RubyGems - license_finder - Versions diffs - 3.0.1 → 3.0.2 - Mend

license_finder 3.0.1 → 3.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (16) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +15 -1
data/ci/pipelines/pipeline.yml.erb +2 -2
data/ci/scripts/test.sh +2 -3
data/ci/tasks/build.yml +1 -1
data/lib/license_finder/package_managers/npm.rb +22 -66
data/lib/license_finder/package_managers/npm_package.rb +148 -0
data/lib/license_finder/version.rb +1 -1
data/license_finder.gemspec +0 -1
data/spec/fixtures/npm-circular-dependencies/npm-list.json +5339 -0
data/spec/fixtures/npm-circular-dependencies/package.json +5 -0
data/spec/fixtures/npm-licenses-string/npm-list.json +7597 -0
data/spec/fixtures/npm-licenses-string/package.json +23 -0
data/spec/lib/license_finder/package_managers/npm_package_spec.rb +56 -0
data/spec/lib/license_finder/package_managers/npm_spec.rb +78 -48
metadata +12 -16

data/spec/fixtures/npm-licenses-string/package.json ADDED

@@ -0,0 +1,23 @@
+{
+  "name": "license_finder_test",
+  "version": "0.0.1",
+  "description": "has a licenses string field",
+  "main": "index.js",
+  "dependencies": {
+    "node-polyglot": "^2.0.0"
+  },
+  "devDependencies": {
+    "enzyme": "^2.8.2"
+  },
+  "scripts": {},
+  "repository": {},
+  "author": "",
+  "licenses": "MIT",
+  "bugs": {},
+  "private": true,
+  "engines": {
+    "node": "^6.11.0",
+    "yarn": "^0.24.6",
+    "npm": "^5.0.3"
+  }
+}

data/spec/lib/license_finder/package_managers/npm_package_spec.rb ADDED

@@ -0,0 +1,56 @@
+require 'spec_helper'
+module LicenseFinder
+  describe NpmPackage do
+    subject do
+      described_class.new(
+          "name" => "jasmine-node",
+          "version" => "1.3.1",
+          "description" => "a description",
+          "readme" => "a readme",
+          "path" => "some/node/package/path",
+          "homepage" => "a homepage",
+          "dependencies" => {
+              "coffee-script" => {
+                  "name" => "coffee-script",
+              }
+          }
+      )
+    end
+    its(:name) { should == "jasmine-node" }
+    its(:version) { should == "1.3.1" }
+    its(:summary) { should eq "" }
+    its(:description) { should == "a description" }
+    its(:homepage) { should == "a homepage" }
+    its(:groups) { should == [] } # TODO: put devDependencies in 'dev' group?
+    its(:children) { should == ["coffee-script"] }
+    its(:install_path) { should eq "some/node/package/path" }
+    its(:package_manager) { should eq 'Npm' }
+    describe '#license_names_from_spec' do
+      let(:node_module1) { {"license" => "MIT"} }
+      let(:node_module2) { {"licenses" => [{"type" => "BSD"}]} }
+      let(:node_module3) { {"license" => {"type" => "PSF"}} }
+      let(:node_module4) { {"licenses" => ["MIT"]} }
+      let(:misdeclared_node_module) { {"licenses" => {"type" => "MIT"}} }
+      it 'finds the license for both license structures' do
+        package = NpmPackage.new(node_module1)
+        expect(package.license_names_from_spec).to eq ["MIT"]
+        package = NpmPackage.new(node_module2)
+        expect(package.license_names_from_spec).to eq ["BSD"]
+        package = NpmPackage.new(node_module3)
+        expect(package.license_names_from_spec).to eq ["PSF"]
+        package = NpmPackage.new(node_module4)
+        expect(package.license_names_from_spec).to eq ["MIT"]
+        package = NpmPackage.new(misdeclared_node_module)
+        expect(package.license_names_from_spec).to eq ["MIT"]
+      end
+    end
+  end
+end

