license_finder 2.1.0.rc3 → 2.1.0.rc4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +7 -5
- data/.travis.yml +2 -5
- data/CHANGELOG.rdoc +6 -0
- data/features/features/report/java_groups_spec.rb +11 -0
- data/features/fixtures/build.gradle +26 -0
- data/features/support/testing_dsl.rb +6 -0
- data/lib/license_finder/cli/base.rb +1 -0
- data/lib/license_finder/cli/main.rb +1 -0
- data/lib/license_finder/configuration.rb +4 -0
- data/lib/license_finder/core.rb +1 -0
- data/lib/license_finder/package_managers/gradle.rb +2 -1
- data/lib/license_finder/package_managers/gradle_package.rb +5 -2
- data/lib/license_finder/version.rb +1 -1
- data/license_finder.gemspec +6 -6
- data/spec/lib/license_finder/core_spec.rb +1 -0
- data/spec/lib/license_finder/package_managers/gradle_package_spec.rb +8 -0
- data/spec/lib/license_finder/package_managers/gradle_spec.rb +12 -2
- metadata +22 -20
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9cd300688bc79a2fdf74dc641f4794b361664cae
|
|
4
|
+
data.tar.gz: fbe19583d0baf7db5eb5da488b994d354ea8832a
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8e82b7264e9be9d0e7f91ee9698ddfe2d297be5cee68e55bc7bc0358906fd31f58b371c99301375ba1e1cb3f8f76edd7322a0dd707990c23e1484719e465fc6c
|
|
7
|
+
data.tar.gz: 3ca7f365d490054f252ef823238ca42a7bdd1f5315ec2d678580cd5e10cc3df4c1c0d7081f2e86d3691558cc63e1465ca4f4af1cc6ffdd49958c1e261587c5b5
|
data/.gitignore
CHANGED
data/.travis.yml
CHANGED
|
@@ -3,15 +3,11 @@ rvm:
|
|
|
3
3
|
- 2.0
|
|
4
4
|
- 2.1
|
|
5
5
|
- 2.2
|
|
6
|
-
- 2.3
|
|
6
|
+
- 2.3.0
|
|
7
7
|
- jruby-19mode
|
|
8
8
|
- jruby-1.7.23
|
|
9
9
|
- jruby-9.0.4.0
|
|
10
10
|
|
|
11
|
-
matrix:
|
|
12
|
-
allow_failures:
|
|
13
|
-
- rvm: 1.9.3
|
|
14
|
-
|
|
15
11
|
env:
|
|
16
12
|
- PATH=$PATH:$HOME/gradle/bin:$HOME/rebar:$HOME/go/bin GOPATH=$HOME/go
|
|
17
13
|
|
|
@@ -24,6 +20,7 @@ notifications:
|
|
|
24
20
|
on_start: true
|
|
25
21
|
|
|
26
22
|
before_install:
|
|
23
|
+
- gem update bundler
|
|
27
24
|
- .travis/install_gradle.sh
|
|
28
25
|
- .travis/install_rebar.sh
|
|
29
26
|
- .travis/install_bower.sh
|
data/CHANGELOG.rdoc
CHANGED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
require_relative '../../support/feature_helper'
|
|
2
|
+
|
|
3
|
+
describe 'Composite project' do
|
|
4
|
+
let(:developer) { LicenseFinder::TestingDSL::User.new }
|
|
5
|
+
|
|
6
|
+
specify 'shows dependencies for all active projects' do
|
|
7
|
+
LicenseFinder::TestingDSL::BareGradleProject.create
|
|
8
|
+
developer.execute_command('license_finder report --gradle_include_groups')
|
|
9
|
+
expect(developer).to be_seeing('junit:junit, 4.11, "Common Public License Version 1.0"')
|
|
10
|
+
end
|
|
11
|
+
end
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
apply plugin: 'java'
|
|
2
|
+
|
|
3
|
+
sourceCompatibility = 1.5
|
|
4
|
+
version = '1.0'
|
|
5
|
+
|
|
6
|
+
repositories {
|
|
7
|
+
mavenCentral()
|
|
8
|
+
}
|
|
9
|
+
|
|
10
|
+
dependencies {
|
|
11
|
+
compile group: 'junit', name: 'junit', version: '4.11'
|
|
12
|
+
}
|
|
13
|
+
|
|
14
|
+
buildscript {
|
|
15
|
+
repositories {
|
|
16
|
+
maven {
|
|
17
|
+
url 'https://plugins.gradle.org/m2/'
|
|
18
|
+
}
|
|
19
|
+
}
|
|
20
|
+
|
|
21
|
+
dependencies {
|
|
22
|
+
classpath 'gradle.plugin.nl.javadude.gradle.plugins:license-gradle-plugin:0.12.1'
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
|
|
26
|
+
apply plugin: 'license'
|
|
@@ -21,6 +21,7 @@ module LicenseFinder
|
|
|
21
21
|
class_option :columns, type: :array, desc: "For CSV reports, which columns to print. Pick from: #{CsvReport::AVAILABLE_COLUMNS}", default: %w[name version licenses]
|
|
22
22
|
class_option :save, desc: "Save report to a file. Default: 'license_report.csv' in project root.", lazy_default: "license_report"
|
|
23
23
|
class_option :go_full_version, desc: "Whether dependency version should include full version. Only meaningful if used with a Go project. Defaults to false."
