license_finder 2.1.0.rc4 → 2.1.0.rc5

data/lib/license_finder/package.rb

@@ -143,6 +143,10 @@ module LicenseFinder
       LicenseFiles.find(install_path)
     end
 
+    def package_manager
+      "unknown"
+    end
+
     def missing?
       @missing
     end

data/lib/license_finder/package_manager.rb

@@ -13,7 +13,7 @@ module LicenseFinder
   #
   class PackageManager
     def self.package_managers
-      [GoDep, GoWorkspace, Bundler, NPM, Pip, Bower, Maven, Gradle, CocoaPods, Rebar, Nuget]
+      [GoDep, GoWorkspace, GoVendor, Bundler, NPM, Pip, Bower, Maven, Gradle, CocoaPods, Rebar, Nuget]
     end
 
     def self.current_packages(options)
@@ -56,6 +56,7 @@ end
 
 require 'license_finder/package_managers/bower'
 require 'license_finder/package_managers/go_workspace'
+require 'license_finder/package_managers/go_vendor'
 require 'license_finder/package_managers/go_dep'
 require 'license_finder/package_managers/bundler'
 require 'license_finder/package_managers/npm'

data/lib/license_finder/package_managers/bower_package.rb

@@ -25,5 +25,9 @@ module LicenseFinder
         )
       )
     end
+
+    def package_manager
+      'Bower'
+    end
   end
 end

data/lib/license_finder/package_managers/bundler_package.rb

@@ -19,5 +19,9 @@ module LicenseFinder
         )
       )
     end
+
+    def package_manager
+      'Bundler'
+    end
   end
 end

data/lib/license_finder/package_managers/cocoa_pods_package.rb

@@ -8,5 +8,9 @@ module LicenseFinder
     def licenses_from_spec
       [@license].compact
     end
+
+    def package_manager
+      'CocoaPods'
+    end
   end
 end

data/lib/license_finder/package_managers/go_dep.rb

@@ -10,7 +10,13 @@ module LicenseFinder
 
     def current_packages
       json = JSON.parse(package_path.read)
-      json['Deps'].map { |dep| GoPackage.from_dependency(dep, install_prefix, @full_version) }
+      # godep includes subpackages as a seperate dependency, we can de-dup that
+      deps = json['Deps'].each do |d|
+        next unless d['ImportPath'].include?('github.com')
+
+        d['ImportPath'] = d['ImportPath'].split('/')[0..2].join('/')
+      end
+      deps.uniq.map { |dep| GoPackage.from_dependency(dep, install_prefix, @full_version) }
     end
 
     def package_path

data/lib/license_finder/package_managers/go_package.rb

@@ -1,13 +1,15 @@
 module LicenseFinder
   class GoPackage < Package
-    def self.from_workspace(name, path)
-      LicenseFinder::Package.new(name, 'unknown', {install_path: install_path(path)})
-    end
-
-    def self.from_dependency(hash, prefix,full_version)
+    def self.from_dependency(hash, prefix, full_version)
       name = hash['ImportPath']
+      install_path = hash['InstallPath']
+      install_path ||= install_path(prefix.join(name))
       version = full_version ? hash['Rev'] : hash['Rev'][0..6]
-      LicenseFinder::Package.new(name, version, {install_path: install_path(prefix.join(name))})
+      self.new(name, version, {install_path: install_path, package_manager: "Go" })
+    end
+
+    def package_manager
+      "Go"
     end
 
     private

data/lib/license_finder/package_managers/go_vendor.rb

@@ -0,0 +1,56 @@
+require 'json'
+
+module LicenseFinder
+  class GoVendor < PackageManager
+
+    def initialize(options={})
+      super
+      @full_version = options[:go_full_version]
+    end
+
+    def active?
+      !Dir[project_path.join("**/*.go")].empty? && package_path.exist?
+    end
+
+    def package_path
+      project_path.join("vendor")
+    end
+
+    def project_sha
+      @project_sha ||= Dir.chdir(project_path) do
+        val = capture('git rev-list --max-count 1 HEAD')
+        raise 'git rev-list failed' unless val.last
+        val.first.strip
+      end
+    end
+
+    def current_packages
+      deps = go_list
+      vendored_deps = deps.select { |dep| package_path.join(dep).exist? }
+      vendored_deps.map do |dep|
+        GoPackage.from_dependency({
+                                   'ImportPath' => dep,
+                                   'InstallPath' => package_path.join(dep),
+                                   'Rev' => 'vendored-' + project_sha
+                                  }, nil, true)
+      end
+    end
+
+
+    def go_list
+      Dir.chdir(project_path) do
+        # avoid checking canonical import path. some projects uses
+        # non-canonical import path and rely on the fact that the deps are
+        # checked in. Canonical paths are only checked by `go get'. We
+        # discovered that `go list' will print a warning and unfortunately exit
+        # with status code 1. Setting GOPATH to nil removes those warnings.
+        ENV['GOPATH'] = nil
+        val = capture('go list -f \'{{join .Deps "\n"}}\' ./...')
+        return [] unless val.last
+        # Select non-standard packages. Standard packages tend to be short
+        # and have less than two slashes
+        val.first.lines.map(&:strip).select { |l| l.split("/").length > 2 }.map { |l| l.split("/")[0..2].join("/") }.uniq
+      end
+    end
+  end
+end

