license_finder 2.1.2 → 3.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +1 -0
- data/CHANGELOG.md +29 -0
- data/CONTRIBUTING.md +28 -3
- data/Dockerfile +82 -0
- data/README.md +11 -2
- data/Rakefile +27 -0
- data/appveyor.yml +21 -0
- data/bin/license_finder_pip.py +1 -1
- data/ci/pipelines/pipeline.yml.erb +78 -0
- data/ci/scripts/test.sh +27 -0
- data/ci/tasks/build.yml +16 -0
- data/features/features/package_managers/gradle_spec.rb +6 -0
- data/features/features/package_managers/maven_spec.rb +9 -0
- data/features/features/report/diff_spec.rb +26 -23
- data/features/fixtures/alternate-build-file-gradle/build-alt.gradle +26 -0
- data/features/fixtures/alternate-build-file-gradle/settings.gradle +1 -0
- data/features/fixtures/file-based-libs-gradle/build.gradle +1 -1
- data/features/fixtures/gradle-wrapper/build.gradle +26 -0
- data/features/fixtures/gradle-wrapper/gradlew +3 -0
- data/features/fixtures/gradle-wrapper/gradlew.bat +1 -0
- data/features/fixtures/maven-wrapper/mvnw +3 -0
- data/features/fixtures/maven-wrapper/mvnw.cmd +7 -0
- data/features/fixtures/maven-wrapper/pom.xml +37 -0
- data/features/support/testing_dsl.rb +12 -5
- data/lib/license_finder/cli/base.rb +1 -0
- data/lib/license_finder/cli/main.rb +2 -1
- data/lib/license_finder/configuration.rb +6 -13
- data/lib/license_finder/core.rb +2 -1
- data/lib/license_finder/diff.rb +4 -4
- data/lib/license_finder/package.rb +5 -3
- data/lib/license_finder/package_delta.rb +2 -5
- data/lib/license_finder/package_managers/bower.rb +1 -1
- data/lib/license_finder/package_managers/bundler.rb +4 -4
- data/lib/license_finder/package_managers/go_dep.rb +21 -4
- data/lib/license_finder/package_managers/go_package.rb +2 -1
- data/lib/license_finder/package_managers/go_vendor.rb +21 -7
- data/lib/license_finder/package_managers/go_workspace.rb +18 -11
- data/lib/license_finder/package_managers/gradle.rb +42 -15
- data/lib/license_finder/package_managers/maven.rb +31 -17
- data/lib/license_finder/package_managers/maven_dependency_finder.rb +13 -0
- data/lib/license_finder/package_managers/maven_package.rb +6 -1
- data/lib/license_finder/package_managers/npm.rb +4 -4
- data/lib/license_finder/package_managers/rebar.rb +1 -1
- data/lib/license_finder/reports/csv_report.rb +5 -1
- data/lib/license_finder/reports/diff_report.rb +3 -7
- data/lib/license_finder/reports/text_report.rb +6 -1
- data/lib/license_finder/version.rb +1 -1
- data/license_finder.gemspec +6 -0
- data/spec/lib/license_finder/configuration_spec.rb +0 -8
- data/spec/lib/license_finder/core_spec.rb +2 -1
- data/spec/lib/license_finder/diff_spec.rb +50 -27
- data/spec/lib/license_finder/package_managers/bower_spec.rb +1 -1
- data/spec/lib/license_finder/package_managers/bundler_spec.rb +1 -1
- data/spec/lib/license_finder/package_managers/go_dep_spec.rb +14 -1
- data/spec/lib/license_finder/package_managers/go_vendor_spec.rb +23 -2
- data/spec/lib/license_finder/package_managers/go_workspace_spec.rb +23 -7
