license_finder 5.11.1 → 6.0.0

data/lib/license_finder/package_utils/pypi.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'openssl'
+
+module LicenseFinder
+  class PyPI
+    CONNECTION_ERRORS = [
+      EOFError,
+      Errno::ECONNREFUSED,
+      Errno::ECONNRESET,
+      Errno::ECONNRESET,
+      Errno::EHOSTUNREACH,
+      Errno::EINVAL,
+      Net::OpenTimeout,
+      Net::ProtocolError,
+      Net::ReadTimeout,
+      OpenSSL::OpenSSLError,
+      OpenSSL::SSL::SSLError,
+      SocketError,
+      Timeout::Error
+    ].freeze
+
+    class << self
+      def definition(name, version)
+        response = request("https://pypi.org/pypi/#{name}/#{version}/json")
+        response.is_a?(Net::HTTPSuccess) ? JSON.parse(response.body).fetch('info', {}) : {}
+      rescue *CONNECTION_ERRORS
+        {}
+      end
+
+      def request(location, limit = 10)
+        uri = URI(location)
+        http = Net::HTTP.new(uri.host, uri.port)
+        http.use_ssl = true
+        response = http.get(uri.request_uri).response
+        response.is_a?(Net::HTTPRedirection) && limit.positive? ? request(response['location'], limit - 1) : response
+      end
+    end
+  end
+end

data/lib/license_finder/packages/merged_package.rb

@@ -12,8 +12,8 @@ module LicenseFinder
     end
 
     def_delegators :@dependency, :name, :version, :authors, :summary, :description, :homepage, :children, :parents,
-                   :groups, :whitelisted, :blacklisted, :manual_approval, :install_path, :licenses, :approved_manually?,
-                   :approved_manually!, :approved?, :whitelisted!, :whitelisted?, :blacklisted!, :blacklisted?, :hash,
+                   :groups, :permitted, :restricted, :manual_approval, :install_path, :licenses, :approved_manually?,
+                   :approved_manually!, :approved?, :permitted!, :permitted?, :restricted!, :restricted?, :hash,
                    :activations, :missing, :license_names_from_spec, :decided_licenses, :licensing, :decide_on_license,
                    :license_files, :package_manager, :missing?, :log_activation, :notice_files
 

data/lib/license_finder/reports/templates/html_report.erb

@@ -65,10 +65,10 @@
               <% end -%>
               <time datetime="<%= dependency.manual_approval.safe_when.utc.iso8601 %>"><%= dependency.manual_approval.safe_when.to_date %></time>
             </small>
-          <% elsif dependency.whitelisted? -%>
+          <% elsif dependency.permitted? -%>
             <p>
               <%= license_links(dependency) %>
-              whitelisted
+              permitted
               <span class="badge badge-success">&#x2713;</span>
             </p>
           <% else -%>

data/lib/license_finder/reports/templates/markdown_report.erb

@@ -37,8 +37,8 @@ As of <%= Time.now.strftime("%B %e, %Y %l:%M%P") %>. <%= dependencies.size %> to
 ><%= dependency.manual_approval.why %>
 
 ><cite> <%= dependency.manual_approval.who %> <%= dependency.manual_approval.safe_when.to_date %></cite>
-<% elsif dependency.whitelisted? -%>
-<%= license_links(dependency) %> whitelisted
+<% elsif dependency.permitted? -%>
+<%= license_links(dependency) %> permitted
 <% else -%>
 <%= license_links(dependency) %> _**unapproved**_
 <% end -%>

data/lib/license_finder/scanner.rb

@@ -2,8 +2,10 @@
 
 module LicenseFinder
   class Scanner
-    PACKAGE_MANAGERS = [GoModules, GoDep, GoWorkspace, Go15VendorExperiment, Glide, Gvt, Govendor, Trash, Dep, Bundler, NPM, Pip,
-                        Yarn, Bower, Maven, Gradle, CocoaPods, Rebar, Nuget, Carthage, Mix, Conan, Sbt, Cargo, Dotnet, Composer].freeze
+    PACKAGE_MANAGERS = [
+      GoModules, GoDep, GoWorkspace, Go15VendorExperiment, Glide, Gvt, Govendor, Trash, Dep, Bundler, NPM, Pip,
+      Yarn, Bower, Maven, Gradle, CocoaPods, Rebar, Nuget, Carthage, Mix, Conan, Sbt, Cargo, Dotnet, Composer, Pipenv
+    ].freeze
 