data/spec/lib/license_finder/package_managers/npm_spec.rb CHANGED

@@ -3,19 +3,19 @@ require 'fakefs/spec_helpers'
 module LicenseFinder
   describe NPM do
-    let(:root) { "/fake-node-project" }
+    let(:root) { '/fake-node-project' }
     let(:npm) { NPM.new project_path: Pathname.new(root) }
-    it_behaves_like "a PackageManager"
+    it_behaves_like 'a PackageManager'
     let(:package_json) do
       {
         dependencies: {
-          "dependency.js" => "1.3.3.7",
-          "dependency2.js" => "4.2"
+            'dependency.js' => '1.3.3.7',
+            'dependency2.js' => '4.2'
         },
         devDependencies: {
-          "dependency3.js" => "4.2"
+            'dependency3.js' => '4.2'
         }
       }.to_json
     end
@@ -88,31 +88,26 @@ module LicenseFinder
         NPM.instance_variable_set(:@modules, nil)
         FileUtils.mkdir_p(Dir.tmpdir)
         FileUtils.mkdir_p(root)
-        File.write(File.join(root, "package.json"), package_json)
-        allow(npm).to receive(:capture) do |command|
-          filename = command.scan(/> (.*)$/).last.first
-          File.write(filename, dependency_json)
-          ['', true]
-        end
+        File.write(File.join(root, 'package.json'), package_json)
+        allow(npm).to receive(:run_command_with_tempfile_buffer).and_return ['', JSON.parse(dependency_json), true]
       end
       it 'fetches data from npm' do
         current_packages = npm.current_packages
-        expect(current_packages.map(&:name)).to eq(["dependency.js", "dependency1-1.js", "dependency2.js", "dependency2-1.js", "dependency3.js",  "dependency3-1.js"])
+        expect(current_packages.map(&:name)).to eq(%w(dependency.js dependency1-1.js dependency2.js dependency2-1.js dependency3.js dependency3-1.js))
       end
-      it "finds the groups for dependencies" do
+      it 'finds the groups for dependencies' do
         current_packages = npm.current_packages
-        expect(current_packages.find { |p| p.name == "dependency.js" }.groups).to eq(["dependencies"])
-        expect(current_packages.find { |p| p.name == "dependency1-1.js" }.groups).to eq(["dependencies", "devDependencies"])
-        expect(current_packages.find { |p| p.name == "dependency2.js" }.groups).to eq(["dependencies"])
-        expect(current_packages.find { |p| p.name == "dependency2-1.js" }.groups).to eq(["dependencies"])
-        expect(current_packages.find { |p| p.name == "dependency3.js" }.groups).to eq(["devDependencies"])
-        expect(current_packages.find { |p| p.name == "dependency3-1.js" }.groups).to eq(["devDependencies"])
+        expect(current_packages.find { |p| p.name == 'dependency.js' }.groups).to eq(['dependencies'])
+        expect(current_packages.find { |p| p.name == 'dependency1-1.js' }.groups).to eq(%w(dependencies devDependencies))
+        expect(current_packages.find { |p| p.name == 'dependency2.js' }.groups).to eq(['dependencies'])
+        expect(current_packages.find { |p| p.name == 'dependency2-1.js' }.groups).to eq(['dependencies'])
+        expect(current_packages.find { |p| p.name == 'dependency3.js' }.groups).to eq(['devDependencies'])
+        expect(current_packages.find { |p| p.name == 'dependency3-1.js' }.groups).to eq(['devDependencies'])
       end
-      it "does not support name version string" do
+      it 'does not support name version string' do
         json = <<-JSON
           {
             "devDependencies": {
@@ -122,67 +117,102 @@ module LicenseFinder
         JSON
         allow(Dir).to receive(:chdir).with(Pathname('/fake-node-project')) { |&block| block.call }
-        allow(npm).to receive(:capture) do |command|
-          filename = command.scan(/> (.*)$/).last.first
-          File.write(filename, json)
-          ['', true]
-        end
+        allow(npm).to receive(:run_command_with_tempfile_buffer).and_return ['', JSON.parse(json), true]
         current_packages = npm.current_packages
         expect(current_packages.map(&:name)).to eq([])
       end