- data/spec/lib/license_finder/package_managers/gradle_spec.rb +55 -2
- data/spec/lib/license_finder/package_managers/maven_package_spec.rb +16 -3
- data/spec/lib/license_finder/package_managers/maven_spec.rb +56 -4
- data/spec/lib/license_finder/package_managers/merged_package_spec.rb +8 -4
- data/spec/lib/license_finder/package_spec.rb +4 -1
- data/spec/lib/license_finder/reports/csv_report_spec.rb +8 -0
- data/spec/lib/license_finder/reports/diff_report_spec.rb +5 -5
- data/spec/lib/license_finder/reports/text_report_spec.rb +5 -0
- metadata +218 -9
- data/.travis.yml +0 -37
- data/.travis/install_bower.sh +0 -5
- data/.travis/install_godep.sh +0 -6
- data/.travis/install_gradle.sh +0 -12
- data/.travis/install_rebar.sh +0 -14
@@ -0,0 +1,26 @@
|
|
1
|
+
apply plugin: 'java'
|
2
|
+
|
3
|
+
sourceCompatibility = 1.5
|
4
|
+
version = '1.0'
|
5
|
+
|
6
|
+
repositories {
|
7
|
+
mavenCentral()
|
8
|
+
}
|
9
|
+
|
10
|
+
dependencies {
|
11
|
+
compile group: 'junit', name: 'junit', version: '4.11'
|
12
|
+
}
|
13
|
+
|
14
|
+
buildscript {
|
15
|
+
repositories {
|
16
|
+
maven {
|
17
|
+
url 'https://plugins.gradle.org/m2/'
|
18
|
+
}
|
19
|
+
}
|
20
|
+
|
21
|
+
dependencies {
|
22
|
+
classpath 'gradle.plugin.nl.javadude.gradle.plugins:license-gradle-plugin:0.12.1'
|
23
|
+
}
|
24
|
+
}
|
25
|
+
|
26
|
+
apply plugin: 'license'
|
@@ -0,0 +1 @@
|
|
1
|
+
rootProject.buildFileName = 'build-alt.gradle'
|
@@ -0,0 +1,26 @@
|
|
1
|
+
apply plugin: 'java'
|
2
|
+
|
3
|
+
sourceCompatibility = 1.5
|
4
|
+
version = '1.0'
|
5
|
+
|
6
|
+
repositories {
|
7
|
+
mavenCentral()
|
8
|
+
}
|
9
|
+
|
10
|
+
dependencies {
|
11
|
+
compile group: 'junit', name: 'junit', version: '4.11'
|
12
|
+
}
|
13
|
+
|
14
|
+
buildscript {
|
15
|
+
repositories {
|
16
|
+
maven {
|
17
|
+
url 'https://plugins.gradle.org/m2/'
|
18
|
+
}
|
19
|
+
}
|
20
|
+
|
21
|
+
dependencies {
|
22
|
+
classpath 'gradle.plugin.nl.javadude.gradle.plugins:license-gradle-plugin:0.12.1'
|
23
|
+
}
|
24
|
+
}
|
25
|
+
|
26
|
+
apply plugin: 'license'
|
@@ -0,0 +1 @@
|
|
1
|
+
@call gradle.bat
|
@@ -0,0 +1,37 @@
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
2
|
+
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
3
|
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
4
|
+
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
|
5
|
+
<modelVersion>4.0.0</modelVersion>
|
6
|
+
|
7
|
+
<groupId>dummy</groupId>
|
8
|
+
<artifactId>dummy</artifactId>
|
9
|
+
<version>1.0-SNAPSHOT</version>
|
10
|
+
|
11
|
+
<dependencies>
|
12
|
+
<dependency>
|
13
|
+
<groupId>junit</groupId>
|
14
|
+
<artifactId>junit</artifactId>
|
15
|
+
<version>4.11</version>
|
16
|
+
<scope>test</scope>
|
17
|
+
</dependency>
|
18
|
+
</dependencies>
|
19
|
+
|
20
|
+
<build>
|
21
|
+
<plugins>
|
22
|
+
<plugin>
|
23
|
+
<groupId>org.codehaus.mojo</groupId>
|
24
|
+
<artifactId>license-maven-plugin</artifactId>
|
25
|
+
<version>1.10</version>
