license_finder 5.8.0 → 5.9.0

data/lib/license_finder/package.rb

@@ -61,8 +61,10 @@ module LicenseFinder
 
     ## DESCRIPTION
 
+    attr_accessor :homepage
+
     attr_reader :name, :version, :authors,
-                :summary, :description, :homepage,
+                :summary, :description,
                 :children, :parents, :groups
 
     ## APPROVAL
@@ -193,3 +195,4 @@ require 'license_finder/packages/conan_package'
 require 'license_finder/packages/yarn_package'
 require 'license_finder/packages/sbt_package'
 require 'license_finder/packages/cargo_package'
+require 'license_finder/packages/composer_package'

data/lib/license_finder/package_manager.rb

@@ -160,5 +160,6 @@ require 'license_finder/package_managers/dep'
 require 'license_finder/package_managers/conan'
 require 'license_finder/package_managers/sbt'
 require 'license_finder/package_managers/cargo'
+require 'license_finder/package_managers/composer'
 
 require 'license_finder/package'

data/lib/license_finder/package_managers/bundler.rb

@@ -28,7 +28,7 @@ module LicenseFinder
     end
 
     def possible_package_paths
-      [project_path.join('Gemfile')]
+      [project_path.join(gemfile)]
     end
 
     private
@@ -38,7 +38,7 @@ module LicenseFinder
     def definition
       # DI
       ENV['BUNDLE_PATH'] = project_path.to_s
-      ENV['BUNDLE_GEMFILE'] = "#{project_path}/Gemfile"
+      ENV['BUNDLE_GEMFILE'] = "#{project_path}/#{gemfile}"
 
       @definition ||= ::Bundler::Definition.build(detected_package_path, lockfile_path, nil)
     end
@@ -53,7 +53,7 @@ module LicenseFinder
     def gem_details
       return @gem_details if @gem_details
 
-      # clear gem paths before runninng specs_for
+      # clear gem paths before running specs_for
       Gem.clear_paths
       if File.exist?(bundler_config_path)
         ::Bundler.reset!
@@ -71,7 +71,7 @@ module LicenseFinder
     end
 
     def lockfile_path
-      project_path.join('Gemfile.lock')
+      project_path.join(lockfile)
     end
 
     def bundler_config_path
@@ -89,5 +89,13 @@ module LicenseFinder
         end
       end
     end
+
+    def gemfile
+      File.basename(ENV['BUNDLE_GEMFILE'])
+    end
+
+    def lockfile
+      "#{gemfile}.lock"
+    end
   end
 end

data/lib/license_finder/package_managers/composer.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module LicenseFinder
+  class Composer < PackageManager
+    SHELL_COMMAND = 'composer licenses --format=json'
+
+    def possible_package_paths
+      [project_path.join('composer.lock'), project_path.join('composer.json')]
+    end
+
+    def current_packages
+      dependency_list.map do |name, dependency|
+        ComposerPackage.new(name, dependency['version'], spec_licenses: dependency['license'])
+      end
+    end
+
+    def prepare
+      _stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(Composer.prepare_command) }
+      return if status.success?
+
+      log_errors stderr
+      raise "Prepare command '#{Composer.prepare_command}' failed" unless @prepare_no_fail
+    end
+
+    def self.package_management_command
+      'composer'
+    end
+
+    def self.prepare_command
+      'composer install'
+    end
+
+    def package_path
+      project_path.join('composer.json')
+    end
+
+    def lockfile_path
+      project_path.join('composer.lock')
+    end
+
+    def dependency_list
+      json ||= composer_json
+      json.fetch('dependencies', {}).reject { |_, d| d.is_a?(String) }
+    end
+
+    def composer_json
+      stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(Composer::SHELL_COMMAND) }
+      raise "Command '#{Composer::SHELL_COMMAND}' failed to execute: #{stderr}" unless status.success?
+
+      JSON(stdout)
+    end
+  end
+end

