license_finder 3.0.4 → 3.1.1

data/lib/license_finder/package_managers/maven.rb

@@ -1,9 +1,9 @@
-require "xmlsimple"
-require_relative "maven_dependency_finder"
+require 'xmlsimple'
+require_relative 'maven_dependency_finder'
 
 module LicenseFinder
   class Maven < PackageManager
-    def initialize(options={})
+    def initialize(options = {})
       super
       @ignored_groups = options[:ignored_groups]
       @include_groups = options[:maven_include_groups]
@@ -12,18 +12,18 @@ module LicenseFinder
 
     def current_packages
       command = "#{package_management_command} org.codehaus.mojo:license-maven-plugin:download-licenses"
-      command += " -Dlicense.excludedScopes=#{@ignored_groups.to_a.join(',')}" if @ignored_groups and !@ignored_groups.empty?
-      command += " #{@maven_options}" if !@maven_options.nil?
-      output, success = Dir.chdir(project_path) { capture(command) }
-      raise "Command '#{command}' failed to execute: #{output}" unless success
+      command += " -Dlicense.excludedScopes=#{@ignored_groups.to_a.join(',')}" if @ignored_groups && !@ignored_groups.empty?
+      command += " #{@maven_options}" unless @maven_options.nil?
+      _stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(command) }
+      raise "Command '#{command}' failed to execute: #{stderr}" unless status.success?
 
       dependencies = MavenDependencyFinder.new(project_path).dependencies
       packages = dependencies.flat_map do |xml|
         options = {
           'GroupTags' => { 'licenses' => 'license', 'dependencies' => 'dependency' },
-          'ForceArray' => ['license', 'dependency']
+          'ForceArray' => %w[license dependency]
         }
-        contents = XmlSimple.xml_in(xml, options)["dependencies"]
+        contents = XmlSimple.xml_in(xml, options)['dependencies']
         contents.map do |dep|
           MavenPackage.new(dep, logger: logger, include_groups: @include_groups)
         end
@@ -32,21 +32,20 @@ module LicenseFinder
     end
 
     def package_management_command
-      if Platform.windows?
-        wrapper = 'mvnw.cmd'
-        maven = 'mvn'
-      else
-        wrapper = './mvnw'
-        maven = 'mvn'
-      end
+      wrapper = if Platform.windows?
+                  'mvnw.cmd'
+                else
+                  './mvnw'
+                end
+      maven = 'mvn'
 
       File.exist?(File.join(project_path, wrapper)) ? wrapper : maven
     end
 
     private
 
-    def package_path
-      project_path.join('pom.xml')
+    def possible_package_paths
+      [project_path.join('pom.xml')]
     end
   end
 end

data/lib/license_finder/package_managers/maven_package.rb

@@ -1,16 +1,14 @@
 module LicenseFinder
   class MavenPackage < Package
-    def initialize(spec, options={})
+    def initialize(spec, options = {})
       name = spec['artifactId']
-      if options[:include_groups]
-        name = "#{spec['groupId']}:#{name}"
-      end
+      name = "#{spec['groupId']}:#{name}" if options[:include_groups]
 
       super(
         name,
-        spec["version"],
+        spec['version'],
         options.merge(
-          spec_licenses: Array(spec["licenses"]).map { |l| l["name"] }
+          spec_licenses: Array(spec['licenses']).map { |l| l['name'] }
         )
       )
     end

data/lib/license_finder/package_managers/merged_package.rb

@@ -1,6 +1,5 @@
 module LicenseFinder
   class MergedPackage
-
     attr_reader :dependency
 
     def initialize(dependency, subproject_paths)
@@ -24,6 +23,30 @@ module LicenseFinder
       dependency.install_path
     end
 
+    def authors
+      dependency.authors
+    end
+
+    def homepage
+      dependency.homepage
+    end
+
+    def summary
+      dependency.summary
+    end
+
+    def description
+      dependency.description
+    end
+
+    def groups
+      dependency.groups
+    end
+
+    def package_manager
+      dependency.package_manager
+    end
+
     def subproject_paths
       @subproject_paths.map { |p| p.expand_path.to_s }
     end
@@ -40,7 +63,7 @@ module LicenseFinder
       dependency.hash
     end
 