|
26
|
+
<executions>
|
27
|
+
<execution>
|
28
|
+
<id>download-licenses</id>
|
29
|
+
<goals>
|
30
|
+
<goal>download-licenses</goal>
|
31
|
+
</goals>
|
32
|
+
</execution>
|
33
|
+
</executions>
|
34
|
+
</plugin>
|
35
|
+
</plugins>
|
36
|
+
</build>
|
37
|
+
</project>
|
@@ -3,11 +3,11 @@ require 'delegate'
|
|
3
3
|
module LicenseFinder
|
4
4
|
module TestingDSL
|
5
5
|
class User
|
6
|
-
def run_license_finder(path = nil)
|
6
|
+
def run_license_finder(path = nil, options='')
|
7
7
|
if path
|
8
|
-
execute_command_in_path(
|
8
|
+
execute_command_in_path("license_finder --quiet #{options}", Paths.project("my_app/#{path}"))
|
9
9
|
else
|
10
|
-
execute_command
|
10
|
+
execute_command "license_finder --quiet #{options}"
|
11
11
|
end
|
12
12
|
end
|
13
13
|
|
@@ -131,7 +131,7 @@ module LicenseFinder
|
|
131
131
|
end
|
132
132
|
|
133
133
|
def install
|
134
|
-
shell_out("bower install 2>/dev/null")
|
134
|
+
shell_out("bower install --allow-root 2>/dev/null")
|
135
135
|
end
|
136
136
|
end
|
137
137
|
|
@@ -169,6 +169,12 @@ module LicenseFinder
|
|
169
169
|
end
|
170
170
|
end
|
171
171
|
|
172
|
+
class AlternateBuildFileGradleProject < Project
|
173
|
+
def add_dep
|
174
|
+
clone('alternate-build-file-gradle')
|
175
|
+
end
|
176
|
+
end
|
177
|
+
|
172
178
|
class GoProject < Project
|
173
179
|
def add_dep
|
174
180
|
clone('gopath')
|
@@ -377,7 +383,8 @@ module LicenseFinder
|
|
377
383
|
|
378
384
|
def reset_projects!
|
379
385
|
# only destroyed when a test starts, so you can poke around after a failure
|
380
|
-
|
386
|
+
require 'fileutils'
|
387
|
+
FileUtils.rmtree(projects) if projects.exist?
|
381
388
|
projects.mkpath
|
382
389
|
end
|
383
390
|
end
|
@@ -18,11 +18,12 @@ module LicenseFinder
|
|
18
18
|
}
|
19
19
|
|
20
20
|
class_option :format, desc: "The desired output format.", default: 'text', enum: FORMATS.keys
|
21
|
-
class_option :columns, type: :array, desc: "For CSV reports, which columns to print. Pick from: #{CsvReport::AVAILABLE_COLUMNS}", default: %w[name version licenses]
|
21
|
+
class_option :columns, type: :array, desc: "For text or CSV reports, which columns to print. Pick from: #{CsvReport::AVAILABLE_COLUMNS}", default: %w[name version licenses]
|
22
22
|
class_option :save, desc: "Save report to a file. Default: 'license_report.csv' in project root.", lazy_default: "license_report"
|
23
23
|
class_option :go_full_version, desc: "Whether dependency version should include full version. Only meaningful if used with a Go project. Defaults to false."
|
24
24
|
class_option :gradle_include_groups, desc: "Whether dependency name should include group id. Only meaningful if used with a Java/gradle project. Defaults to false."
|
25
25
|
class_option :gradle_command, desc: "Command to use when fetching gradle packages. Only meaningful if used with a Java/gradle project. Defaults to 'gradlew' / 'gradlew.bat' if the wrapper is present, otherwise to 'gradle'."
