license_finder 2.1.0.rc4 → 2.1.0.rc5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (58) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +4 -1
  3. data/CHANGELOG.rdoc +17 -0
  4. data/features/features/report/composite_spec.rb +13 -0
  5. data/features/features/report/diff_spec.rb +8 -8
  6. data/features/features/report/subproject_spec.rb +3 -3
  7. data/features/fixtures/nuget/{packages/Microsoft.AspNet.Mvc.4.0.30506.0 → .nuget}/.keep +0 -0
  8. data/lib/license_finder/cli/main.rb +1 -1
  9. data/lib/license_finder/configuration.rb +2 -1
  10. data/lib/license_finder/license/definitions.rb +21 -0
  11. data/lib/license_finder/license/templates/MPL2.txt +373 -0
  12. data/lib/license_finder/package.rb +4 -0
  13. data/lib/license_finder/package_manager.rb +2 -1
  14. data/lib/license_finder/package_managers/bower_package.rb +4 -0
  15. data/lib/license_finder/package_managers/bundler_package.rb +4 -0
  16. data/lib/license_finder/package_managers/cocoa_pods_package.rb +4 -0
  17. data/lib/license_finder/package_managers/go_dep.rb +7 -1
  18. data/lib/license_finder/package_managers/go_package.rb +8 -6
  19. data/lib/license_finder/package_managers/go_vendor.rb +56 -0
  20. data/lib/license_finder/package_managers/go_workspace.rb +49 -14
  21. data/lib/license_finder/package_managers/gradle.rb +1 -1
  22. data/lib/license_finder/package_managers/gradle_package.rb +4 -0
  23. data/lib/license_finder/package_managers/maven_package.rb +4 -0
  24. data/lib/license_finder/package_managers/merged_package.rb +4 -0
  25. data/lib/license_finder/package_managers/npm_package.rb +4 -0
  26. data/lib/license_finder/package_managers/nuget.rb +16 -3
  27. data/lib/license_finder/package_managers/nuget_package.rb +3 -0
  28. data/lib/license_finder/package_managers/pip_package.rb +4 -0
  29. data/lib/license_finder/package_managers/rebar_package.rb +3 -0
  30. data/lib/license_finder/reports/csv_report.rb +5 -1
  31. data/lib/license_finder/reports/merged_report.rb +2 -1
  32. data/lib/license_finder/version.rb +1 -1
  33. data/license_finder.gemspec +1 -0
  34. data/{features/fixtures/nuget/packages/NUnit.2.6.4 → spec/fixtures/all_pms/.nuget}/.keep +0 -0
  35. data/spec/lib/license_finder/cli/main_spec.rb +10 -0
  36. data/spec/lib/license_finder/configuration_spec.rb +1 -1
  37. data/spec/lib/license_finder/license/definitions_spec.rb +12 -0
  38. data/spec/lib/license_finder/package_managers/bower_package_spec.rb +1 -0
  39. data/spec/lib/license_finder/package_managers/bundler_package_spec.rb +1 -0
  40. data/spec/lib/license_finder/package_managers/cocoa_pods_package_spec.rb +1 -0
  41. data/spec/lib/license_finder/package_managers/go_dep_spec.rb +29 -0
  42. data/spec/lib/license_finder/package_managers/go_package_spec.rb +33 -0
  43. data/spec/lib/license_finder/package_managers/go_vendor_spec.rb +99 -0
  44. data/spec/lib/license_finder/package_managers/go_workspace_spec.rb +186 -46
  45. data/spec/lib/license_finder/package_managers/gradle_package_spec.rb +1 -0
  46. data/spec/lib/license_finder/package_managers/gradle_spec.rb +2 -1
  47. data/spec/lib/license_finder/package_managers/maven_package_spec.rb +1 -0
  48. data/spec/lib/license_finder/package_managers/merged_package_spec.rb +5 -1
  49. data/spec/lib/license_finder/package_managers/npm_package_spec.rb +1 -0
  50. data/spec/lib/license_finder/package_managers/nuget_package_spec.rb +9 -0
  51. data/spec/lib/license_finder/package_managers/nuget_spec.rb +41 -0
  52. data/spec/lib/license_finder/package_managers/pip_package_spec.rb +1 -0
  53. data/spec/lib/license_finder/package_managers/rebar_package_spec.rb +1 -0
  54. data/spec/lib/license_finder/reports/csv_report_spec.rb +6 -0
  55. metadata +24 -8
  56. data/features/fixtures/nuget/packages/Ninject.MVC4.3.2.1.0/.keep +0 -0
  57. data/features/fixtures/nuget/packages/repositories.config +0 -6
  58. data/spec/fixtures/all_pms/packages/.keep +0 -0
@@ -143,6 +143,10 @@ module LicenseFinder
143
143
  LicenseFiles.find(install_path)
144
144
  end
145
145
 
