license_finder 6.0.0 → 6.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f844205631f75e79fa841f51845a3a93691016c21fc0e3abbeb971ea8b8c4108
-  data.tar.gz: 2844a248508124b47ad59556878101b1ee793be082da8af1281bdb69e8478e2e
+  metadata.gz: 4322a68abdac0f37598d3a7e9329592a6aadc106d26dddab5228df56947161b4
+  data.tar.gz: 9cdde6b3fe4f113c7877a0bbb56ff74127155a4e00c1919dc2f40ea717fa2dc0
 SHA512:
-  metadata.gz: 4621032a4fdb55cb82c81733fca9d7dbee7d900013e1d74dbf633a6be189892121b2afe975ce93f6c465ba5697de11b7b5ad6a40420bd365083db17c587a4ed5
-  data.tar.gz: c13feb27fdd90a93abc444e0ed7ae08292ac742944e9de35f77b4f838cc2d705ee2c203e0743a0d805f7e070ea19e7cfe8cbea4b02b2d627cfe6ef5cedbcbfc1
+  metadata.gz: '09ed394388a18eeb7e60d6f8d685c77a00b3769a933b48f4a75a8bbdd224b9534696de6c8bec9db9bd7c8a8f3ac0176805123c2c36f445ca8cdb0cf3ae473144'
+  data.tar.gz: b8acbb67e9cb67facb22ba808e592fb8b14384aac588040fbe00524ad25d86cd958fbc001c8b8b069dc40de014ac9455017c302f04faf022f92d4f16eca78739

data/CHANGELOG.md

@@ -1,12 +1,22 @@
+# [6.1.0] / 2020-02-21
+
+### Fixed
+* Testing dsl now correctly creates gem project - [6158d767](https://github.com/pivotal/LicenseFinder/commit/6158d76758f4232f3efd652729a83aa632a67dee) - Jeff Jun
+
+### Changed
+* Upgrade golang version to 1.13.3 - [51ecbcbc](https://github.com/pivotal/LicenseFinder/commit/51ecbcbc7992366c1baed2e8b805a7f820f70160) 
+* Uses correct package management command for pip based on options that are passed in - [3f4034ab](https://github.com/pivotal/LicenseFinder/commit/3f4034ab3479da23088174ad8cf56828b3cda9ad) 
+
 # [6.0.0] / 2020-01-22
 
 ### Added
 * License Finder now recognizes pip requirement markers - [99fbc184](https://github.com/pivotal/LicenseFinder/commit/99fbc18463ef45f920ad506a72dc0b3a93d0f5bf) - Jason Smith
+* Add ruby 2.7.0 and update to latest patch levels - [65efe96](https://github.com/pivotal/LicenseFinder/commit/65efe96aeef600a398f1465c01ed28b51bda456a) - mokhan
+* Add support for Pipfile.lock - [566fb39c](https://github.com/pivotal/LicenseFinder/commit/566fb39c4077fb5271707a94894998a585cde8dd) - mokhan
 
 ### Fixed
 * Bundler ignored groups failure - [bf2c03e3](https://github.com/pivotal/LicenseFinder/commit/bf2c03e375e91e8418967a593362313487f2f0d0) 
 * No longer crashes when python package requirement is missing - [80e4b360](https://github.com/pivotal/LicenseFinder/commit/80e4b360b95de126e7dc139c25de56c948a01f1e) - Jason Smith
-
 * Longest common paths returning incorrect single directory [#169276334] - [f1d5423b](https://github.com/pivotal/LicenseFinder/commit/f1d5423b04f892d1d1e0595993c9bebb0a7c1b6d) 
 * python 2 projects using incorrect CLI command - [5655f60e](https://github.com/pivotal/LicenseFinder/commit/5655f60e671dc4c247bb05138ed35b05cda9cdc7) 
 