data/lib/license_finder/package_managers/gvt.rb

@@ -1,12 +1,12 @@
 # frozen_string_literal: true
 
 require 'license_finder/shared_helpers/common_path'
+
 module LicenseFinder
   class Gvt < PackageManager
     def possible_package_paths
-      potential_path_list = Dir.glob project_path.join('*', 'vendor', 'manifest')
-      potential_path_list << project_path.join('vendor', 'manifest')
-      potential_path_list.map { |path| Pathname path }
+      potential_path = project_path.join('vendor', 'manifest')
+      [Pathname(potential_path)]
     end
 
     def self.package_management_command
@@ -18,25 +18,8 @@ module LicenseFinder
     end
 
     def current_packages
-      split_project_path = project_path.to_s.split('/')
-      project_root_depth = split_project_path.length - 1
-
-      split_package_path = detected_package_path.to_s.split('/')
-      vendor_dir_depth = split_package_path.index('vendor')
-      return [] if vendor_dir_depth.nil?
-
-      vendor_dir_parent_depth = vendor_dir_depth - 1
-
-      is_project_root_parent_of_vendor_dir = project_root_depth == vendor_dir_parent_depth
-
-      if is_project_root_parent_of_vendor_dir
-        shell_command = 'gvt list -f "{{.Importpath}} {{.Revision}} {{.Repository}}"'
-        path = project_path.join('vendor')
-      else
-        vendor_dir_parent = split_package_path[vendor_dir_parent_depth]
-        shell_command = "cd #{vendor_dir_parent} && gvt list -f \"{{.Importpath}} {{.Revision}} {{.Repository}}\""
-        path = project_path.join(vendor_dir_parent, 'vendor')
-      end
+      shell_command = "cd #{project_path} && gvt list -f \"{{.Importpath}} {{.Revision}} {{.Repository}}\""
+      path = project_path.join(project_path, 'vendor')
 
       stdout, _stderr, status = Cmd.run(shell_command)
       return [] unless status.success?

data/lib/license_finder/package_managers/npm.rb

@@ -24,6 +24,7 @@ module LicenseFinder
     def prepare
       prep_cmd = "#{NPM.prepare_command}#{production_flag}"
       _stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(prep_cmd) }
+
       return if status.success?
 
       log_errors stderr
@@ -35,7 +36,8 @@ module LicenseFinder
     def npm_json
       command = "#{NPM.package_management_command} list --json --long#{production_flag}"
       stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(command) }
-      raise "Command '#{command}' failed to execute: #{stderr}" unless status.success?
+      # we can try and continue if we got an exit status 1 - unmet peer dependency
+      raise "Command '#{command}' failed to execute: #{stderr}" if !status.success? && status.exitstatus != 1
 
       JSON.parse(stdout)
     end

data/lib/license_finder/packages/composer_package.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+module LicenseFinder
+  class ComposerPackage < Package
+    def package_manager
+      'Composer'
+    end
+  end
+end

data/lib/license_finder/packages/npm_package.rb

@@ -9,6 +9,12 @@ module LicenseFinder
         @packages = flattened_dependencies(npm_json)
         package_json = PackageJson.new(package_path)
         populate_groups(package_json)
+        @packages.reject! do |_identifier, package|
+          package.name.empty? &&
+            package.version.empty? &&
+            package.licenses.length == 1 &&
+            package.licenses.first.name == 'unknown'
+        end
         @packages.values
       end
 

data/lib/license_finder/scanner.rb

@@ -3,7 +3,7 @@
 module LicenseFinder
   class Scanner
     PACKAGE_MANAGERS = [GoModules, GoDep, GoWorkspace, Go15VendorExperiment, Glide, Gvt, Govendor, Trash, Dep, Bundler, NPM, Pip,
-                        Yarn, Bower, Maven, Gradle, CocoaPods, Rebar, Nuget, Carthage, Mix, Conan, Sbt, Cargo, Dotnet].freeze
+                        Yarn, Bower, Maven, Gradle, CocoaPods, Rebar, Nuget, Carthage, Mix, Conan, Sbt, Cargo, Dotnet, Composer].freeze
 