-      it "fails when command fails" do
-        allow(npm).to receive(:capture).with(/npm/).and_return('Some error', false).once
+      it 'fails when command fails' do
+        allow(npm).to receive(:run_command_with_tempfile_buffer).with(/npm/).and_return('Some error', nil, false).once
         expect { npm.current_packages }.to raise_error(RuntimeError)
       end
-      it "does not fail when command fails but produces output" do
-        allow(npm).to receive(:capture) do |command|
-          filename = command.scan(/> (.*)$/).last.first
-          File.write(filename, '{"foo":"bar"}')
-          ['', false]
-        end
+      it 'does not fail when command fails but produces output' do
+        allow(npm).to receive(:run_command_with_tempfile_buffer).and_return ['', {'foo' => 'bar'}, false]
         silence_stderr { npm.current_packages }
       end
-      context "npm circular license edge case - GH#307" do
+      context 'npm recursive dependency edge case - GH#211' do
+        let(:package_json) do
+          FakeFS.without do
+            File.read fixture_path 'npm-recursive-dependencies/package.json'
+          end
+        end
+        let(:dependency_json) do
+          FakeFS.without do
+            File.read fixture_path 'npm-recursive-dependencies/npm-list.json'
+          end
+        end
+        describe '.current_packages' do
+          it 'correctly navigates the dependencies tree and pulls out valid information' do
+            expect(npm.current_packages.find { |p| p.name == 'pui-react-alerts' }.version).to eq('3.0.0-alpha.2')
+            expect(npm.current_packages.find { |p| p.name == 'pui-react-media' }.version).to eq('3.0.0-alpha.2')
+          end
+        end
+      end
+      context 'npm circular license edge case - GH#307' do
+        let(:package_json) do
+          FakeFS.without do
+            File.read fixture_path 'npm-circular-licenses/package.json'
+          end
+        end
+        let(:dependency_json) do
+          FakeFS.without do
+            File.read fixture_path 'npm-circular-licenses/npm-list.json'
+          end
+        end
+        describe '.current_packages' do
+          it 'correctly navigates the dependencies tree and pulls out valid information' do
+            FakeFS::FileSystem.clone(File.expand_path('../../../../../lib/license_finder/license/templates', __FILE__))
+            expect(npm.current_packages.find {|p| p.name == 'has'}.licenses.map(&:name)).to eq ['MIT']
+            expect(npm.current_packages.find {|p| p.name == 'function-bind'}.licenses.map(&:name)).to eq ['MIT']
+          end
+        end
+      end
+      context 'npm licenses is a string - GH#317' do
         let(:package_json) do
           FakeFS.without do
-            File.read fixture_path "npm-circular-licenses/package.json"
+            File.read fixture_path 'npm-licenses-string/package.json'
           end
         end
         let(:dependency_json) do
           FakeFS.without do
-            File.read fixture_path "npm-circular-licenses/npm-list.json"
+            File.read fixture_path 'npm-licenses-string/npm-list.json'
           end
         end
-        describe ".current_packages" do
-          it "correctly navigates the dependencies tree and pulls out valid information" do
+        describe '.current_packages' do
+          it 'correctly reports the license type' do
             FakeFS::FileSystem.clone(File.expand_path('../../../../../lib/license_finder/license/templates', __FILE__))
-              expect(npm.current_packages.find {|p| p.name == "has"}.licenses.map(&:name)).to eq ["MIT"]
-              expect(npm.current_packages.find {|p| p.name == "function-bind"}.licenses.map(&:name)).to eq ["MIT"]
+            expect(npm.current_packages.find {|p| p.name == 'boolbase'}.licenses.map(&:name)).to eq ['ISC']
           end
         end
       end
-      context "npm recursive dependency edge case - GH#211" do
+      context 'when packages have circular dependencies  - GH#313' do
         let(:package_json) do