@@ -16,8 +26,10 @@
 * Bump to openjdk 11 - [499f8ab3](https://github.com/pivotal/LicenseFinder/commit/499f8ab3af7cd8ca37e429f2ed78323ad796d123) - Debbie Chen
 * Bump to openjdk 12 - [09c781a7](https://github.com/pivotal/LicenseFinder/commit/09c781a70787d9461722d5d03d1bc624b644311a) - Debbie Chen
 * Bundler prepare commands with now exclude dependencies in the ignored groups [#169611326] - [e58b2870](https://github.com/pivotal/LicenseFinder/commit/e58b2870b64d2c88be7027b152a423fdb921baca) 
-
 * Change version to be required for dependency add and updated cli options [#168705017] - [b10383d3](https://github.com/pivotal/LicenseFinder/commit/b10383d3d1990b6ad0d608044511352f13924be3) - Debbie Chen
+* Ensure composer always installs the packages - [70b5e7a](https://github.com/pivotal/LicenseFinder/commit/70b5e7a42943c85bbd1d2825b2ffe94eec89020f) - kaystrobach 
+
+* **BREAKING:** Replaced whitelist/blacklist terminology with permitted_licenses/restricted_licenses - [a40b22f](https://github.com/pivotal/LicenseFinder/commit/a40b22fda11b3a0efbb3c0a021381534bc998dd9) - grantbdev  
 
 ### Deprecated
 * Remove support for jruby 9.1* [#169590215] - [81e75f8c](https://github.com/pivotal/LicenseFinder/commit/81e75f8cd61ca35e30562352dee2579b1b6c991e) 
@@ -797,3 +809,4 @@ Bugfixes:
 [5.11.0]: https://github.com/pivotal/LicenseFinder/compare/v5.10.2...v5.11.0
 [5.11.1]: https://github.com/pivotal/LicenseFinder/compare/v5.11.0...v5.11.1
 [6.0.0]: https://github.com/pivotal/LicenseFinder/compare/v5.11.1...v6.0.0
+[6.1.0]: https://github.com/pivotal/LicenseFinder/compare/v6.0.0...v6.1.0

data/Dockerfile

@@ -3,7 +3,7 @@ FROM ubuntu:xenial
 # Versioning
 ENV PIP_INSTALL_VERSION 19.0.2
 ENV PIP3_INSTALL_VERSION 8.1.1
-ENV GO_LANG_VERSION 1.11.5
+ENV GO_LANG_VERSION 1.13.3
 ENV MAVEN_VERSION 3.6.0
 ENV SBT_VERSION 1.3.3
 ENV GRADLE_VERSION 5.6.4
@@ -51,7 +51,7 @@ RUN apt-get install -y python rebar
 
 # install and update python-pip
 RUN apt-get install -y python-pip python3-pip && \
-    pip install --upgrade pip==$PIP_INSTALL_VERSION && \
+    pip2 install --upgrade pip==$PIP_INSTALL_VERSION  && \
     pip3 install --upgrade pip==$PIP3_INSTALL_VERSION
 
 # install maven
@@ -149,7 +149,7 @@ RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 4F4EA0AAE5
     apt-get update &&\
     apt-get install -y php7.1-cli &&\
     php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" &&\
-    php -r "if (hash_file('sha384', 'composer-setup.php') === 'c5b9b6d368201a9db6f74e2611495f369991b72d9c8cbd3ffbc63edff210eb73d46ffbfce88669ad33695ef77dc76976') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" &&\
+    php -r "if (hash_file('sha384', 'composer-setup.php') === 'e0012edf3e80b6978849f5eff0d4b4e4c79ff1609dd1e613307e16318854d24ae64f26d17af3ef0bf7cfb710ca74755a') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" &&\
     php composer-setup.php &&\
     php -r "unlink('composer-setup.php');" &&\
     mv composer.phar /usr/bin/composer

data/README.md

@@ -31,7 +31,7 @@ and give you an actionable exception report.
 | ------------ | --------------- | -------:|
 | Ruby Gems    | bundler         | 1.16.6  |
 | Python 2.7 Eggs  | pip2             | 19.0.2  |
-| Python 3.5 Eggs  | pip3             | 8.1.1  |
+| Python 3.5 Eggs  | pip3             | 19.0.2  |
 | Node.js      | npm             | 6.4.1   |
 | Bower        | bower           | 1.8.4   |
 | Nuget (without license discovery) | nuget | 4.7.1.5393 |