     class << self
       def remove_subprojects(paths)

data/lib/license_finder/shared_helpers/common_path.rb

@@ -20,7 +20,9 @@ module CommonPathHelper
 
           longest_common_path = potential_path
         end
-        common_paths << longest_common_path
+
+        longest_common_path = full_paths if longest_common_path.split('/').length == 1
+        (common_paths << longest_common_path).flatten!
       end
     end
   end

data/license_finder.gemspec

@@ -9,7 +9,6 @@ Gem::Specification.new do |s|
 
   s.authors = [
     'Ryan Collins',
-    'Vikram Yadav',
     'Daniil Kouznetsov',
     'Andy Shen',
     'Shane Lattanzio',
@@ -37,8 +36,8 @@ Gem::Specification.new do |s|
   s.description = <<-DESCRIPTION
     LicenseFinder works with your package managers to find
     dependencies, detect the licenses of the packages in them, compare
-    those licenses against a user-defined whitelist, and give you an
-    actionable exception report.
+    those licenses against a user-defined list of permitted licenses,
+    and give you an actionable exception report.
   DESCRIPTION
 
   s.license = 'MIT'
@@ -53,13 +52,13 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'addressable', '2.7.0'
   s.add_development_dependency 'capybara', '~> 3.15.0'
   s.add_development_dependency 'cocoapods', '>= 1.0.0' if RUBY_PLATFORM =~ /darwin/
-  s.add_development_dependency 'fakefs', '~> 0.20.0'
-  s.add_development_dependency 'mime-types', '3.3'
+  s.add_development_dependency 'fakefs', '~> 1.0.0'
+  s.add_development_dependency 'mime-types', '3.3.1'
   s.add_development_dependency 'pry'
   s.add_development_dependency 'rake'
   s.add_development_dependency 'rspec', '~> 3'
   s.add_development_dependency 'rspec-its'
-  s.add_development_dependency 'rubocop', '~> 0.76.0'
+  s.add_development_dependency 'rubocop', '~> 0.79.0'
   s.add_development_dependency 'rubocop-performance', '~> 1.5.0'
   s.add_development_dependency 'webmock', '~> 3.5'
 