data/lib/license_finder/package_managers/go_workspace.rb

@@ -2,7 +2,7 @@ require 'json'
 
 module LicenseFinder
   class GoWorkspace < PackageManager
-    Submodule = Struct.new :path, :revision
+    Submodule = Struct.new :install_path, :revision
 
     def initialize(options={})
       super
@@ -10,36 +10,71 @@ module LicenseFinder
     end
 
     def current_packages
-      submodules.map do |submodule|
-        import_path = Pathname.new(submodule.path).relative_path_from(project_src)
-        GoPackage.from_dependency({'ImportPath' => import_path.to_s, 'Rev' => submodule.revision}, project_src, @full_version)
-      end
+      go_list_packages = go_list
+      git_modules.map do |submodule|
+        import_path = go_list_packages.select { |gp|
+          submodule.install_path =~ /#{repo_name(gp)}$/
+        }.first
+        if import_path then
+          GoPackage.from_dependency({
+                                     'ImportPath' => repo_name(import_path),
+                                     'InstallPath' => submodule.install_path,
+                                     'Rev' => submodule.revision
+                                    }, nil, @full_version)
+        end
+      end.compact
     end
 
     def package_path
-      project_path.join('.envrc')
+      envrc_path.dirname
     end
 
     def active?
-      active = package_path.exist? && IO.read(package_path).include?('GOPATH')
+      go_dep = LicenseFinder::GoDep.new({project_path: Pathname(project_path), logger: logger})
+      return if go_dep.package_path.exist?
+      active = !!envrc_path && IO.read(envrc_path).include?('GOPATH')
       active.tap { |is_active| logger.active self.class, is_active }
     end
 
     private
 
+    def repo_name import_path
+      import_path.split("/")[0..2].join("/")
+    end
+
     def project_src
       project_path.join('src')
     end
 
-    def submodules
-      output = Dir.chdir(project_path) do |d|
+    def envrc_path
+      p = Pathname.new project_path
+      4.times.reduce([p]) { |memo, _| memo << memo.last.parent }.map { |p| p.join('.envrc') }.select(&:exist?).first
+    end
+
+    def go_list
+      Dir.chdir(project_path) do
+        # avoid checking canonical import path. some projects uses
+        # non-canonical import path and rely on the fact that the deps are
+        # checked in. Canonical paths are only checked by `go get'. We
+        # discovered that `go list' will print a warning and unfortunately exit
+        # with status code 1. Setting GOPATH to nil removes those warnings.
+        ENV['GOPATH'] = nil
+        val = capture('go list -f \'{{join .Deps "\n"}}\' ./...')
+        raise 'go list failed' unless val.last
+        # Select non-standard packages. Standard packages tend to be short
+        # and have less than two slashes
+        val.first.lines.map(&:strip).select { |l| l.split("/").length > 2 }
+      end
+    end
+
+    def git_modules
+      Dir.chdir(package_path) do |d|
         result = capture('git submodule status')
         raise 'git submodule status failed' unless result[1]
-        result.first
-      end
-      output.lines.map do |gitmodule|
-        columns = gitmodule.split.map(&:strip)
-        Submodule.new File.join(project_path,columns[1]), columns[0]
+        result.first.lines.map do |l|
+          columns = l.split.map(&:strip)
+          Submodule.new File.join(package_path, columns[1]), columns[0]
+        end
       end
     end
   end

data/lib/license_finder/package_managers/gradle.rb

@@ -5,7 +5,7 @@ module LicenseFinder
   class Gradle < PackageManager
     def initialize(options={})
       super
-      @command = options[:gradle_command] || 'gradle'
+      @command = options[:gradle_command] || 'gradle --console plain'
       @include_groups = options[:gradle_include_groups]
     end
 

data/lib/license_finder/package_managers/gradle_package.rb

@@ -16,5 +16,9 @@ module LicenseFinder
 
       super(name, version, options.merge(spec_licenses: licenses))
     end
+
+    def package_manager
+      'Gradle'
+    end
   end
 end

data/lib/license_finder/package_managers/maven_package.rb

@@ -9,5 +9,9 @@ module LicenseFinder
         )
       )
     end
+
+    def package_manager
+      'Maven'
+    end
   end
 end

data/lib/license_finder/package_managers/merged_package.rb

@@ -20,6 +20,10 @@ module LicenseFinder
       dependency.licenses
     end
 
+    def install_path
+      dependency.install_path
+    end
+
     def subproject_paths
       @subproject_paths.map { |p| p.expand_path.to_s }
     end