data/Rakefile

@@ -47,7 +47,7 @@ task :check_dependencies do
   require './lib/license_finder'
   satisfied = true
   LicenseFinder::Scanner::PACKAGE_MANAGERS.each do |package_manager|
-    satisfied = false unless package_manager.installed?(LicenseFinder::Logger.new(LicenseFinder::Logger::MODE_INFO))
+    satisfied = false unless package_manager.new(project_path: Pathname.new('')).installed?(LicenseFinder::Logger.new(LicenseFinder::Logger::MODE_INFO))
   end
   STDOUT.flush
   exit 1 unless satisfied

data/VERSION

@@ -1 +1 @@
-6.0.0
+6.1.0

data/ci/pipelines/release.yml.erb

@@ -17,7 +17,7 @@ resources:
     uri: git@github.com:pivotal/LicenseFinder.git
     private_key: ((CfOslBot.private_key))
     branch: master
-    ignore_paths: [VERSION]
+    ignore_paths: [VERSION, CHANGELOG.md]
 
 - name: lf-git-version
   type: git
@@ -26,14 +26,6 @@ resources:
     private_key: ((CfOslBot.private_key))
     branch: master
 
-- name: git-master-dockerfile
-  type: git
-  source:
-    uri: git@github.com:pivotal/LicenseFinder.git
-    private_key: ((CfOslBot.private_key))
-    branch: master
-    paths: [Dockerfile, Gemfile, license_finder.gemspec]
-
 - name: semver-version
   type: semver
   source:
@@ -80,13 +72,13 @@ jobs:
 - name: build-docker-image
   public: true
   plan:
-    - get: git-master-dockerfile
+    - get: lf-git
       tags: ["private-worker"]
       trigger: true
     - put: dockerhub-edge
       tags: ["private-worker"]
       params:
-        build: git-master-dockerfile
+        build: lf-git
 
 <% ruby_versions.each do |ruby_version| %>
 - name: ruby-<%= ruby_version %>
@@ -99,7 +91,7 @@ jobs:
   - get: LicenseFinder
     tags: ["private-worker"]
     resource: lf-git
-    trigger: true
+    passed: [build-docker-image]
     version: every
   - task: ruby-<%= ruby_version %>
     tags: ["private-worker"]
@@ -108,6 +100,7 @@ jobs:
     file: LicenseFinder/ci/tasks/run-tests.yml
     params:
       RUBY_VERSION_UNDER_TEST: <%= ruby_version %>
+
 <% if setup_slack %>
   on_failure:
     put: slack-alert
@@ -129,8 +122,8 @@ jobs:
   - get: LicenseFinder
     tags: ["private-worker"]
     resource: lf-git
-    trigger: true
     version: every
+    passed: [build-docker-image]
   - task: run-rubocop
     tags: ["private-worker"]
     privileged: true
@@ -139,39 +132,33 @@ jobs:
 
 - name: bump-major
   plan:
-    - get: lf-git
-      tags: ["private-worker"]
-      passed: [<%= ruby_versions.map{ |version| "ruby-#{version}"}.join(', ') %>]
     - put: semver-version
       tags: ["private-worker"]
       params: {bump: major}
 
 - name: bump-minor
   plan:
-    - get: lf-git
-      tags: ["private-worker"]
-      passed: [<%= ruby_versions.map{ |version| "ruby-#{version}"}.join(', ') %>]
     - put: semver-version
       tags: ["private-worker"]
       params: {bump: minor}
 
 - name: bump-patch
   plan:
-    - get: lf-git
-      tags: ["private-worker"]
-      passed: [<%= ruby_versions.map{ |version| "ruby-#{version}"}.join(', ') %>]
     - put: semver-version
       tags: ["private-worker"]
       params: {bump: patch}
 