146
+ def package_manager
147
+ "unknown"
148
+ end
149
+
146
150
  def missing?
147
151
  @missing
148
152
  end
@@ -13,7 +13,7 @@ module LicenseFinder
13
13
  #
14
14
  class PackageManager
15
15
  def self.package_managers
16
- [GoDep, GoWorkspace, Bundler, NPM, Pip, Bower, Maven, Gradle, CocoaPods, Rebar, Nuget]
16
+ [GoDep, GoWorkspace, GoVendor, Bundler, NPM, Pip, Bower, Maven, Gradle, CocoaPods, Rebar, Nuget]
17
17
  end
18
18
 
19
19
  def self.current_packages(options)
@@ -56,6 +56,7 @@ end
56
56
 
57
57
  require 'license_finder/package_managers/bower'
58
58
  require 'license_finder/package_managers/go_workspace'
59
+ require 'license_finder/package_managers/go_vendor'
59
60
  require 'license_finder/package_managers/go_dep'
60
61
  require 'license_finder/package_managers/bundler'
61
62
  require 'license_finder/package_managers/npm'
@@ -25,5 +25,9 @@ module LicenseFinder
25
25
  )
26
26
  )
27
27
  end
28
+
29
+ def package_manager
30
+ 'Bower'
31
+ end
28
32
  end
29
33
  end
@@ -19,5 +19,9 @@ module LicenseFinder
19
19
  )
20
20
  )
21
21
  end
22
+
23
+ def package_manager
24
+ 'Bundler'
25
+ end
22
26
  end
23
27
  end
@@ -8,5 +8,9 @@ module LicenseFinder
8
8
  def licenses_from_spec
9
9
  [@license].compact
10
10
  end
11
+
12
+ def package_manager
13
+ 'CocoaPods'
14
+ end
11
15
  end
12
16
  end
@@ -10,7 +10,13 @@ module LicenseFinder
10
10
 
11
11
  def current_packages
12
12
  json = JSON.parse(package_path.read)
13
- json['Deps'].map { |dep| GoPackage.from_dependency(dep, install_prefix, @full_version) }
13
+ # godep includes subpackages as a seperate dependency, we can de-dup that
14
+ deps = json['Deps'].each do |d|
15
+ next unless d['ImportPath'].include?('github.com')
16
+
17
+ d['ImportPath'] = d['ImportPath'].split('/')[0..2].join('/')
18
+ end
19
+ deps.uniq.map { |dep| GoPackage.from_dependency(dep, install_prefix, @full_version) }
14
20
  end
15
21
 
16
22
  def package_path
@@ -1,13 +1,15 @@
1
1
  module LicenseFinder
2
2
  class GoPackage < Package
3
- def self.from_workspace(name, path)
4
- LicenseFinder::Package.new(name, 'unknown', {install_path: install_path(path)})
5
- end
6
-
7
- def self.from_dependency(hash, prefix,full_version)
3
+ def self.from_dependency(hash, prefix, full_version)
8
4
  name = hash['ImportPath']
5
+ install_path = hash['InstallPath']
6
+ install_path ||= install_path(prefix.join(name))
9
7
  version = full_version ? hash['Rev'] : hash['Rev'][0..6]
10
- LicenseFinder::Package.new(name, version, {install_path: install_path(prefix.join(name))})
8
+ self.new(name, version, {install_path: install_path, package_manager: "Go" })
9
+ end
10
+
11
+ def package_manager
12
+ "Go"
11
13
  end
12
14
 
