license_finder 6.1.0 → 6.5.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (61) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +6 -0
  3. data/CHANGELOG.md +64 -0
  4. data/Dockerfile +23 -15
  5. data/README.md +2 -2
  6. data/Rakefile +1 -1
  7. data/VERSION +1 -1
  8. data/bin/license_finder_pip.py +7 -1
  9. data/ci/pipelines/release.yml.erb +8 -19
  10. data/ci/scripts/pushscript.sh +1 -1
  11. data/ci/scripts/updateChangelog.sh +8 -1
  12. data/ci/tasks/build-and-push-gem.yml +2 -2
  13. data/ci/tasks/rubocop.yml +1 -1
  14. data/ci/tasks/update-changelog.yml +2 -2
  15. data/lib/license_finder/cli.rb +1 -0
  16. data/lib/license_finder/cli/base.rb +1 -0
  17. data/lib/license_finder/cli/inherited_decisions.rb +32 -0
  18. data/lib/license_finder/cli/main.rb +3 -1
  19. data/lib/license_finder/configuration.rb +4 -0
  20. data/lib/license_finder/decision_applier.rb +8 -4
  21. data/lib/license_finder/decisions.rb +63 -20
  22. data/lib/license_finder/license/definitions.rb +26 -1
  23. data/lib/license_finder/license/templates/OFL.txt +91 -0
  24. data/lib/license_finder/license/templates/SimplifiedBSD.txt +0 -4
  25. data/lib/license_finder/license/templates/WTFPL.txt +14 -0
  26. data/lib/license_finder/license/text.rb +24 -2
  27. data/lib/license_finder/package.rb +2 -1
  28. data/lib/license_finder/package_managers/bundler.rb +5 -3
  29. data/lib/license_finder/package_managers/cargo.rb +2 -1
  30. data/lib/license_finder/package_managers/composer.rb +5 -1
  31. data/lib/license_finder/package_managers/dep.rb +2 -2
  32. data/lib/license_finder/package_managers/glide.rb +2 -7
  33. data/lib/license_finder/package_managers/go_15vendorexperiment.rb +1 -1
  34. data/lib/license_finder/package_managers/go_modules.rb +11 -4
  35. data/lib/license_finder/package_managers/go_workspace.rb +5 -1
  36. data/lib/license_finder/package_managers/gradle.rb +1 -1
  37. data/lib/license_finder/package_managers/maven.rb +2 -2
  38. data/lib/license_finder/package_managers/nuget.rb +15 -3
  39. data/lib/license_finder/package_managers/sbt.rb +3 -1
  40. data/lib/license_finder/package_managers/yarn.rb +16 -2
  41. data/lib/license_finder/package_utils/license_files.rb +2 -2
  42. data/lib/license_finder/packages/bower_package.rb +7 -0
  43. data/lib/license_finder/packages/bundler_package.rb +4 -0
  44. data/lib/license_finder/packages/cargo_package.rb +4 -0
  45. data/lib/license_finder/packages/cocoa_pods_package.rb +4 -0
  46. data/lib/license_finder/packages/composer_package.rb +4 -0
  47. data/lib/license_finder/packages/conan_package.rb +4 -0
  48. data/lib/license_finder/packages/go_package.rb +5 -1
  49. data/lib/license_finder/packages/gradle_package.rb +4 -0
  50. data/lib/license_finder/packages/maven_package.rb +6 -1
  51. data/lib/license_finder/packages/merged_package.rb +1 -1
  52. data/lib/license_finder/packages/mix_package.rb +4 -0
  53. data/lib/license_finder/packages/npm_package.rb +4 -0
  54. data/lib/license_finder/packages/nuget_package.rb +4 -0
  55. data/lib/license_finder/packages/pip_package.rb +4 -0
  56. data/lib/license_finder/packages/rebar_package.rb +4 -0
  57. data/lib/license_finder/packages/yarn_package.rb +4 -0
  58. data/lib/license_finder/reports/csv_report.rb +7 -3
  59. data/lib/license_finder/reports/json_report.rb +2 -0
  60. data/license_finder.gemspec +6 -6
  61. metadata +23 -26
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 4322a68abdac0f37598d3a7e9329592a6aadc106d26dddab5228df56947161b4
4
- data.tar.gz: 9cdde6b3fe4f113c7877a0bbb56ff74127155a4e00c1919dc2f40ea717fa2dc0
3
+ metadata.gz: 6cb023a2297b083354287a99cd5fb5cb5640fb6fe8e4c449f9407f9198f14dfe
4
+ data.tar.gz: 7af5d367b73cb9447a78d83e49db2ca810a2d7a6315b313941acb99251bc11ed
5
5
  SHA512:
6
- metadata.gz: '09ed394388a18eeb7e60d6f8d685c77a00b3769a933b48f4a75a8bbdd224b9534696de6c8bec9db9bd7c8a8f3ac0176805123c2c36f445ca8cdb0cf3ae473144'
7
- data.tar.gz: b8acbb67e9cb67facb22ba808e592fb8b14384aac588040fbe00524ad25d86cd958fbc001c8b8b069dc40de014ac9455017c302f04faf022f92d4f16eca78739
6
+ metadata.gz: c6530566a1e99b1a8b5bdf36d7b9486c2cb95c112e856e7d69525ce139d0d14a1eab1d2ea538009338ce94a822cbe5faf99ae1d4ff5674f417abd25ba0845497
7
+ data.tar.gz: b6fdc169ec59d8b84ae96a8ab5bbb25a7ce8ee2cc7de6d96acfc63347d00bfc5009a24cf743d39add5de78e21b3c56c52856baa76d05ba6a81996c974ad8074d
@@ -48,6 +48,12 @@ Style/MissingRespondToMissing:
48
48
  Enabled: false
49
49
  Style/FormatStringToken:
50
50
  EnforcedStyle: unannotated
51
+ Style/HashEachMethods:
52
+ Enabled: true
53
+ Style/HashTransformKeys:
54
+ Enabled: true
55
+ Style/HashTransformValues:
56
+ Enabled: true
51
57
  Layout/MultilineMethodCallIndentation:
52
58
  Enabled: false
53
59
  DoubleNegation:
@@ -1,3 +1,62 @@