 - name: release
+  disable_manual_trigger: true
   plan:
+  - get: lf-git
+    tags: ["private-worker"]
+    passed: [<%= "#{ruby_versions.map{ |version| "ruby-#{version}"}.join(', ')}, rubocop" %>]
   - get: lf-git-version
     tags: ["private-worker"]
   - get: semver-version
     tags: ["private-worker"]
     trigger: true
-    passed: [bump-major, bump-minor, bump-patch]
   - get: dockerhub
     tags: ["private-worker"]
     params:

data/ci/scripts/run-rubocop.sh

@@ -2,6 +2,7 @@
 
 cd LicenseFinder
 
+gem update --system
 bundle install --without runtime default
 
 rubocop_version=`cat Gemfile.lock | grep '    rubocop' | awk -F'[\(*\)]' '{print $2;exit}'`

data/lib/license_finder/package_manager.rb

@@ -22,24 +22,24 @@ module LicenseFinder
       def takes_priority_over
         nil
       end
+    end
 
-      def installed?(logger = Core.default_logger)
-        if package_management_command.nil?
-          logger.debug self, 'no command defined' # TODO: comment me out
-          true
-        elsif command_exists?(package_management_command)
-          logger.debug self, 'is installed', color: :green
-          true
-        else
-          logger.info self, 'is not installed', color: :red
-          false
-        end
+    def installed?(logger = Core.default_logger)
+      if package_management_command.nil?
+        logger.debug self.class, 'no command defined' # TODO: comment me out
+        true
+      elsif command_exists?(package_management_command)
+        logger.debug self.class, 'is installed', color: :green
+        true
+      else
+        logger.info self.class, 'is not installed', color: :red
+        false
       end
+    end
 
-      # see class description
-      def package_management_command
-        nil
-      end
+    # see class description
+    def package_management_command
+      nil
     end
 
     # see class description
@@ -47,7 +47,7 @@ module LicenseFinder
       nil
     end
 
-    def self.command_exists?(command)
+    def command_exists?(command)
       _stdout, _stderr, status =
         if LicenseFinder::Platform.windows?
           Cmd.run("where #{command}")
@@ -128,7 +128,7 @@ module LicenseFinder
       FileUtils.mkdir_p @log_directory
 
       # replace whitespace with underscores and remove slashes
-      log_file_name = self.class.package_management_command&.gsub(/\s/, '_')&.gsub(%r{/}, '')
+      log_file_name = package_management_command&.gsub(/\s/, '_')&.gsub(%r{/}, '')
       log_file = File.join(@log_directory, "prepare_#{log_file_name || 'errors'}.log")
 
       File.open(log_file, 'w') do |f|

data/lib/license_finder/package_managers/bower.rb

@@ -10,7 +10,7 @@ module LicenseFinder
       end
     end
 
-    def self.package_management_command
+    def package_management_command
       'bower'
     end
 
@@ -25,7 +25,7 @@ module LicenseFinder
     private
 
     def bower_output
-      command = "#{Bower.package_management_command} list --json -l action --allow-root"
+      command = "#{package_management_command} list --json -l action --allow-root"
       stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(command) }
       raise "Command '#{command}' failed to execute: #{stderr}" unless status.success?
 

data/lib/license_finder/package_managers/bundler.rb

@@ -19,7 +19,7 @@ module LicenseFinder
       end
     end
 
-    def self.package_management_command
+    def package_management_command
       'bundle'
     end
 

data/lib/license_finder/package_managers/cargo.rb

@@ -10,7 +10,7 @@ module LicenseFinder
       end
     end
 
-    def self.package_management_command
+    def package_management_command
       'cargo'
     end
 
@@ -25,7 +25,7 @@ module LicenseFinder
     private
 
     def cargo_output
-      command = "#{Cargo.package_management_command} metadata --format-version=1"
+      command = "#{package_management_command} metadata --format-version=1"
 
       stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(command) }
       raise "Command '#{command}' failed to execute: #{stderr}" unless status.success?

data/lib/license_finder/package_managers/carthage.rb

@@ -20,7 +20,7 @@ module LicenseFinder
       end
     end
 
-    def self.package_management_command
+    def package_management_command
       LicenseFinder::Platform.darwin? ? 'carthage' : nil
     end
 

data/lib/license_finder/package_managers/cocoa_pods.rb

@@ -21,7 +21,7 @@ module LicenseFinder
       end
     end
 
-    def self.package_management_command
+    def package_management_command
       LicenseFinder::Platform.darwin? ? 'pod' : nil
     end
 

data/lib/license_finder/package_managers/composer.rb

@@ -24,7 +24,7 @@ module LicenseFinder
       raise "Prepare command '#{Composer.prepare_command}' failed" unless @prepare_no_fail
     end
 