-    def method_missing(method_name)
+    def method_missing(_method_name)
       nil
     end
   end

data/lib/license_finder/package_managers/mix.rb

@@ -0,0 +1,51 @@
+module LicenseFinder
+  class Mix < PackageManager
+    def initialize(options = {})
+      super
+      @command = options[:mix_command] || Mix.package_management_command
+      @deps_path = Pathname(options[:mix_deps_dir] || 'deps')
+    end
+
+    def current_packages
+      mix_output.map do |name, version|
+        MixPackage.new(
+          name,
+          version,
+          install_path: @deps_path.join(name),
+          logger: logger
+        )
+      end
+    end
+
+    def self.package_management_command
+      'mix'
+    end
+
+    private
+
+    def mix_output
+      command = "#{@command} deps"
+      stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(command) }
+      raise "Command '#{command}' failed to execute: #{stderr}" unless status.success?
+
+      stdout
+        .each_line
+        .map(&:strip)
+        .select { |line| line_of_interest? line }
+        .each_slice(2).to_a
+        .map { |line1, line2| [line1.split(' ')[1], resolve_version(line2)] }
+    end
+
+    def line_of_interest?(line)
+      line.start_with?('* ', 'locked at', 'the dependency is not available')
+    end
+
+    def resolve_version(line)
+      line =~ /locked at ([^\s]+)/ ? Regexp.last_match(1) : line
+    end
+
+    def possible_package_paths
+      [project_path.join('mix.exs')]
+    end
+  end
+end

data/lib/license_finder/package_managers/mix_package.rb

@@ -0,0 +1,7 @@
+module LicenseFinder
+  class MixPackage < Package
+    def package_manager
+      'Mix'
+    end
+  end
+end

data/lib/license_finder/package_managers/npm.rb

@@ -4,49 +4,25 @@ require 'tempfile'
 module LicenseFinder
   class NPM < PackageManager
     def current_packages
-      NpmPackage.packages_from_json(npm_json, package_path)
+      NpmPackage.packages_from_json(npm_json, detected_package_path)
     end
 
-    private
-
     def self.package_management_command
       'npm'
     end
 
-    def package_path
-      project_path.join('package.json')
-    end
+    private
 
-    def run_command_with_tempfile_buffer(command, &block)
-      tempfile = Tempfile.new 'npm-list.json'
-      begin
-        output, success = Dir.chdir(project_path) { capture("#{command} > #{tempfile.path}") }
-        result = block.call(File.read(tempfile.path))
-      ensure
-        tempfile.close
-        tempfile.unlink
-      end
-      [output, result, success]
+    def possible_package_paths
+      [project_path.join('package.json')]
     end
 
     def npm_json
-      command = "#{NPM::package_management_command} list --json --long"
-      output, json, success = run_command_with_tempfile_buffer(command, &:parse_json_safely)
-      unless success
-        if json
-          $stderr.puts "Command '#{command}' returned an error but parsing succeeded."
-        else
-          raise "Command '#{command}' failed to execute: #{output}"
-        end
-      end
-      json
-    end
-  end
+      command = "#{NPM.package_management_command} list --json --long"
+      stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(command) }
+      raise "Command '#{command}' failed to execute: #{stderr}" unless status.success?
 
