenario: Setting a license for a dependency
+    Given I have an app that depends on a few gems without known licenses
+    When I set one gem's license to MIT from the command line
+    Then I should see that gem's license set to MIT
+    And I should see other gems have not changed their licenses
+
+  Scenario: Keep manually assigned license dependencies
+    Given I have an app that depends on a manually licensed gem
+    When I run license_finder
+    Then the gem should keep its manually assigned license
+

data/features/{text_report.feature → report_csv.feature}

@@ -4,12 +4,12 @@ Feature: Text Report
   I want license finder to generate an easy-to-understand text report
 
   Scenario: Viewing dependencies
-    Given I have an app with license finder that depends on a gem with license and version details
+    Given I have an app that depends on a gem with license and version details
     When I run license_finder
     Then I should see those version and license details in the dependencies.csv file
 
   Scenario: Cleaning up old versions of text report
-    Given I have an app with license finder
+    Given I have an app
     And I have a dependencies.txt file
     When I run license_finder
     Then I should see dependencies.txt replaced by dependencies.csv

data/features/{html_report.feature → report_html.feature}

@@ -4,7 +4,7 @@ Feature: HTML Report
   I want license finder to generate an easy-to-understand HTML report
 
   Background:
-    Given I have an app with license finder
+    Given I have an app
 
   Scenario: Dependency details listed in HTML report
     And my app depends on a gem with specific details
@@ -20,5 +20,5 @@ Feature: HTML Report
 
   Scenario: Dependency summary
     And my app depends on MIT and GPL licensed gems
-    When I whitelist MIT, New BSD, Apache 2.0, Ruby, and other licenses
+    When I whitelist everything I can think of
     Then I should see only see GPL liceneses as unapproved in the html

data/features/step_definitions/cli_steps.rb

@@ -1,61 +1,51 @@
-Given(/^I have an app with license finder that has no config directory$/) do
+Given(/^I have an app that has no config directory$/) do
   @user = ::DSL::User.new
-  @user.create_nonrails_app
-  path = @user.app_path('config')
-  FileUtils.rm_rf(path)
-  File.should_not be_exists(path)
+  @user.create_ruby_app
+  path = @user.config_path
+  path.rmtree if path.exist?
+  path.should_not be_exist
 end
 
-Given(/^I have an app with license finder that depends on a MIT licensed gem$/) do
+Given(/^I have an app with an unapproved dependency$/) do
   @user = ::DSL::User.new
-  @user.create_nonrails_app
-  @user.add_dependency_to_app 'mit_gem', :license => 'MIT'
-end
-
-Given(/^I have a project that depends on mime\-types with a manual license type$/) do
-  @user = ::DSL::User.new
-  @user.create_rails_app
-  @user.add_gem_dependency('mime-types')
-  @user.bundle_app
-  @user.execute_command "license_finder --quiet"
-  @output = @user.execute_command "license_finder license Ruby mime-types"
-  @output.should =~ /mime-types.*Ruby/
+  @user.create_ruby_app
+  @user.create_and_depend_on_gem 'unapproved_gem', license: 'MIT'
 end
 
 When(/^I run license_finder help on a specific command$/) do
-  @output = @user.execute_command "license_finder ignored_bundler_groups help add"
+  @user.execute_command "license_finder ignored_bundler_groups help add"
 end
 
 When(/^I run license_finder help$/) do
-  @output = @user.execute_command "license_finder help"
+  @user.execute_command "license_finder help"
 end
 
 Then(/^it creates a config directory with the license_finder config$/) do
-  File.should be_exists(@user.app_path('config'))
-  text = "---\nwhitelist:\n#- MIT\n#- Apache 2.0\nignore_groups:\n#- test\n#- development\ndependencies_file_dir: './doc/'\nproject_name: # project name\n"
-  File.read(@user.app_path('config/license_finder.yml')).should == text.gsub(/^\s+/, "")
+  @user.config_path.should be_exist
+  text = %|---\nwhitelist:\n#- MIT\n#- Apache 2.0\nignore_groups:\n#- test\n#- development\nignore_dependencies:\n#- bundler\ndependencies_file_dir: './doc/'\nproject_name: # project name\ngradle_command: # only meaningful if used with a Java/gradle project. Defaults to "gradle".\n|
+  @user.config_file.read.should == text.gsub(/^\s+/, "")
 end
 
 Then /^it should exit with status code (\d)$/ do |status|
   $?.exitstatus.should == status.to_i
 end
 
-Then(/^should list my MIT gem in the output$/) do
-  @output.should include 'mit_gem'
+Then(/^should list my unapproved dependency in the output$/) do
+  @user.should be_seeing 'unapproved_gem'
 end
 
 Then(/^I should see all dependencies approved for use$/) do
-  @output.should include 'All dependencies are approved for use'
+  @user.should be_seeing 'All dependencies are approved for use'
 end
 
-Then(/^the mime\-types license remains set with my manual license type$/) do
-  @output.should =~ /mime-types.*Ruby/
+Then(/^I should see the correct subcommand usage instructions$/) do
+  @user.should be_seeing 'license_finder ignored_bundler_groups add GROUP'
 end
 
-Then(/^I should see the correct subcommand usage instructions$/) do
-  @output.should include 'license_finder ignored_bundler_groups add GROUP'
+Then(/^I should see the default usage instructions$/) do
+  @user.should be_seeing 'license_finder help [COMMAND]'
 end
 
-Then(/^I should the correct default usage instructions$/) do
-  @output.should include 'license_finder help [COMMAND]'
+Then(/^I should see License Finder has the MIT license$/) do
+  @user.should be_seeing_something_like /license_finder.*MIT/
 end