|
26
|
+
class_option :maven_include_groups, desc: "Whether dependency name should include group id. Only meaningful if used with a Java/maven project. Defaults to false."
|
26
27
|
class_option :rebar_command, desc: "Command to use when fetching rebar packages. Only meaningful if used with a Erlang/rebar project. Defaults to 'rebar'."
|
27
28
|
class_option :rebar_deps_dir, desc: "Path to rebar dependencies directory. Only meaningful if used with a Erlang/rebar project. Defaults to 'deps'."
|
28
29
|
class_option :subprojects, type: :array, desc: "Generate a single report for multiple sub-projects. Ex: --subprojects='path/to/project1', 'path/to/project2'"
|
@@ -22,18 +22,7 @@ module LicenseFinder
|
|
22
22
|
end
|
23
23
|
|
24
24
|
def gradle_command
|
25
|
-
get(:gradle_command)
|
26
|
-
if Platform.windows?
|
27
|
-
wrapper = 'gradlew.bat'
|
28
|
-
gradle = 'gradle.bat'
|
29
|
-
else
|
30
|
-
wrapper = 'gradlew'
|
31
|
-
gradle = 'gradle'
|
32
|
-
end
|
33
|
-
|
34
|
-
executable = File.exist?(wrapper) ? wrapper : gradle
|
35
|
-
"#{executable} --console plain"
|
36
|
-
)
|
25
|
+
get(:gradle_command)
|
37
26
|
end
|
38
27
|
|
39
28
|
def go_full_version
|
@@ -44,8 +33,12 @@ module LicenseFinder
|
|
44
33
|
get(:gradle_include_groups)
|
45
34
|
end
|
46
35
|
|
36
|
+
def maven_include_groups
|
37
|
+
get(:maven_include_groups)
|
38
|
+
end
|
39
|
+
|
47
40
|
def rebar_command
|
48
|
-
get(:rebar_command)
|
41
|
+
get(:rebar_command)
|
49
42
|
end
|
50
43
|
|
51
44
|
def rebar_deps_dir
|
data/lib/license_finder/core.rb
CHANGED
@@ -63,10 +63,11 @@ module LicenseFinder
|
|
63
63
|
PackageManager.current_packages(
|
64
64
|
logger: logger,
|
65
65
|
project_path: config.project_path,
|
66
|
-
|
66
|
+
ignored_groups: decisions.ignored_groups,
|
67
67
|
go_full_version: config.go_full_version,
|
68
68
|
gradle_command: config.gradle_command,
|
69
69
|
gradle_include_groups: config.gradle_include_groups,
|
70
|
+
maven_include_groups: config.maven_include_groups,
|
70
71
|
rebar_command: config.rebar_command,
|
71
72
|
rebar_deps_dir: config.rebar_deps_dir,
|
72
73
|
)
|
data/lib/license_finder/diff.rb
CHANGED
@@ -10,8 +10,8 @@ module LicenseFinder
|
|
10
10
|
|
11
11
|
[].tap do |packages|
|
12
12
|
unchanged.each do |package|
|
13
|
-
package_previous =
|
14
|
-
package_current =
|
13
|
+
package_previous = find_package(p1, package)
|
14
|
+
package_current = find_package(p2, package)
|
15
15
|
|
16
16
|
if package_current.licenses == package_previous.licenses
|
17
17
|
packages << PackageDelta.unchanged(package_current, package_previous)
|
@@ -40,8 +40,8 @@ module LicenseFinder
|
|
40
40
|
end
|
41
41
|
end
|
42
42
|
|
43
|
-
def self.
|
44
|
-
set.find { |p| p.