1
+ # [6.5.0] / 2020-06-01
2
+
3
+ ### Added
4
+ * Support legacy nuget projects [#172950097] - [0cccbcf9](https://github.com/pivotal/LicenseFinder/commit/0cccbcf9aa92f4297ef0174242bdb19da1babc65)
5
+
6
+ ### Changed
7
+ * Upgrade to golang 1.14.3. Update dotnet-sdk to 3.1 - [0969e98f](https://github.com/pivotal/LicenseFinder/commit/0969e98fde4a82f8931601baa4dd96dc01300a14)
8
+
9
+ # [6.4.0] / 2020-05-22
10
+
11
+ Big shout out to @forelabs for introducing many new features and improvements for this release. Thanks again!!
12
+
13
+ ### Added
14
+ * Introducing new inherited_decisions command - [3453feb](https://github.com/pivotal/LicenseFinder/commit/3453feb659a6c3c6e5aa444e3755ddd5d32f3664) - Sven Dunemann
15
+ * Decision Applier: Merge manual and system packages - [c690532](https://github.com/pivotal/LicenseFinder/commit/c690532ec8addab16bef4edd390f05ceb353435f) - Sven Dunemann
16
+ * Introduce package_url to packages - [18972f7](https://github.com/pivotal/LicenseFinder/commit/18972f7b3a04340e1b7bb560780130b68696b8a2) - Sven Dunemann
17
+ * Add --write-headers option for csv exports - [18e01f8](https://github.com/pivotal/LicenseFinder/commit/18e01f8728a9dc525d7567292cc1e2f390ec854d) - Sven Dunemann
18
+ * Yarn: Add authors & install_path - [08a0f67](https://github.com/pivotal/LicenseFinder/commit/08a0f67837a218231217767561f2282c1b3a890a) - Sven Dunemann
19
+ * install path for nuget dependencies [#172251374] - [ad73c946](https://github.com/pivotal/LicenseFinder/commit/ad73c946113846f8f548adfc73542aebb3763175) - Jeff Jun
20
+ * new Rubocop cops - [c4cc6b8b](https://github.com/pivotal/LicenseFinder/commit/c4cc6b8b13273db17b65cecaf24c9053e4989ea1) - Jeff Jun
21
+
22
+ ### Fixed
23
+ * Separate lines in license text with LF when exported to JSON - [baddb976](https://github.com/pivotal/LicenseFinder/commit/baddb976e7a8683c5cc320eddc8c2712dfb16c15) - Robert Huitl
24
+
25
+ ### Changed
26
+ * Go15VendorExperiment: Detect go only if vendor includes go files - [0f8e609](https://github.com/pivotal/LicenseFinder/commit/0f8e609f0921937c6187deccd80e4bc4b7d67ee4) - Sven Dunemann
27
+ * Bump PHP version to 7.4 - [cbe45c5](https://github.com/pivotal/LicenseFinder/commit/cbe45c5cdb3ec200ea215086a3b3eb879e83222a) - Yivan
28
+ * Significantly improve the license text matching file to be more dynamic - [acf5705](https://github.com/pivotal/LicenseFinder/commit/acf570573b4a2414d9c43212dea5d4ecb157319e)
29
+ * Update Ruby version to 2.7.1 [#172295831] - [475e2948](https://github.com/pivotal/LicenseFinder/commit/475e2948ec1ad859aee59e77aa9ce2a51e1a5029)
30
+
31
+ # [6.3.0] / 2020-05-06
32
+
33
+ ### Added
34
+ * OFL License - [d475bbb1](https://github.com/pivotal/LicenseFinder/commit/d475bbb1380e217f154f262caaa73c12f5b9792b) - Sven Dunemann
35
+ * WTFPL License - [ec629170](https://github.com/pivotal/LicenseFinder/commit/ec6291702c28789a33478041dbf6524d603c12ff) - Sven Dunemann
36
+
37
+ * Find the install path for sbt, cargo and composer [#171649609] - [0d525cbf](https://github.com/pivotal/LicenseFinder/commit/0d525cbf5208db5a977f2f3d922d07b5ea6a8b16)
38
+
39
+ ### Changed
40
+ * Bump PHP version to 7.3 - [1c3c3271](https://github.com/pivotal/LicenseFinder/commit/1c3c3271b977a6c8d24e4159a6b8098a51086522)
41
+ * Remove +compatible in Go package versions [#171754392] - [5cba5801](https://github.com/pivotal/LicenseFinder/commit/5cba5801f4f276482f01bfeea46fde0dbbcce7b1)
42
+
43
+ ### Fixed
44
+ * Fixed Maven Package manager Groups check - [5058d90](https://github.com/pivotal/LicenseFinder/commit/5058d90246a25ca15c72e0eed8e19ebbf7e39998) - Ravi Soni
45
+ * GoModules: fix compute with vendor mod - [067eb19](https://github.com/pivotal/LicenseFinder/commit/067eb1916ce024039631bdbd4114ababa6c02c3a) - forelabs
46
+ * Do not set Bundle path. Bundler will figure it out. - [6319a7a](https://github.com/pivotal/LicenseFinder/commit/6319a7a281bd9cc997c08c903674ab51fcc6545e) - mvz
47
+
48
+ # [6.2.0] / 2020-04-07
49
+
50
+ ### Fixed
51
+ * Break dependency of specs on released license_finder gem - [ef69fa00](https://github.com/pivotal/LicenseFinder/commit/ef69fa00deb7a8f8ebd74312afa9f130be2d9fda) - Matijs van Zuijlen
52
+ * Replace toml parser with tomlrb - [8b9b34b4](https://github.com/pivotal/LicenseFinder/commit/8b9b34b48d5bdadc679c0d072117b092d080fb81) - Matijs van Zuijlen
53
+
54
+ ### Changed
55
+ * Run glide install in folder containing glide.lock - [cec3ff47](https://github.com/pivotal/LicenseFinder/commit/cec3ff4759f1c06df2cd0c39ac8004fcd156a6e6) - Jeff Jun
56
+ * specify path for bundle install [#168042947] - [431355dc](https://github.com/pivotal/LicenseFinder/commit/431355dc1d0172c65444d2f4bcb5b4416fc52af7)
57
+
58
+ # [6.1.2] / 2020-03-16
59
+
1
60
  # [6.1.0] / 2020-02-21
2
61
 