|
|
24
|
+
class_option :gradle_include_groups, desc: "Whether dependency name should include group id. Only meaningful if used with a Java/gradle project. Defaults to false."
|
|
24
25
|
class_option :gradle_command, desc: "Command to use when fetching gradle packages. Only meaningful if used with a Java/gradle project. Defaults to 'gradlew' / 'gradlew.bat' if the wrapper is present, otherwise to 'gradle'."
|
|
25
26
|
class_option :rebar_command, desc: "Command to use when fetching rebar packages. Only meaningful if used with a Erlang/rebar project. Defaults to 'rebar'."
|
|
26
27
|
class_option :rebar_deps_dir, desc: "Path to rebar dependencies directory. Only meaningful if used with a Erlang/rebar project. Defaults to 'deps'."
|
data/lib/license_finder/core.rb
CHANGED
|
@@ -66,6 +66,7 @@ module LicenseFinder
|
|
|
66
66
|
ignore_groups: decisions.ignored_groups,
|
|
67
67
|
go_full_version: config.go_full_version,
|
|
68
68
|
gradle_command: config.gradle_command,
|
|
69
|
+
gradle_include_groups: config.gradle_include_groups,
|
|
69
70
|
rebar_command: config.rebar_command,
|
|
70
71
|
rebar_deps_dir: config.rebar_deps_dir,
|
|
71
72
|
)
|
|
@@ -6,6 +6,7 @@ module LicenseFinder
|
|
|
6
6
|
def initialize(options={})
|
|
7
7
|
super
|
|
8
8
|
@command = options[:gradle_command] || 'gradle'
|
|
9
|
+
@include_groups = options[:gradle_include_groups]
|
|
9
10
|
end
|
|
10
11
|
|
|
11
12
|
def current_packages
|
|
@@ -18,7 +19,7 @@ module LicenseFinder
|
|
|
18
19
|
options = {'GroupTags' => {'dependencies' => 'dependency'}}
|
|
19
20
|
contents = XmlSimple.xml_in(xml_file, options).fetch('dependency', [])
|
|
20
21
|
contents.map do |dep|
|
|
21
|
-
GradlePackage.new(dep, logger: logger)
|
|
22
|
+
GradlePackage.new(dep, logger: logger, include_groups: @include_groups)
|
|
22
23
|
end
|
|
23
24
|
end
|
|
24
25
|
|
|
@@ -2,11 +2,14 @@ module LicenseFinder
|
|
|
2
2
|
class GradlePackage < Package
|
|
3
3
|
def initialize(spec, options={})
|
|
4
4
|
name = spec["name"]
|
|
5
|
-
if name.scan(":").size
|
|
6
|
-
|
|
5
|
+
if name.scan(":").size >= 1
|
|
6
|
+
group, name, version = name.split(":")
|
|
7
7
|
else
|
|
8
8
|
version = "unknown"
|
|
9
9
|
end
|
|
10
|
+
|
|
11
|
+
name = options[:include_groups] ? "#{group}:#{name}" : name
|
|
12
|
+
|
|
10
13
|
licenses = Array(spec["license"])
|
|
11
14
|
.map { |l| l["name"] }
|
|
12
15
|
.reject { |name| name == "No license found" }
|
data/license_finder.gemspec
CHANGED
|
@@ -25,7 +25,7 @@ Gem::Specification.new do |s|
|
|
|
25
25
|
"Mike Dalessio"
|
|
26
26
|
]
|
|
27
27
|
|
|
28
|
-
s.email = ["commoncode@
|
|
28
|
+
s.email = ["labs-commoncode@pivotal.io"]
|
|
29
29
|
s.homepage = "https://github.com/pivotal/LicenseFinder"
|
|
30
30
|
s.summary = "Audit the OSS licenses of your application's dependencies."