13
15
  private
@@ -0,0 +1,56 @@
1
+ require 'json'
2
+
3
+ module LicenseFinder
4
+ class GoVendor < PackageManager
5
+
6
+ def initialize(options={})
7
+ super
8
+ @full_version = options[:go_full_version]
9
+ end
10
+
11
+ def active?
12
+ !Dir[project_path.join("**/*.go")].empty? && package_path.exist?
13
+ end
14
+
15
+ def package_path
16
+ project_path.join("vendor")
17
+ end
18
+
19
+ def project_sha
20
+ @project_sha ||= Dir.chdir(project_path) do
21
+ val = capture('git rev-list --max-count 1 HEAD')
22
+ raise 'git rev-list failed' unless val.last
23
+ val.first.strip
24
+ end
25
+ end
26
+
27
+ def current_packages
28
+ deps = go_list
29
+ vendored_deps = deps.select { |dep| package_path.join(dep).exist? }
30
+ vendored_deps.map do |dep|
31
+ GoPackage.from_dependency({
32
+ 'ImportPath' => dep,
33
+ 'InstallPath' => package_path.join(dep),
34
+ 'Rev' => 'vendored-' + project_sha
35
+ }, nil, true)
36
+ end
37
+ end
38
+
39
+
40
+ def go_list
41
+ Dir.chdir(project_path) do
42
+ # avoid checking canonical import path. some projects uses
43
+ # non-canonical import path and rely on the fact that the deps are
44
+ # checked in. Canonical paths are only checked by `go get'. We
45
+ # discovered that `go list' will print a warning and unfortunately exit
46
+ # with status code 1. Setting GOPATH to nil removes those warnings.
47
+ ENV['GOPATH'] = nil
48
+ val = capture('go list -f \'{{join .Deps "\n"}}\' ./...')
49
+ return [] unless val.last
50
+ # Select non-standard packages. Standard packages tend to be short
51
+ # and have less than two slashes
52
+ val.first.lines.map(&:strip).select { |l| l.split("/").length > 2 }.map { |l| l.split("/")[0..2].join("/") }.uniq
53
+ end
54
+ end
55
+ end
56
+ end
@@ -2,7 +2,7 @@ require 'json'
2
2
 
3
3
  module LicenseFinder
4
4
  class GoWorkspace < PackageManager
5
- Submodule = Struct.new :path, :revision
5
+ Submodule = Struct.new :install_path, :revision
6
6
 
7
7
  def initialize(options={})
8
8
  super
@@ -10,36 +10,71 @@ module LicenseFinder
10
10
  end
11
11
 
12
12
  def current_packages
13
- submodules.map do |submodule|
14
- import_path = Pathname.new(submodule.path).relative_path_from(project_src)
15
- GoPackage.from_dependency({'ImportPath' => import_path.to_s, 'Rev' => submodule.revision}, project_src, @full_version)
16
- end
13
+ go_list_packages = go_list
14
+ git_modules.map do |submodule|
15
+ import_path = go_list_packages.select { |gp|
16
+ submodule.install_path =~ /#{repo_name(gp)}$/
17
+ }.first
18
+ if import_path then
19
+ GoPackage.from_dependency({
20
+ 'ImportPath' => repo_name(import_path),
21
+ 'InstallPath' => submodule.install_path,
22
+ 'Rev' => submodule.revision
23
+ }, nil, @full_version)
24
+ end
25
+ end.compact
17
26
  end
18
27
 
19
28
  def package_path
20
- project_path.join('.envrc')
29
+ envrc_path.dirname
21
30
  end
22
31
 
23
32
  def active?
24
- active = package_path.exist? && IO.read(package_path).include?('GOPATH')
33
+ go_dep = LicenseFinder::GoDep.new({project_path: Pathname(project_path), logger: logger})
34
+ return if go_dep.package_path.exist?
35
+ active = !!envrc_path && IO.read(envrc_path).include?('GOPATH')
25
36
  active.tap { |is_active| logger.active self.class, is_active }
26
37
  end
27
38
 
28
39
  private
29
40
 
41
+ def repo_name import_path
42
+ import_path.split("/")[0..2].join("/")
43
+ end
44
+
30
45
  def project_src
31
46
  project_path.join('src')
32
47
  end
33
48
 