3
62
  ### Fixed
@@ -810,3 +869,8 @@ Bugfixes:
810
869
  [5.11.1]: https://github.com/pivotal/LicenseFinder/compare/v5.11.0...v5.11.1
811
870
  [6.0.0]: https://github.com/pivotal/LicenseFinder/compare/v5.11.1...v6.0.0
812
871
  [6.1.0]: https://github.com/pivotal/LicenseFinder/compare/v6.0.0...v6.1.0
872
+ [6.1.2]: https://github.com/pivotal/LicenseFinder/compare/v6.1.0...v6.1.2
873
+ [6.2.0]: https://github.com/pivotal/LicenseFinder/compare/v6.1.2...v6.2.0
874
+ [6.3.0]: https://github.com/pivotal/LicenseFinder/compare/v6.2.0...v6.3.0
875
+ [6.4.0]: https://github.com/pivotal/LicenseFinder/compare/v6.3.0...v6.4.0
876
+ [6.5.0]: https://github.com/pivotal/LicenseFinder/compare/v6.4.0...v6.5.0
data/Dockerfile CHANGED
@@ -3,11 +3,11 @@ FROM ubuntu:xenial
3
3
  # Versioning
4
4
  ENV PIP_INSTALL_VERSION 19.0.2
5
5
  ENV PIP3_INSTALL_VERSION 8.1.1
6
- ENV GO_LANG_VERSION 1.13.3
6
+ ENV GO_LANG_VERSION 1.14.3
7
7
  ENV MAVEN_VERSION 3.6.0
8
8
  ENV SBT_VERSION 1.3.3
9
9
  ENV GRADLE_VERSION 5.6.4
10
- ENV RUBY_VERSION 2.6.5
10
+ ENV RUBY_VERSION 2.7.1
11
11
  ENV MIX_VERSION 1.0
12
12
  ENV COMPOSER_ALLOW_SUPERUSER 1
13
13
 