|
|
31
31
|
|
|
@@ -43,14 +43,14 @@ Gem::Specification.new do |s|
|
|
|
43
43
|
s.add_dependency "httparty"
|
|
44
44
|
s.add_dependency "xml-simple"
|
|
45
45
|
|
|
46
|
-
s.add_development_dependency "
|
|
47
|
-
s.add_development_dependency "
|
|
48
|
-
s.add_development_dependency "fakefs"
|
|
46
|
+
s.add_development_dependency "capybara", "~> 2.0.0"
|
|
47
|
+
s.add_development_dependency "cocoapods", "0.34.0" if LicenseFinder::Platform.darwin?
|
|
48
|
+
s.add_development_dependency "fakefs", "~> 0.6.7"
|
|
49
49
|
s.add_development_dependency "pry"
|
|
50
|
+
s.add_development_dependency "rake"
|
|
50
51
|
s.add_development_dependency "rspec", "~> 3"
|
|
51
|
-
s.add_development_dependency "
|
|
52
|
+
s.add_development_dependency "rspec-its"
|
|
52
53
|
s.add_development_dependency "webmock", "~> 1.13"
|
|
53
|
-
s.add_development_dependency "cocoapods", "0.34.0" if LicenseFinder::Platform.darwin?
|
|
54
54
|
|
|
55
55
|
# temporary to preserve ruby 1.9.3 support.
|
|
56
56
|
s.add_development_dependency "mime-types", "< 3.0"
|
|
@@ -40,6 +40,14 @@ module LicenseFinder
|
|
|
40
40
|
end
|
|
41
41
|
end
|
|
42
42
|
|
|
43
|
+
context 'when include_groups is set to true' do
|
|
44
|
+
subject { described_class.new({"name" => "a:b:c"}, include_groups: true) }
|
|
45
|
+
|
|
46
|
+
it 'includes the group id in the name' do
|
|
47
|
+
expect(subject.name).to eq("a:b")
|
|
48
|
+
end
|
|
49
|
+
end
|
|
50
|
+
|
|
43
51
|
context "when there are no real licenses" do
|
|
44
52
|
subject do
|
|
45
53
|
described_class.new(
|
|
@@ -2,8 +2,10 @@ require 'spec_helper'
|
|
|
2
2
|
|
|
3
3
|
module LicenseFinder
|
|
4
4
|
describe Gradle do
|
|
5
|
-
|
|
6
|
-
|
|
5
|
+
let(:options) { {} }
|
|
6
|
+
|
|
7
|
+
subject { Gradle.new(options.merge(project_path: Pathname('/fake/path'))) }
|
|
8
|
+
|
|
7
9
|
let(:content) { [] }
|
|
8
10
|
|
|
9
11
|
it_behaves_like 'a PackageManager'
|
|
@@ -42,6 +44,14 @@ module LicenseFinder
|
|
|
42
44
|
it 'lists all dependencies' do
|
|
43
45
|
expect(subject.current_packages.map(&:name)).to eq ['spring-aop', 'spring-core']
|
|
44
46
|
end
|
|
47
|
+
|
|
48
|
+
context 'when gradle group ids option is enabled' do
|
|
49
|
+
let(:options) { { gradle_include_groups: true } }
|
|
50
|
+
|
|
51
|
+
it 'lists the dependencies with the group id' do
|
|
52
|
+
expect(subject.current_packages.map(&:name)).to eq ['org.springframework:spring-aop', 'org.springframework:spring-core']
|
|
53
|
+
end
|
|
54
|
+
end
|
|
45
55
|
end
|
|
46
56
|
|
|
47
57
|
context 'when multiple licenses exist' do
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: license_finder
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.0.