34
- def submodules
35
- output = Dir.chdir(project_path) do |d|
49
+ def envrc_path
50
+ p = Pathname.new project_path
51
+ 4.times.reduce([p]) { |memo, _| memo << memo.last.parent }.map { |p| p.join('.envrc') }.select(&:exist?).first
52
+ end
53
+
54
+ def go_list
55
+ Dir.chdir(project_path) do
56
+ # avoid checking canonical import path. some projects uses
57
+ # non-canonical import path and rely on the fact that the deps are
58
+ # checked in. Canonical paths are only checked by `go get'. We
59
+ # discovered that `go list' will print a warning and unfortunately exit
60
+ # with status code 1. Setting GOPATH to nil removes those warnings.
61
+ ENV['GOPATH'] = nil
62
+ val = capture('go list -f \'{{join .Deps "\n"}}\' ./...')
63
+ raise 'go list failed' unless val.last
64
+ # Select non-standard packages. Standard packages tend to be short
65
+ # and have less than two slashes
66
+ val.first.lines.map(&:strip).select { |l| l.split("/").length > 2 }
67
+ end
68
+ end
69
+
70
+ def git_modules
71
+ Dir.chdir(package_path) do |d|
36
72
  result = capture('git submodule status')
37
73
  raise 'git submodule status failed' unless result[1]
38
- result.first
39
- end
40
- output.lines.map do |gitmodule|
41
- columns = gitmodule.split.map(&:strip)
42
- Submodule.new File.join(project_path,columns[1]), columns[0]
74
+ result.first.lines.map do |l|
75
+ columns = l.split.map(&:strip)
76
+ Submodule.new File.join(package_path, columns[1]), columns[0]
77
+ end
43
78
  end
44
79
  end
45
80
  end
@@ -5,7 +5,7 @@ module LicenseFinder
5
5
  class Gradle < PackageManager
6
6
  def initialize(options={})
7
7
  super
8
- @command = options[:gradle_command] || 'gradle'
8
+ @command = options[:gradle_command] || 'gradle --console plain'
9
9
  @include_groups = options[:gradle_include_groups]
10
10
  end
11
11
 
@@ -16,5 +16,9 @@ module LicenseFinder
16
16
 
17
17
  super(name, version, options.merge(spec_licenses: licenses))
18
18
  end
19
+
20
+ def package_manager
21
+ 'Gradle'
22
+ end
19
23
  end
20
24
  end
@@ -9,5 +9,9 @@ module LicenseFinder
9
9
  )
10
10
  )
11
11
  end
12
+
13
+ def package_manager
14
+ 'Maven'
15
+ end
12
16
  end
13
17
  end
@@ -20,6 +20,10 @@ module LicenseFinder
20
20
  dependency.licenses
21
21
  end
22
22
 
23
+ def install_path
24
+ dependency.install_path
25
+ end
26
+
23
27
  def subproject_paths
24
28
  @subproject_paths.map { |p| p.expand_path.to_s }
25
29
  end
@@ -13,5 +13,9 @@ module LicenseFinder
13
13
  )
14
14
  )
15
15
  end
16
+
17
+ def package_manager
18
+ 'Npm'
19
+ end
16
20
  end
17
21
  end
@@ -1,13 +1,14 @@
1
1
  require "rexml/document"
2
+ require 'zip'
2
3
 
3
4
  module LicenseFinder
4
5
  class Nuget < PackageManager
5
6
  def package_path
6
- project_path.join('packages')
7
+ project_path.join('.nuget')
7
8
  end
8
9
 
9
10
  def assemblies
10
- Dir[project_path.join("**", "packages.config")].map do |d|
11
+ Dir.glob(project_path.join("**", "packages.config"), File::FNM_DOTMATCH).map do |d|
11
12
  path = Pathname.new(d).dirname
12
13
  name = path.basename.to_s
13
14
  Assembly.new path, name
@@ -16,12 +17,24 @@ module LicenseFinder
16
17
 
17
18
  def current_packages
18
19
  dependencies.reduce({}) do |memo, dep|
19
- memo[dep.name] ||= NugetPackage.new(dep.name, dep.version)
20
+ licenses = license_urls(dep)
21
+ memo[dep.name] ||= NugetPackage.new(dep.name, dep.version, spec_licenses: licenses)
20
22
  memo[dep.name].groups << dep.assembly if !memo[dep.name].groups.include? dep.assembly
21
23
  memo
22
24
  end.values
23
25
  end
24
26
 