     def initialize(config = { project_path: Pathname.new('') })
       @config = config
@@ -23,6 +23,7 @@ module LicenseFinder
       active_pm_classes = []
       PACKAGE_MANAGERS.each do |pm_class|
         active = pm_class.new(@config).active?
+
         if active
           @logger.info pm_class, 'is active', color: :green
           active_pm_classes << pm_class

data/license_finder.gemspec

@@ -31,7 +31,7 @@ Gem::Specification.new do |s|
   ]
 
   s.email       = ['labs-commoncode@pivotal.io']
-  s.homepage    = 'https://github.com/pivotal-legacy/LicenseFinder'
+  s.homepage    = 'https://github.com/pivotal/LicenseFinder'
   s.summary     = "Audit the OSS licenses of your application's dependencies."
 
   s.description = <<-DESCRIPTION
@@ -59,7 +59,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'rake'
   s.add_development_dependency 'rspec', '~> 3'
   s.add_development_dependency 'rspec-its'
-  s.add_development_dependency 'rubocop', '~> 0.70.0'
+  s.add_development_dependency 'rubocop', '~> 0.71.0'
   s.add_development_dependency 'rubocop-performance', '~> 1.3.0'
   s.add_development_dependency 'webmock', '~> 3.5'
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: license_finder
 version: !ruby/object:Gem::Version
-  version: 5.8.0
+  version: 5.9.0
 platform: ruby
 authors:
 - Ryan Collins
@@ -27,7 +27,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-22 00:00:00.000000000 Z
+date: 2019-06-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -231,14 +231,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.70.0
+        version: 0.71.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.70.0
+        version: 0.71.0
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
@@ -366,13 +366,16 @@ files:
 - lib/license_finder/license/matcher.rb
 - lib/license_finder/license/none_matcher.rb
 - lib/license_finder/license/template.rb
+- lib/license_finder/license/templates/Apache1_1.txt
 - lib/license_finder/license/templates/Apache2.txt
 - lib/license_finder/license/templates/BSD.txt
 - lib/license_finder/license/templates/CC01.txt
+- lib/license_finder/license/templates/EPL1.txt
 - lib/license_finder/license/templates/GPLv2.txt
 - lib/license_finder/license/templates/GPLv3.txt
 - lib/license_finder/license/templates/ISC.txt
 - lib/license_finder/license/templates/LGPL.txt
+- lib/license_finder/license/templates/LGPL2_1.txt
 - lib/license_finder/license/templates/MIT.txt
 - lib/license_finder/license/templates/MPL2.txt
 - lib/license_finder/license/templates/NewBSD.txt
@@ -390,6 +393,7 @@ files:
 - lib/license_finder/package_managers/cargo.rb
 - lib/license_finder/package_managers/carthage.rb
 - lib/license_finder/package_managers/cocoa_pods.rb
+- lib/license_finder/package_managers/composer.rb
 - lib/license_finder/package_managers/conan.rb
 - lib/license_finder/package_managers/dep.rb
 - lib/license_finder/package_managers/dotnet.rb
@@ -424,6 +428,7 @@ files:
 - lib/license_finder/packages/cargo_package.rb
 - lib/license_finder/packages/carthage_package.rb
 - lib/license_finder/packages/cocoa_pods_package.rb
+- lib/license_finder/packages/composer_package.rb
 - lib/license_finder/packages/conan_package.rb
 - lib/license_finder/packages/go_package.rb
 - lib/license_finder/packages/gradle_package.rb
@@ -459,7 +464,7 @@ files:
 - lib/license_finder/version.rb
 - license_finder.gemspec
 - release/instructions.md
-homepage: https://github.com/pivotal-legacy/LicenseFinder
+homepage: https://github.com/pivotal/LicenseFinder
 licenses:
 - MIT
 metadata: {}