-  String.class_eval do
-    def parse_json_safely
-      JSON.parse(self) rescue nil
+      JSON.parse(stdout)
     end
   end
-
 end

data/lib/license_finder/package_managers/npm_package.rb

@@ -2,11 +2,56 @@ module LicenseFinder
   class NpmPackage < Package
     attr_accessor :identifier, :dependencies, :groups, :json
 
-    def self.packages_from_json(npm_json, package_path)
-      @packages = NpmPackage.flattened_dependencies(npm_json)
-      package_json = PackageJson.new(package_path)
-      populate_groups(package_json)
-      @packages.values
+    class << self
+      def packages_from_json(npm_json, package_path)
+        @packages = flattened_dependencies(npm_json)
+        package_json = PackageJson.new(package_path)
+        populate_groups(package_json)
+        @packages.values
+      end
+
+      private
+
+      def flattened_dependencies(npm_json, existing_packages = {})
+        identifier = Identifier.from_hash npm_json
+        if existing_packages[identifier].nil?
+          existing_packages[identifier] = NpmPackage.new(npm_json) if identifier
+          npm_json.fetch('dependencies', {}).values.map do |d|
+            flattened_dependencies(d, existing_packages)
+          end
+        else
+          duplicate_package = NpmPackage.new(npm_json)
+          unless existing_packages[identifier].dependencies.include?(duplicate_package.dependencies)
+            existing_packages[identifier].dependencies |= duplicate_package.dependencies
+            npm_json.fetch('dependencies', {}).values.map do |d|
+              flattened_dependencies(d, existing_packages)
+            end
+          end
+        end
+        existing_packages
+      end
+
+      def populate_groups(package_json)
+        package_json.groups.each do |group|
+          group.package_names.each do |package_name|
+            @packages.each_key do |identifier|
+              next unless identifier.name == package_name
+              dependency = @packages[identifier]
+              dependency.groups |= [group.name]
+              populate_child_groups(dependency, @packages)
+            end
+          end
+        end
+      end
+
+      def populate_child_groups(dependency, packages, populated_ids = [])
+        dependency.dependencies.each do |id|
+          next if populated_ids.include? id
+          populated_ids.push id
+          packages[id].groups |= dependency.groups
+          populate_child_groups(packages[id], packages, populated_ids)
+        end
+      end
     end
 
     def initialize(npm_json)
@@ -36,45 +81,6 @@ module LicenseFinder
 
     private
 
-    def self.flattened_dependencies(npm_json, existing_packages={})
-      identifier = Identifier.from_hash npm_json
-      if existing_packages[identifier].nil?
-        existing_packages[identifier] = NpmPackage.new(npm_json) if identifier
-        npm_json.fetch('dependencies', {}).values.map { |d| NpmPackage.flattened_dependencies(d, existing_packages) }
-      else
-        duplicate_package = NpmPackage.new(npm_json)
-        unless existing_packages[identifier].dependencies.include?(duplicate_package.dependencies)
-          existing_packages[identifier].dependencies |= duplicate_package.dependencies
-          npm_json.fetch('dependencies', {}).values.map { |d| NpmPackage.flattened_dependencies(d, existing_packages) }
-        end
-      end
-      existing_packages
-    end
-
-    def self.populate_groups(package_json)
-      package_json.groups.each do |group|
-        group.package_names.each do |package_name|
-          @packages.keys.each do |identifier|
-            if identifier.name == package_name
-              dependency = @packages[identifier]
-              dependency.groups |= [group.name]
-              NpmPackage.populate_child_groups(dependency, @packages)
-            end
-          end
-        end
-      end
-    end
-
-    def self.populate_child_groups(dependency, packages, populated_ids = [])
-      dependency.dependencies.each do |id|
-        unless populated_ids.include? id
-          populated_ids.push id
-          packages[id].groups |= dependency.groups
-          populate_child_groups(packages[id], packages, populated_ids)
-        end
-      end
-    end
-
     def deps_from_json
       @json.fetch('dependencies', {}).values.map { |dep| Identifier.from_hash(dep) }.compact
     end
@@ -114,7 +120,6 @@ module LicenseFinder
       def to_s
         "#{@name} - #{@version}"
       end
-
     end
 
     class Group
@@ -132,12 +137,11 @@ module LicenseFinder
       def to_s
         @name
       end
-
     end
 
     class PackageJson
       attr_reader :groups
-      DEPENDENCY_GROUPS = %w(dependencies devDependencies)
+      DEPENDENCY_GROUPS = %w[dependencies devDependencies].freeze
 