27
+ def license_urls dep
28
+ files = Dir["**/#{dep.name}.#{dep.version}.nupkg"]
29
+ return nil if files.empty?
30
+ file = files.first
31
+ Zip::File.open file do |zipfile|
32
+ content = zipfile.read(dep.name + ".nuspec")
33
+ xml = REXML::Document.new(content)
34
+ REXML::XPath.match(xml,"//metadata//licenseUrl").map(&:get_text)
35
+ end
36
+ end
37
+
25
38
  def dependencies
26
39
  assemblies.flat_map(&:dependencies)
27
40
  end
@@ -1,4 +1,7 @@
1
1
  module LicenseFinder
2
2
  class NugetPackage < Package
3
+ def package_manager
4
+ 'Nuget'
5
+ end
3
6
  end
4
7
  end
@@ -27,5 +27,9 @@ module LicenseFinder
27
27
  )
28
28
  )
29
29
  end
30
+
31
+ def package_manager
32
+ 'Pip'
33
+ end
30
34
  end
31
35
  end
@@ -1,4 +1,7 @@
1
1
  module LicenseFinder
2
2
  class RebarPackage < Package
3
+ def package_manager
4
+ 'Rebar'
5
+ end
3
6
  end
4
7
  end
@@ -3,7 +3,7 @@ require 'csv'
3
3
  module LicenseFinder
4
4
  class CsvReport < Report
5
5
  COMMA_SEP = ","
6
- AVAILABLE_COLUMNS = %w[name version authors licenses approved summary description homepage install_path]
6
+ AVAILABLE_COLUMNS = %w[name version authors licenses approved summary description homepage install_path package_manager]
7
7
  MISSING_DEPENDENCY_TEXT = "This package is not installed. Please install to determine licenses."
8
8
 
9
9
  def initialize(dependencies, options)
@@ -66,5 +66,9 @@ module LicenseFinder
66
66
  def format_install_path(dep)
67
67
  dep.install_path
68
68
  end
69
+
70
+ def format_package_manager(dep)
71
+ dep.package_manager
72
+ end
69
73
  end
70
74
  end
@@ -3,7 +3,8 @@ module LicenseFinder
3
3
  AVAILABLE_COLUMNS = AVAILABLE_COLUMNS + ['subproject_paths']
4
4
 
5
5
  def initialize(dependencies, options = {})
6
- super(dependencies, options.merge(columns: %w(name version licenses subproject_paths)))
6
+ options[:columns] ||= %w(name version licenses subproject_paths)
7
+ super(dependencies, options)
7
8
  end
8
9
 
9
10
  def format_subproject_paths(merged_dep)
@@ -1,3 +1,3 @@
1
1
  module LicenseFinder
2
- VERSION = "2.1.0.rc4"
2
+ VERSION = "2.1.0.rc5"
3
3
  end
@@ -46,6 +46,7 @@ Gem::Specification.new do |s|
46
46
  s.add_development_dependency "capybara", "~> 2.0.0"
47
47
  s.add_development_dependency "cocoapods", "0.34.0" if LicenseFinder::Platform.darwin?
48
48
  s.add_development_dependency "fakefs", "~> 0.6.7"
49
+ s.add_development_dependency "rubyzip"
49
50
  s.add_development_dependency "pry"
50
51
  s.add_development_dependency "rake"
51
52
  s.add_development_dependency "rspec", "~> 3"
@@ -94,6 +94,16 @@ module LicenseFinder
94
94
  expect(report).to eq "one dependency,1.1\n"
95
95
  end
96
96
 
97
+ context 'when the package is a nuget package' do
98
+ let(:packages) { [NugetPackage.new('one dependency', "1.1")] }
99
+
100
+ it "will includes package_manager for csv report" do
101
+ subject.options = {format: 'csv', columns: ['name', 'version', 'package_manager']}
102
+
103
+ expect(report).to eq "one dependency,1.1,Nuget\n"
104
+ end
105
+ end
106
+
97
107
  context "in html reports" do
98
108
  before do
99
109
  subject.options = {format: 'html'}