-    def self.package_management_command
+    def package_management_command
       'composer'
     end
 

data/lib/license_finder/package_managers/dep.rb

@@ -31,7 +31,7 @@ module LicenseFinder
       'dep ensure -vendor-only'
     end
 
-    def self.package_management_command
+    def package_management_command
       'dep'
     end
   end

data/lib/license_finder/package_managers/dotnet.rb

@@ -71,12 +71,12 @@ module LicenseFinder
       Dir[project_path.join('**/project.assets.json')]
     end
 
-    def self.package_management_command
+    def package_management_command
       'dotnet'
     end
 
     def prepare_command
-      "#{Dotnet.package_management_command} restore"
+      "#{package_management_command} restore"
     end
   end
 end

data/lib/license_finder/package_managers/glide.rb

@@ -30,7 +30,7 @@ module LicenseFinder
       Go15VendorExperiment
     end
 
-    def self.package_management_command
+    def package_management_command
       'glide'
     end
 

data/lib/license_finder/package_managers/go_15vendorexperiment.rb

@@ -42,7 +42,7 @@ module LicenseFinder
       end
     end
 
-    def self.package_management_command
+    def package_management_command
       'go'
     end
 

data/lib/license_finder/package_managers/go_dep.rb

@@ -22,7 +22,7 @@ module LicenseFinder
       [project_path.join('Godeps/Godeps.json')]
     end
 
-    def self.package_management_command
+    def package_management_command
       'godep'
     end
 

data/lib/license_finder/package_managers/go_workspace.rb

@@ -15,7 +15,7 @@ module LicenseFinder
       @strict_matching = options[:strict_matching]
     end
 
-    def self.package_management_command
+    def package_management_command
       'go'
     end
 

data/lib/license_finder/package_managers/govendor.rb

@@ -25,7 +25,7 @@ module LicenseFinder
       Go15VendorExperiment
     end
 
-    def self.package_management_command
+    def package_management_command
       'govendor'
     end
 

data/lib/license_finder/package_managers/gvt.rb

@@ -9,7 +9,7 @@ module LicenseFinder
       [Pathname(potential_path)]
     end
 
-    def self.package_management_command
+    def package_management_command
       'gvt'
     end
 

data/lib/license_finder/package_managers/mix.rb

@@ -4,7 +4,7 @@ module LicenseFinder
   class Mix < PackageManager
     def initialize(options = {})
       super
-      @command = options[:mix_command] || Mix.package_management_command
+      @command = options[:mix_command] || package_management_command
       @elixir_command = options[:elixir_command] || 'elixir'
       @deps_path = Pathname(options[:mix_deps_dir] || 'deps')
     end
@@ -26,7 +26,7 @@ module LicenseFinder
       licenses_by_package.fetch(name, ['license is not in deps'])
     end
 
-    def self.package_management_command
+    def package_management_command
       'mix'
     end
 
@@ -42,15 +42,15 @@ module LicenseFinder
       [project_path.join('mix.exs')]
     end
 
-    def self.installed?(logger = Core.default_logger)
+    def installed?(logger = Core.default_logger)
       if package_management_command.nil?
-        logger.debug self, 'no command defined'
+        logger.debug self.class, 'no command defined'
         true
       elsif command_exists?('elixir') && command_exists?('mix')
-        logger.debug self, 'is installed', color: :green
+        logger.debug self.class, 'is installed', color: :green
         true
       else
-        logger.info self, '(elixir) is not installed', color: :red
+        logger.info self.class, '(elixir) is not installed', color: :red
         false
       end
     end

data/lib/license_finder/package_managers/npm.rb

@@ -9,7 +9,7 @@ module LicenseFinder
       NpmPackage.packages_from_json(npm_json, detected_package_path)
     end
 
-    def self.package_management_command
+    def package_management_command
       'npm'
     end
 