|
43
|
+
def self.find_package(set, package)
|
44
|
+
set.find { |p| p.eql? package}
|
45
45
|
end
|
46
46
|
end
|
47
47
|
end
|
@@ -99,15 +99,17 @@ module LicenseFinder
|
|
99
99
|
## EQUALITY
|
100
100
|
|
101
101
|
def <=>(other)
|
102
|
-
name <=> other.name
|
102
|
+
eq_name = name <=> other.name
|
103
|
+
return eq_name unless eq_name == 0
|
104
|
+
version <=> other.version
|
103
105
|
end
|
104
106
|
|
105
107
|
def eql?(other)
|
106
|
-
name == other.name
|
108
|
+
name == other.name && version == other.version
|
107
109
|
end
|
108
110
|
|
109
111
|
def hash
|
110
|
-
[name].hash
|
112
|
+
[name,version].hash
|
111
113
|
end
|
112
114
|
|
113
115
|
## LICENSING
|
@@ -12,13 +12,10 @@ module LicenseFinder
|
|
12
12
|
pick_package.name
|
13
13
|
end
|
14
14
|
|
15
|
-
def
|
16
|
-
|
15
|
+
def version
|
16
|
+
pick_package.version
|
17
17
|
end
|
18
18
|
|
19
|
-
def previous_version
|
20
|
-
@previous_package ? @previous_package.version : nil
|
21
|
-
end
|
22
19
|
|
23
20
|
def subproject_paths
|
24
21
|
pick_package.subproject_paths
|
@@ -15,7 +15,7 @@ module LicenseFinder
|
|
15
15
|
private
|
16
16
|
|
17
17
|
def bower_output
|
18
|
-
command =
|
18
|
+
command = "#{Bower::package_management_command} list --json -l action --allow-root"
|
19
19
|
output, success = Dir.chdir(project_path) { capture(command) }
|
20
20
|
raise "Command '#{command}' failed to execute: #{output}" unless success
|
21
21
|
|
@@ -4,7 +4,7 @@ module LicenseFinder
|
|
4
4
|
class Bundler < PackageManager
|
5
5
|
def initialize options={}
|
6
6
|
super
|
7
|
-
@
|
7
|
+
@ignored_groups = options[:ignored_groups]
|
8
8
|
@definition = options[:definition] # dependency injection for tests
|
9
9
|
end
|
10
10
|
|
@@ -18,12 +18,12 @@ module LicenseFinder
|
|
18
18
|
end
|
19
19
|
|
20
20
|
def self.package_management_command
|
21
|
-
"
|
21
|
+
"bundle"
|
22
22
|
end
|
23
23
|
|
24
24
|
private
|
25
25
|
|
26
|
-
attr_reader :
|
26
|
+
attr_reader :ignored_groups
|
27
27
|
|
28
28
|
def definition
|
29
29
|
# DI
|
@@ -46,7 +46,7 @@ module LicenseFinder
|
|
46
46
|
end
|
47
47
|
|
48
48
|
def included_groups
|
49
|
-
definition.groups -
|
49
|
+
definition.groups - ignored_groups.map(&:to_sym)
|
50
50
|
end
|
51
51
|
|
52
52
|
def package_path
|
@@ -11,12 +11,18 @@ module LicenseFinder
|
|
11
11
|
def current_packages
|
12
12
|
json = JSON.parse(package_path.read)
|
13
13
|
# godep includes subpackages as a seperate dependency, we can de-dup that
|
14
|
-
deps = json['Deps'].each do |d|
|
15
|
-
next unless d['ImportPath'].include?('github.com')
|
16
14
|
|
17
|
-
|
15
|
+
dependencies_info = json['Deps'].map do |json|
|
16
|
+
{
|
17
|
+
'Homepage' => homepage(json),
|
18
|
+
'ImportPath' => import_path(json),
|
19
|
+
'InstallPath' => json['InstallPath'],
|
20
|
+
'Rev' => json['Rev']
|
21
|
+
}
|
22
|
+
end
|
23
|
+
dependencies_info.uniq.map do |info|