metadata

@@ -1,11 +1,10 @@
 --- !ruby/object:Gem::Specification
 name: license_finder
 version: !ruby/object:Gem::Version
-  version: 5.11.1
+  version: 6.0.0
 platform: ruby
 authors:
 - Ryan Collins
-- Vikram Yadav
 - Daniil Kouznetsov
 - Andy Shen
 - Shane Lattanzio
@@ -27,7 +26,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-11-05 00:00:00.000000000 Z
+date: 2020-01-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -153,28 +152,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.20.0
+        version: 1.0.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.20.0
+        version: 1.0.0
 - !ruby/object:Gem::Dependency
   name: mime-types
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: '3.3'
+        version: 3.3.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - '='
       - !ruby/object:Gem::Version
-        version: '3.3'
+        version: 3.3.1
 - !ruby/object:Gem::Dependency
   name: pry
   requirement: !ruby/object:Gem::Requirement
@@ -237,14 +236,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.76.0
+        version: 0.79.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.76.0
+        version: 0.79.0
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
@@ -304,8 +303,8 @@ dependencies:
 description: |2
       LicenseFinder works with your package managers to find
       dependencies, detect the licenses of the packages in them, compare
-      those licenses against a user-defined whitelist, and give you an
-      actionable exception report.
+      those licenses against a user-defined list of permitted licenses,
+      and give you an actionable exception report.
 email:
 - labs-commoncode@pivotal.io
 executables:
@@ -349,7 +348,6 @@ files:
 - lib/license_finder/cli.rb
 - lib/license_finder/cli/approvals.rb
 - lib/license_finder/cli/base.rb
-- lib/license_finder/cli/blacklist.rb
 - lib/license_finder/cli/dependencies.rb
 - lib/license_finder/cli/ignored_dependencies.rb
 - lib/license_finder/cli/ignored_groups.rb
@@ -357,8 +355,9 @@ files:
 - lib/license_finder/cli/main.rb
 - lib/license_finder/cli/makes_decisions.rb
 - lib/license_finder/cli/patched_thor.rb
+- lib/license_finder/cli/permitted_licenses.rb
 - lib/license_finder/cli/project_name.rb
-- lib/license_finder/cli/whitelist.rb
+- lib/license_finder/cli/restricted_licenses.rb
 - lib/license_finder/configuration.rb
 - lib/license_finder/core.rb
 - lib/license_finder/decision_applier.rb
@@ -417,6 +416,7 @@ files:
 - lib/license_finder/package_managers/npm.rb
 - lib/license_finder/package_managers/nuget.rb
 - lib/license_finder/package_managers/pip.rb
+- lib/license_finder/package_managers/pipenv.rb
 - lib/license_finder/package_managers/rebar.rb
 - lib/license_finder/package_managers/sbt.rb
 - lib/license_finder/package_managers/trash.rb
@@ -429,6 +429,7 @@ files:
 - lib/license_finder/package_utils/maven_dependency_finder.rb
 - lib/license_finder/package_utils/notice_files.rb
 - lib/license_finder/package_utils/possible_license_file.rb
+- lib/license_finder/package_utils/pypi.rb
 - lib/license_finder/package_utils/sbt_dependency_finder.rb
 - lib/license_finder/packages/bower_package.rb
 - lib/license_finder/packages/bundler_package.rb
@@ -490,7 +491,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.6
+rubygems_version: 3.1.2
 signing_key: 
 specification_version: 4
 summary: Audit the OSS licenses of your application's dependencies.

data/lib/license_finder/cli/blacklist.rb

@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-module LicenseFinder
-  module CLI
-    class Blacklist < Base
-      extend Subcommand
-      include MakesDecisions
-
-      desc 'list', 'List all the blacklisted licenses'
-      def list
-        say 'Blacklisted Licenses:', :blue
-        say_each(decisions.blacklisted, &:name)
-      end
-
-      auditable
-      desc 'add LICENSE...', 'Add one or more licenses to the blacklist'
-      def add(*licenses)
-        assert_some licenses
-        modifying { licenses.each { |l| decisions.blacklist(l, txn) } }
-        say "Added #{licenses.join(', ')} to the license blacklist"
-      end
-
-      auditable
-      desc 'remove LICENSE...', 'Remove one or more licenses from the blacklist'
-      def remove(*licenses)
-        assert_some licenses
-        modifying { licenses.each { |l| decisions.unblacklist(l, txn) } }
-        say "Removed #{licenses.join(', ')} from the license blacklist"
-      end
-    end
-  end
-end

data/lib/license_finder/cli/whitelist.rb

@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-module LicenseFinder
-  module CLI
-    class Whitelist < Base
-      extend Subcommand
-      include MakesDecisions
-
-      desc 'list', 'List all the whitelisted licenses'
-      def list
-        say 'Whitelisted Licenses:', :blue
-        say_each(decisions.whitelisted, &:name)
-      end
-
-      auditable
-      desc 'add LICENSE...', 'Add one or more licenses to the whitelist'
-      def add(*licenses)
-        assert_some licenses
-        modifying { licenses.each { |l| decisions.whitelist(l, txn) } }
-        say "Added #{licenses.join(', ')} to the license whitelist"
-      end
-
-      auditable
-      desc 'remove LICENSE...', 'Remove one or more licenses from the whitelist'
-      def remove(*licenses)
-        assert_some licenses
-        modifying { licenses.each { |l| decisions.unwhitelist(l, txn) } }
-        say "Removed #{licenses.join(', ')} from the license whitelist"
-      end
-    end
-  end
-end