|
|
4
|
+
version: 2.1.0.rc4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jacob Maine
|
|
@@ -20,7 +20,7 @@ authors:
|
|
|
20
20
|
autorequire:
|
|
21
21
|
bindir: bin
|
|
22
22
|
cert_chain: []
|
|
23
|
-
date: 2016-01-
|
|
23
|
+
date: 2016-01-27 00:00:00.000000000 Z
|
|
24
24
|
dependencies:
|
|
25
25
|
- !ruby/object:Gem::Dependency
|
|
26
26
|
name: bundler
|
|
@@ -79,35 +79,35 @@ dependencies:
|
|
|
79
79
|
- !ruby/object:Gem::Version
|
|
80
80
|
version: '0'
|
|
81
81
|
- !ruby/object:Gem::Dependency
|
|
82
|
-
name:
|
|
82
|
+
name: capybara
|
|
83
83
|
requirement: !ruby/object:Gem::Requirement
|
|
84
84
|
requirements:
|
|
85
|
-
- - "
|
|
85
|
+
- - "~>"
|
|
86
86
|
- !ruby/object:Gem::Version
|
|
87
|
-
version:
|
|
87
|
+
version: 2.0.0
|
|
88
88
|
type: :development
|
|
89
89
|
prerelease: false
|
|
90
90
|
version_requirements: !ruby/object:Gem::Requirement
|
|
91
91
|
requirements:
|
|
92
|
-
- - "
|
|
92
|
+
- - "~>"
|
|
93
93
|
- !ruby/object:Gem::Version
|
|
94
|
-
version:
|
|
94
|
+
version: 2.0.0
|
|
95
95
|
- !ruby/object:Gem::Dependency
|
|
96
|
-
name:
|
|
96
|
+
name: fakefs
|
|
97
97
|
requirement: !ruby/object:Gem::Requirement
|
|
98
98
|
requirements:
|
|
99
|
-
- - "
|
|
99
|
+
- - "~>"
|
|
100
100
|
- !ruby/object:Gem::Version
|
|
101
|
-
version:
|
|
101
|
+
version: 0.6.7
|
|
102
102
|
type: :development
|
|
103
103
|
prerelease: false
|
|
104
104
|
version_requirements: !ruby/object:Gem::Requirement
|
|
105
105
|
requirements:
|
|
106
|
-
- - "
|
|
106
|
+
- - "~>"
|
|
107
107
|
- !ruby/object:Gem::Version
|
|
108
|
-
version:
|
|
108
|
+
version: 0.6.7
|
|
109
109
|
- !ruby/object:Gem::Dependency
|
|
110
|
-
name:
|
|
110
|
+
name: pry
|
|
111
111
|
requirement: !ruby/object:Gem::Requirement
|
|
112
112
|
requirements:
|
|
113
113
|
- - ">="
|
|
@@ -121,7 +121,7 @@ dependencies:
|
|
|
121
121
|
- !ruby/object:Gem::Version
|
|
122
122
|
version: '0'
|
|
123
123
|
- !ruby/object:Gem::Dependency
|
|
124
|
-
name:
|
|
124
|
+
name: rake
|
|
125
125
|
requirement: !ruby/object:Gem::Requirement
|
|
126
126
|
requirements:
|
|
127
127
|
- - ">="
|
|
@@ -149,19 +149,19 @@ dependencies:
|
|
|
149
149
|
- !ruby/object:Gem::Version
|
|
150
150
|
version: '3'
|
|
151
151
|
- !ruby/object:Gem::Dependency
|
|
152
|
-
name:
|
|
152
|
+
name: rspec-its
|
|
153
153
|
requirement: !ruby/object:Gem::Requirement
|
|
154
154
|
requirements:
|
|
155
|
-
- - "
|
|
155
|
+
- - ">="
|
|
156
156
|
- !ruby/object:Gem::Version
|
|
157
|
-
version:
|
|
157
|
+
version: '0'
|
|
158
158
|
type: :development
|
|
159
159
|
prerelease: false
|
|
160
160
|
version_requirements: !ruby/object:Gem::Requirement
|
|
161
161
|
requirements:
|
|
162
|
-
- - "
|
|
162
|
+
- - ">="
|
|
163
163
|
- !ruby/object:Gem::Version
|
|
164
|
-
version:
|
|
164
|
+
version: '0'
|
|
165
165
|
- !ruby/object:Gem::Dependency
|
|
166
166
|
name: webmock
|
|
167
167
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -196,7 +196,7 @@ description: |2
|
|
|
196
196
|
those licenses against a user-defined whitelist, and give you an
|
|
197
197
|
actionable exception report.
|
|
198
198
|
email:
|
|
199
|
-
- commoncode@
|
|
199
|
+
- labs-commoncode@pivotal.io
|
|
200
200
|
executables:
|
|
201
201
|
- license_finder
|
|
202
202
|
- license_finder_pip.py
|
|
@@ -243,8 +243,10 @@ files:
|
|
|
243
243
|
- features/features/report/csv_spec.rb
|
|
244
244
|
- features/features/report/diff_spec.rb
|
|
245
245
|
- features/features/report/html_spec.rb
|
|
246
|
+
- features/features/report/java_groups_spec.rb
|
|
246
247
|
- features/features/report/subproject_spec.rb
|
|
247
248
|
- features/fixtures/Podfile
|
|
249
|
+
- features/fixtures/build.gradle
|
|
248
250
|
- features/fixtures/file-based-libs-gradle/build.gradle
|
|
249
251
|
- features/fixtures/file-based-libs-gradle/libs/data.json-0.2.3.jar
|
|
250
252
|
- features/fixtures/gopath/src/github.com/pivotal/foo/Godeps/Godeps.json
|