@@ -38,10 +38,12 @@ RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add - && \
38
38
  RUN npm install -g bower && \
39
39
  echo '{ "allow_root": true }' > /root/.bowerrc
40
40
 
41
- # install jdk 11
41
+ # install jdk 12
42
42
  RUN curl -L -o openjdk12.tar.gz https://download.java.net/java/GA/jdk12.0.2/e482c34c86bd4bf8b56c0b35558996b9/10/GPL/openjdk-12.0.2_linux-x64_bin.tar.gz && \
43
43
  tar xvf openjdk12.tar.gz && \
44
- sudo mv jdk-12.0.2 /opt/
44
+ rm openjdk12.tar.gz && \
45
+ sudo mv jdk-12.0.2 /opt/ && \
46
+ sudo rm /opt/jdk-12.0.2/lib/src.zip
45
47
  ENV JAVA_HOME=/opt/jdk-12.0.2
46
48
  ENV PATH=$PATH:$JAVA_HOME/bin
47
49
  RUN java -version
@@ -51,8 +53,8 @@ RUN apt-get install -y python rebar
51
53
 
52
54
  # install and update python-pip
53
55
  RUN apt-get install -y python-pip python3-pip && \
54
- pip2 install --upgrade pip==$PIP_INSTALL_VERSION && \
55
- pip3 install --upgrade pip==$PIP3_INSTALL_VERSION
56
+ pip2 install --no-cache-dir --upgrade pip==$PIP_INSTALL_VERSION && \
57
+ pip3 install --no-cache-dir --upgrade pip==$PIP3_INSTALL_VERSION
56
58
 
57
59
  # install maven
58
60
  RUN curl -O https://archive.apache.org/dist/maven/maven-3/$MAVEN_VERSION/binaries/apache-maven-$MAVEN_VERSION-bin.tar.gz && \
@@ -95,7 +97,8 @@ RUN mkdir /gopath && \
95
97
  go get github.com/Masterminds/glide && \
96
98
  go get github.com/kardianos/govendor && \
97
99
  go get github.com/golang/dep/cmd/dep && \
98
- go get -u github.com/rancher/trash
100
+ go get -u github.com/rancher/trash && \
101
+ go clean -cache
99
102
 