           FakeFS.without do
-            File.read fixture_path "npm-recursive-dependencies/package.json"
+            File.read fixture_path 'npm-circular-dependencies/package.json'
           end
         end
         let(:dependency_json) do
           FakeFS.without do
-            File.read fixture_path "npm-recursive-dependencies/npm-list.json"
+            File.read fixture_path 'npm-circular-dependencies/npm-list.json'
           end
         end
-        describe ".current_packages" do
-          it "correctly navigates the dependencies tree and pulls out valid information" do
-            expect(npm.current_packages.find { |p| p.name == "pui-react-alerts" }.version).to eq("3.0.0-alpha.2")
-            expect(npm.current_packages.find { |p| p.name == "pui-react-media" }.version).to eq("3.0.0-alpha.2")
+        describe '.current_packages' do
+          it 'should return package tree successfully' do
+            packages = npm.current_packages
+            expect(packages.count).to be > 1
+            expect(packages.select{|p| p.name == 'babel-register'}.count).to eq(1)
+            expect(packages.select{|p| p.name == 'babel-core'}.count).to eq(1)
+            expect(packages.find{|p| p.name == 'babel-register'}.dependencies.count).to be > 0
           end
         end
       end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: license_finder
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 3.0.2
 platform: ruby
 authors:
 - Jacob Maine
@@ -20,7 +20,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-07-12 00:00:00.000000000 Z
+date: 2017-07-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -92,20 +92,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: yajl-ruby
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: with_env
   requirement: !ruby/object:Gem::Requirement
@@ -477,8 +463,12 @@ files:
 - spec/fixtures/license_names/Mit-License
 - spec/fixtures/license_names/README.rdoc
 - spec/fixtures/nested_gem/vendor/LICENSE
+- spec/fixtures/npm-circular-dependencies/npm-list.json
+- spec/fixtures/npm-circular-dependencies/package.json
 - spec/fixtures/npm-circular-licenses/npm-list.json
 - spec/fixtures/npm-circular-licenses/package.json
+- spec/fixtures/npm-licenses-string/npm-list.json
+- spec/fixtures/npm-licenses-string/package.json
 - spec/fixtures/npm-recursive-dependencies/npm-list.json
 - spec/fixtures/npm-recursive-dependencies/package.json
 - spec/fixtures/utf8_gem/README
@@ -516,6 +506,7 @@ files:
 - spec/lib/license_finder/package_managers/maven_package_spec.rb
 - spec/lib/license_finder/package_managers/maven_spec.rb
 - spec/lib/license_finder/package_managers/merged_package_spec.rb
+- spec/lib/license_finder/package_managers/npm_package_spec.rb
 - spec/lib/license_finder/package_managers/npm_spec.rb
 - spec/lib/license_finder/package_managers/nuget_package_spec.rb
 - spec/lib/license_finder/package_managers/nuget_spec.rb
@@ -647,8 +638,12 @@ test_files:
 - spec/fixtures/license_names/Mit-License
 - spec/fixtures/license_names/README.rdoc
 - spec/fixtures/nested_gem/vendor/LICENSE
+- spec/fixtures/npm-circular-dependencies/npm-list.json
+- spec/fixtures/npm-circular-dependencies/package.json
 - spec/fixtures/npm-circular-licenses/npm-list.json
 - spec/fixtures/npm-circular-licenses/package.json
+- spec/fixtures/npm-licenses-string/npm-list.json
+- spec/fixtures/npm-licenses-string/package.json
 - spec/fixtures/npm-recursive-dependencies/npm-list.json
 - spec/fixtures/npm-recursive-dependencies/package.json
 - spec/fixtures/utf8_gem/README
@@ -686,6 +681,7 @@ test_files:
 - spec/lib/license_finder/package_managers/maven_package_spec.rb
 - spec/lib/license_finder/package_managers/maven_spec.rb
 - spec/lib/license_finder/package_managers/merged_package_spec.rb
+- spec/lib/license_finder/package_managers/npm_package_spec.rb
 - spec/lib/license_finder/package_managers/npm_spec.rb
 - spec/lib/license_finder/package_managers/nuget_package_spec.rb
 - spec/lib/license_finder/package_managers/nuget_spec.rb