@@ -34,7 +34,7 @@ module LicenseFinder
     private
 
     def npm_json
-      command = "#{NPM.package_management_command} list --json --long#{production_flag}"
+      command = "#{package_management_command} list --json --long#{production_flag}"
       stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(command) }
       # we can try and continue if we got an exit status 1 - unmet peer dependency
       raise "Command '#{command}' failed to execute: #{stderr}" if !status.success? && status.exitstatus != 1

data/lib/license_finder/package_managers/nuget.rb

@@ -71,27 +71,27 @@ module LicenseFinder
       assemblies.flat_map(&:dependencies)
     end
 
-    def self.package_management_command
+    def package_management_command
       return 'nuget' if LicenseFinder::Platform.windows?
 
       'mono /usr/local/bin/nuget.exe'
     end
 
     def prepare_command
-      "#{Nuget.package_management_command} restore"
+      "#{package_management_command} restore"
     end
 
-    def self.installed?(logger = Core.default_logger)
+    def installed?(logger = Core.default_logger)
       _stdout, _stderr, status = Cmd.run(nuget_check)
       if status.success?
-        logger.debug self, 'is installed', color: :green
+        logger.debug self.class, 'is installed', color: :green
       else
-        logger.info self, 'is not installed', color: :red
+        logger.info self.class, 'is not installed', color: :red
       end
       status.success?
     end
 
-    def self.nuget_check
+    def nuget_check
       return 'where nuget' if LicenseFinder::Platform.windows?
 
       'which mono && ls /usr/local/bin/nuget.exe'

data/lib/license_finder/package_managers/pip.rb

@@ -4,10 +4,12 @@ require 'json'
 
 module LicenseFinder
   class Pip < PackageManager
+    DEFAULT_VERSION = '2'
+
     def initialize(options = {})
       super
       @requirements_path = options[:pip_requirements_path] || Pathname('requirements.txt')
-      @python_version = options[:python_version] || '2'
+      @python_version = options[:python_version] || DEFAULT_VERSION
       raise "Invalid python version \'#{@python_version}\'. Valid versions are '2' or '3'." unless %w[2 3].include?(@python_version)
     end
 
@@ -24,12 +26,8 @@ module LicenseFinder
       end
     end
 
-    # Used to detect if installed, but this is a static method and the options aren't passed
-    # so we don't know which python version was specified. Will fail later if the expected version
-    # isn't installed. The Dockerfile now installs both versions so using the image is safe.
-    # TODO: Refactor PackageManager.installed?() to pass in the options?
-    def self.package_management_command
-      'pip2'
+    def package_management_command
+      "pip#{@python_version}"
     end
 
     def prepare_command

data/lib/license_finder/package_managers/rebar.rb

@@ -4,7 +4,7 @@ module LicenseFinder
   class Rebar < PackageManager
     def initialize(options = {})
       super
-      @command = options[:rebar_command] || Rebar.package_management_command
+      @command = options[:rebar_command] || package_management_command
       @deps_path = Pathname(options[:rebar_deps_dir] || 'deps')
     end
 
@@ -20,7 +20,7 @@ module LicenseFinder
       end
     end
 
-    def self.package_management_command
+    def package_management_command
       'rebar'
     end
 

data/lib/license_finder/package_managers/yarn.rb

@@ -51,7 +51,7 @@ module LicenseFinder
       NPM
     end
 
-    def self.package_management_command
+    def package_management_command
       'yarn'
     end
 

data/lib/license_finder/scanner.rb

@@ -32,7 +32,7 @@ module LicenseFinder
 
     def active_packages
       package_managers = active_package_managers
-      installed_package_managers = package_managers.select { |pm| pm.class.installed?(@logger) }
+      installed_package_managers = package_managers.select { |pm| pm.installed?(@logger) }
       installed_package_managers.flat_map(&:current_packages_with_relations)
     end
 

data/license_finder.gemspec

@@ -26,7 +26,8 @@ Gem::Specification.new do |s|
     'David Dening',
     'Geoff Pleiss',
     'Mike Chinigo',
-    'Mike Dalessio'
+    'Mike Dalessio',
+    'Jeff Jun'
   ]
 
   s.email       = ['labs-commoncode@pivotal.io']
@@ -42,28 +43,28 @@ Gem::Specification.new do |s|
 
   s.license = 'MIT'
 