100
103
  # Fix the locale
101
104
  RUN apt-get install -y locales
@@ -123,11 +126,14 @@ RUN bash -lc "gem update --system && gem install bundler"
123
126
 
124
127
  # install conan
125
128
  RUN apt-get install -y python-dev && \
126
- pip install --ignore-installed six --ignore-installed colorama --ignore-installed requests --ignore-installed chardet --ignore-installed urllib3 --upgrade setuptools && \
127
- pip install -Iv conan==1.11.2
129
+ pip install --no-cache-dir --ignore-installed six --ignore-installed colorama \
130
+ --ignore-installed requests --ignore-installed chardet \
131
+ --ignore-installed urllib3 \
132
+ --upgrade setuptools && \
133
+ pip install --no-cache-dir -Iv conan==1.11.2
128
134
 
129
135
  # install Cargo
130
- RUN curl https://sh.rustup.rs -sSf | bash -s -- -y
136
+ RUN curl https://sh.rustup.rs -sSf | bash -s -- -y --profile minimal
131
137
 
132
138
  # install NuGet (w. mono)
133
139
  # https://docs.microsoft.com/en-us/nuget/install-nuget-client-tools#macoslinux
@@ -135,19 +141,21 @@ RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E03280
135
141
  echo "deb https://download.mono-project.com/repo/ubuntu stable-xenial main" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list &&\
136
142
  apt-get update &&\
137
143
  apt-get install -y mono-complete &&\
138
- curl -o /usr/local/bin/nuget.exe https://dist.nuget.org/win-x86-commandline/latest/nuget.exe &&\
139
- echo "alias nuget=\"mono /usr/local/bin/nuget.exe\"" >> ~/.bash_aliases
144
+ curl -o "/usr/local/bin/nuget.exe" "https://dist.nuget.org/win-x86-commandline/latest/nuget.exe" &&\
145
+ curl -o "/usr/local/bin/nugetv3.5.0.exe" "https://dist.nuget.org/win-x86-commandline/v3.5.0/nuget.exe"
140
146
 
141
147
  # install dotnet core
148
+ WORKDIR /tmp
142
149
  RUN wget -q https://packages.microsoft.com/config/ubuntu/16.04/packages-microsoft-prod.deb &&\
143
150
  sudo dpkg -i packages-microsoft-prod.deb &&\
151
+ rm packages-microsoft-prod.deb &&\
144
152
  sudo apt-get update &&\
145
- sudo apt-get install -y dotnet-runtime-2.1 dotnet-sdk-2.1 dotnet-sdk-2.2 dotnet-sdk-3.0
153
+ sudo apt-get install -y dotnet-runtime-2.1 dotnet-sdk-2.1 dotnet-sdk-2.2 dotnet-sdk-3.0 dotnet-sdk-3.1
146
154
 
147
155
  RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 4F4EA0AAE5267A6C &&\
148
156
  echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu xenial main" | sudo tee /etc/apt/sources.list.d/php.list &&\
149
157
  apt-get update &&\
150
- apt-get install -y php7.1-cli &&\
158
+ apt-get install -y php7.4-cli &&\
151
159
  php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" &&\
152
160
  php -r "if (hash_file('sha384', 'composer-setup.php') === 'e0012edf3e80b6978849f5eff0d4b4e4c79ff1609dd1e613307e16318854d24ae64f26d17af3ef0bf7cfb710ca74755a') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" &&\
153
161
  php composer-setup.php &&\
@@ -156,7 +164,7 @@ RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 4F4EA0AAE5
156
164
 
157
165
  # install license_finder
158
166
  COPY . /LicenseFinder
159
- RUN bash -lc "cd /LicenseFinder && bundle install -j4 && rake install"
167
+ RUN bash -lc "cd /LicenseFinder && bundle config set no-cache 'true' && bundle install -j4 && rake install"
160
168
 