       def initialize(path)
         json = JSON.parse(File.read(path), max_nesting: false)
@@ -147,7 +151,6 @@ module LicenseFinder
       def groups_for(identifier)
         @groups.select { |g| g.include? identifier }.map(&:name)
       end
-
     end
   end
 end

data/lib/license_finder/package_managers/nuget.rb

@@ -1,25 +1,37 @@
-require "rexml/document"
+require 'rexml/document'
 require 'zip'
 
 module LicenseFinder
   class Nuget < PackageManager
-    def package_path
-      path = project_path.join("vendor/*.nupkg")
-      nuget_dir = Dir[path].map{|pkg| File.dirname(pkg)}.uniq
-      if nuget_dir.length == 0
-        path = project_path.join(".nuget")
-        if File.directory?(path)
-          path
-        else
-          project_path.join("packages")
+    class Assembly
+      attr_reader :name, :path
+      def initialize(path, name)
+        @path = path
+        @name = name
+      end
+
+      def dependencies
+        xml = REXML::Document.new(File.read(path.join('packages.config')))
+        packages = REXML::XPath.match(xml, '//package')
+        packages.map do |p|
+          attrs = p.attributes
+          Dependency.new(attrs['id'], attrs['version'], name)
         end
-      else
-        Pathname(nuget_dir.first)
       end
     end
 
+    Dependency = Struct.new(:name, :version, :assembly)
+
+    def possible_package_paths
+      path = project_path.join('vendor/*.nupkg')
+      nuget_dir = Dir[path].map { |pkg| File.dirname(pkg) }.uniq
+      possible_paths = [project_path.join('.nuget'), project_path.join('packages')]
+      possible_paths.unshift(Pathname(nuget_dir.first)) unless nuget_dir.empty?
+      possible_paths
+    end
+
     def assemblies
-      Dir.glob(project_path.join("**", "packages.config"), File::FNM_DOTMATCH).map do |d|
+      Dir.glob(project_path.join('**', 'packages.config'), File::FNM_DOTMATCH).map do |d|
         path = Pathname.new(d).dirname
         name = path.basename.to_s
         Assembly.new path, name
@@ -27,48 +39,26 @@ module LicenseFinder
     end
 
     def current_packages
-      dependencies.reduce({}) do |memo, dep|
+      dependencies.each_with_object({}) do |dep, memo|
         licenses = license_urls(dep)
         memo[dep.name] ||= NugetPackage.new(dep.name, dep.version, spec_licenses: licenses)
-        memo[dep.name].groups << dep.assembly if !memo[dep.name].groups.include? dep.assembly
-        memo
+        memo[dep.name].groups << dep.assembly unless memo[dep.name].groups.include? dep.assembly
       end.values
     end
 
-    def license_urls dep
+    def license_urls(dep)
       files = Dir["**/#{dep.name}.#{dep.version}.nupkg"]
       return nil if files.empty?
       file = files.first
       Zip::File.open file do |zipfile|
-        content = zipfile.read(dep.name + ".nuspec")
+        content = zipfile.read(dep.name + '.nuspec')
         xml = REXML::Document.new(content)
-        REXML::XPath.match(xml,"//metadata//licenseUrl").map(&:get_text)
+        REXML::XPath.match(xml, '//metadata//licenseUrl').map(&:get_text)
       end
     end
 
     def dependencies
       assemblies.flat_map(&:dependencies)
     end
-
-    class Assembly
-      attr_reader :name, :path
-      def initialize(path, name)
-        @path = path
-        @name = name
-      end
-
-      def dependencies
-        xml = REXML::Document.new(File.read(path.join("packages.config")))
-        packages = REXML::XPath.match(xml, "//package")
-        packages.map do |p|
-          attrs = p.attributes
-          Dependency.new(attrs["id"], attrs["version"], self.name)
-        end
-      end
-    end
-
-    class Dependency < Struct.new(:name, :version, :assembly)
-    end
   end
 end
-