data/lib/license_finder/package_managers/npm_package.rb

@@ -13,5 +13,9 @@ module LicenseFinder
         )
       )
     end
+
+    def package_manager
+      'Npm'
+    end
   end
 end

data/lib/license_finder/package_managers/nuget.rb

@@ -1,13 +1,14 @@
 require "rexml/document"
+require 'zip'
 
 module LicenseFinder
   class Nuget < PackageManager
     def package_path
-      project_path.join('packages')
+      project_path.join('.nuget')
     end
 
     def assemblies
-      Dir[project_path.join("**", "packages.config")].map do |d|
+      Dir.glob(project_path.join("**", "packages.config"), File::FNM_DOTMATCH).map do |d|
         path = Pathname.new(d).dirname
         name = path.basename.to_s
         Assembly.new path, name
@@ -16,12 +17,24 @@ module LicenseFinder
 
     def current_packages
       dependencies.reduce({}) do |memo, dep|
-        memo[dep.name] ||= NugetPackage.new(dep.name, dep.version)
+        licenses = license_urls(dep)
+        memo[dep.name] ||= NugetPackage.new(dep.name, dep.version, spec_licenses: licenses)
         memo[dep.name].groups << dep.assembly if !memo[dep.name].groups.include? dep.assembly
         memo
       end.values
     end
 
+    def license_urls dep
+      files = Dir["**/#{dep.name}.#{dep.version}.nupkg"]
+      return nil if files.empty?
+      file = files.first
+      Zip::File.open file do |zipfile|
+        content = zipfile.read(dep.name + ".nuspec")
+        xml = REXML::Document.new(content)
+        REXML::XPath.match(xml,"//metadata//licenseUrl").map(&:get_text)
+      end
+    end
+
     def dependencies
       assemblies.flat_map(&:dependencies)
     end

data/lib/license_finder/package_managers/nuget_package.rb

@@ -1,4 +1,7 @@
 module LicenseFinder
   class NugetPackage < Package
+    def package_manager
+      'Nuget'
+    end
   end
 end

data/lib/license_finder/package_managers/pip_package.rb

@@ -27,5 +27,9 @@ module LicenseFinder
         )
       )
     end
+
+    def package_manager
+      'Pip'
+    end
   end
 end

data/lib/license_finder/package_managers/rebar_package.rb

@@ -1,4 +1,7 @@
 module LicenseFinder
   class RebarPackage < Package
+    def package_manager
+      'Rebar'
+    end
   end
 end

data/lib/license_finder/reports/csv_report.rb

@@ -3,7 +3,7 @@ require 'csv'
 module LicenseFinder
   class CsvReport < Report
     COMMA_SEP =  ","
-    AVAILABLE_COLUMNS = %w[name version authors licenses approved summary description homepage install_path]
+    AVAILABLE_COLUMNS = %w[name version authors licenses approved summary description homepage install_path package_manager]
     MISSING_DEPENDENCY_TEXT = "This package is not installed. Please install to determine licenses."
 
     def initialize(dependencies, options)
@@ -66,5 +66,9 @@ module LicenseFinder
     def format_install_path(dep)
       dep.install_path
     end
+
+    def format_package_manager(dep)
+      dep.package_manager
+    end
   end
 end

data/lib/license_finder/reports/merged_report.rb

@@ -3,7 +3,8 @@ module LicenseFinder
     AVAILABLE_COLUMNS = AVAILABLE_COLUMNS + ['subproject_paths']
 
     def initialize(dependencies, options = {})
-      super(dependencies, options.merge(columns: %w(name version licenses subproject_paths)))
+      options[:columns] ||= %w(name version licenses subproject_paths)
+      super(dependencies, options)
     end
 
     def format_subproject_paths(merged_dep)

data/lib/license_finder/version.rb

@@ -1,3 +1,3 @@
 module LicenseFinder
-  VERSION = "2.1.0.rc4"
+  VERSION = "2.1.0.rc5"
 end

data/license_finder.gemspec

@@ -46,6 +46,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency "capybara", "~> 2.0.0"
   s.add_development_dependency "cocoapods", "0.34.0" if LicenseFinder::Platform.darwin?
   s.add_development_dependency "fakefs", "~> 0.6.7"
+  s.add_development_dependency "rubyzip"
   s.add_development_dependency "pry"
   s.add_development_dependency "rake"
   s.add_development_dependency "rspec", "~> 3"

data/spec/lib/license_finder/cli/main_spec.rb

@@ -94,6 +94,16 @@ module LicenseFinder
           expect(report).to eq "one dependency,1.1\n"
         end
 
+        context 'when the package is a nuget package' do
+          let(:packages) { [NugetPackage.new('one dependency', "1.1")] }
+
+          it "will includes package_manager for csv report" do
+            subject.options = {format: 'csv', columns: ['name', 'version', 'package_manager']}
+
+            expect(report).to eq "one dependency,1.1,Nuget\n"
+          end
+        end
+
         context "in html reports" do
           before do
             subject.options = {format: 'html'}