|
24
|
+
GoPackage.from_dependency(info, install_prefix, @full_version)
|
18
25
|
end
|
19
|
-
deps.uniq.map { |dep| GoPackage.from_dependency(dep, install_prefix, @full_version) }
|
20
26
|
end
|
21
27
|
|
22
28
|
def package_path
|
@@ -37,5 +43,16 @@ module LicenseFinder
|
|
37
43
|
def workspace_dir
|
38
44
|
project_path.join('Godeps/_workspace')
|
39
45
|
end
|
46
|
+
|
47
|
+
def homepage(dependency_json)
|
48
|
+
import_path dependency_json
|
49
|
+
end
|
50
|
+
|
51
|
+
def import_path(dependency_json)
|
52
|
+
import_path = dependency_json['ImportPath']
|
53
|
+
return import_path unless import_path.include?('github.com')
|
54
|
+
|
55
|
+
import_path.split('/')[0..2].join('/')
|
56
|
+
end
|
40
57
|
end
|
41
58
|
end
|
@@ -5,7 +5,8 @@ module LicenseFinder
|
|
5
5
|
install_path = hash['InstallPath']
|
6
6
|
install_path ||= install_path(prefix.join(name))
|
7
7
|
version = full_version ? hash['Rev'] : hash['Rev'][0..6]
|
8
|
-
|
8
|
+
homepage = hash['Homepage']
|
9
|
+
self.new(name, version, {install_path: install_path, package_manager: "Go", homepage: homepage })
|
9
10
|
end
|
10
11
|
|
11
12
|
def package_manager
|
@@ -24,8 +24,8 @@ module LicenseFinder
|
|
24
24
|
project_path.join("vendor")
|
25
25
|
end
|
26
26
|
|
27
|
-
def project_sha
|
28
|
-
|
27
|
+
def project_sha(path)
|
28
|
+
Dir.chdir(path) do
|
29
29
|
val = capture('git rev-list --max-count 1 HEAD')
|
30
30
|
raise 'git rev-list failed' unless val.last
|
31
31
|
val.first.strip
|
@@ -39,7 +39,7 @@ module LicenseFinder
|
|
39
39
|
GoPackage.from_dependency({
|
40
40
|
'ImportPath' => dep,
|
41
41
|
'InstallPath' => package_path.join(dep),
|
42
|
-
'Rev' => 'vendored-' + project_sha
|
42
|
+
'Rev' => 'vendored-' + project_sha(package_path.join(dep))
|
43
43
|
}, nil, true)
|
44
44
|
end
|
45
45
|
end
|
@@ -56,11 +56,25 @@ module LicenseFinder
|
|
56
56
|
# discovered that `go list' will print a warning and unfortunately exit
|
57
57
|
# with status code 1. Setting GOPATH to nil removes those warnings.
|
58
58
|
ENV['GOPATH'] = nil
|
59
|
-
val = capture('go list -f
|
59
|
+
val = capture('go list -f "{{join .Deps \"\n\"}}" ./...')
|
60
60
|
return [] unless val.last
|
61
|
-
# Select non-standard packages.
|
62
|
-
#
|
63
|
-
|
61
|
+
# Select non-standard packages. `go list std` returns the list of standard
|
62
|
+
# dependencies. We then filter those dependencies out of the full list of
|
63
|
+
# dependencies.
|
64
|
+
deps = val.first.split("\n")
|
65
|
+
capture('go list std').first.split("\n").each do |std|
|
66
|
+
deps.delete_if do |dep|
|
67
|
+
dep =~ /(\/|^)#{std}(\/|$)/
|
68
|
+
end
|
69
|
+
end
|
70
|
+
deps.map do |d|
|
71
|
+
dep_parts = d.split('/')
|
72
|
+
if dep_parts.length > 2
|
73
|
+
dep_parts[0..2].join('/')
|
74
|
+
else
|
75
|
+
d
|
76
|
+
end
|
77
|
+
end
|
64
78
|
end
|
65
79
|
end
|
66
80
|
end
|