-  s.add_dependency 'bundler'
+  s.add_dependency 'bundler', '~> 2.1.0'
   s.add_dependency 'rubyzip', '>=1', '<3'
-  s.add_dependency 'thor'
+  s.add_dependency 'thor', '~> 1.0.1'
   s.add_dependency 'toml', '0.2.0'
   s.add_dependency 'with_env', '1.1.0'
-  s.add_dependency 'xml-simple'
+  s.add_dependency 'xml-simple', '~> 1.1.5'
 
   s.add_development_dependency 'addressable', '2.7.0'
   s.add_development_dependency 'capybara', '~> 3.15.0'
   s.add_development_dependency 'cocoapods', '>= 1.0.0' if RUBY_PLATFORM =~ /darwin/
   s.add_development_dependency 'fakefs', '~> 1.0.0'
   s.add_development_dependency 'mime-types', '3.3.1'
-  s.add_development_dependency 'pry'
-  s.add_development_dependency 'rake'
+  s.add_development_dependency 'pry', '~> 0.12.2'
+  s.add_development_dependency 'rake', '~> 13.0.1'
   s.add_development_dependency 'rspec', '~> 3'
-  s.add_development_dependency 'rspec-its'
+  s.add_development_dependency 'rspec-its', '~> 1.3.0'
   s.add_development_dependency 'rubocop', '~> 0.79.0'
   s.add_development_dependency 'rubocop-performance', '~> 1.5.0'
   s.add_development_dependency 'webmock', '~> 3.5'
 
-  s.add_development_dependency 'rack', '> 1.6'
-  s.add_development_dependency 'rack-test', '> 0.7'
+  s.add_development_dependency 'rack', '~> 2.0.7', '> 1.6'
+  s.add_development_dependency 'rack-test', '~> 1.1.0', '> 0.7'
 
   s.files         = `git ls-files`.split("\n").reject { |f| f.start_with?('spec', 'features') }
   s.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: license_finder
 version: !ruby/object:Gem::Version
-  version: 6.0.0
+  version: 6.1.0
 platform: ruby
 authors:
 - Ryan Collins
@@ -23,25 +23,26 @@ authors:
 - Geoff Pleiss
 - Mike Chinigo
 - Mike Dalessio
+- Jeff Jun
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-01-22 00:00:00.000000000 Z
+date: 2020-02-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.1.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 2.1.0
 - !ruby/object:Gem::Dependency
   name: rubyzip
   requirement: !ruby/object:Gem::Requirement
@@ -66,16 +67,16 @@ dependencies:
   name: thor
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.0.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.0.1
 - !ruby/object:Gem::Dependency
   name: toml
   requirement: !ruby/object:Gem::Requirement
@@ -108,16 +109,16 @@ dependencies:
   name: xml-simple
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.1.5
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.1.5
 - !ruby/object:Gem::Dependency
   name: addressable
   requirement: !ruby/object:Gem::Requirement
@@ -178,30 +179,30 @@ dependencies:
   name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.12.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 0.12.2
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 13.0.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 13.0.1
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
@@ -220,16 +221,16 @@ dependencies:
   name: rspec-its
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.3.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: 1.3.0
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
@@ -276,6 +277,9 @@ dependencies:
   name: rack
   requirement: !ruby/object:Gem::Requirement
     requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.0.7
     - - ">"
       - !ruby/object:Gem::Version
         version: '1.6'
@@ -283,6 +287,9 @@ dependencies:
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.0.7
     - - ">"
       - !ruby/object:Gem::Version
         version: '1.6'
@@ -290,6 +297,9 @@ dependencies:
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
     requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.1.0
     - - ">"
       - !ruby/object:Gem::Version
         version: '0.7'
@@ -297,6 +307,9 @@ dependencies:
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 1.1.0
     - - ">"
       - !ruby/object:Gem::Version
         version: '0.7'