161
169
  WORKDIR /
162
170
 
data/README.md CHANGED
@@ -7,7 +7,7 @@ Build status
7
7
  * Ruby 2.4.9 [![Ruby 2.4.9 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.4.9/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
8
8
  * Ruby 2.5.7 [![Ruby 2.5.7 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.5.7/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
9
9
  * Ruby 2.6.5 [![Ruby 2.6.5 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.6.5/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
10
- * Ruby 2.7.0 [![Ruby 2.7.0 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.7.0/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
10
+ * Ruby 2.7.1 [![Ruby 2.7.1 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.7.1/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
11
11
  * JRuby 9.2.9.0 [![JRuby 9.2.9.0 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-jruby-9.2.9.0/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
12
12
 
13
13
 
@@ -359,7 +359,7 @@ $ license_finder dependencies remove my_js_dep
359
359
  Sometimes a project will have development or test dependencies which
360
360
  you don't want to track. You can exclude theses dependencies by running
361
361
  `license_finder ignored_groups`. (Currently this only works for packages
362
- managed by Bundler, NPM, and Nuget.)
362
+ managed by Bundler, NPM, Yarn, Maven, Pip2, Pip3, and Nuget.)
363
363
 
364
364
  On rare occasions a package manager will report an individual dependency
365
365
  that you want to exclude from all reports, even though it is approved.
data/Rakefile CHANGED
@@ -63,7 +63,7 @@ task :update_pipeline, [:slack_url, :slack_channel] do |_, args|
63
63
  puts 'Warning: You should provide slack channel and url to receive slack notifications on build failures'
64
64
  end
65
65
 
66
- ruby_versions = %w[2.7.0 2.6.5 2.5.7 2.4.9 2.3.8 jruby-9.2.9.0]
66
+ ruby_versions = %w[2.7.1 2.6.5 2.5.7 2.4.9 2.3.8 jruby-9.2.9.0]
67
67
 
68
68
  params = []
69
69
  params << "ruby_versions=#{ruby_versions.join(',')}"
data/VERSION CHANGED
@@ -1 +1 @@
1
- 6.1.0
1
+ 6.5.0
@@ -7,9 +7,15 @@ try:
7
7
  from pip._internal.req import parse_requirements
8
8
  except ImportError:
9
9
  from pip.req import parse_requirements
10
+
10
11
  try:
11
- from pip._internal.download import PipSession
12
+ # since pip 19.3
13
+ from pip._internal.network.session import PipSession
12
14
  except ImportError:
15
+ try:
16
+ # since pip 10
17
+ from pip._internal.download import PipSession
18
+ except ImportError:
13
19
  from pip.download import PipSession
14
20
 
15
21
  from pip._vendor import pkg_resources
@@ -19,22 +19,13 @@ resources:
19
19
  branch: master
20
20
  ignore_paths: [VERSION, CHANGELOG.md]
21
21
 
22
- - name: lf-git-version
23
- type: git
24
- source:
25
- uri: git@github.com:pivotal/LicenseFinder.git
26
- private_key: ((CfOslBot.private_key))
27
- branch: master
28
-
29
22
  - name: semver-version
30
23
  type: semver
31
24
  source:
32
- driver: git
33
- uri: git@github.com:pivotal/LicenseFinder.git
34
- branch: master
35
- file: VERSION
36
- private_key: ((CfOslBot.private_key))
37
- commit_message: "Updates version to: %version%"
25
+ driver: gcs
26
+ bucket: lf-semver-version
27
+ key: version
28
+ json_key: ((GCPQueuedReportsBucketCredentials))
38
29
 
39
30
  - name: dockerhub-edge
40
31
  type: docker-image
@@ -154,8 +145,6 @@ jobs:
154
145
  - get: lf-git
155
146
  tags: ["private-worker"]
156
147
  passed: [<%= "#{ruby_versions.map{ |version| "ruby-#{version}"}.join(', ')}, rubocop" %>]
157
- - get: lf-git-version
158
- tags: ["private-worker"]
159
148
  - get: semver-version
160
149
  tags: ["private-worker"]
161
150
  trigger: true
@@ -171,14 +160,14 @@ jobs:
171
160
  params:
172
161
  GIT_USERNAME: ((GithubApiUser))
173
162
  GIT_EMAIL: ((GithubApiEmail))
174
- file: lf-git-version/ci/tasks/update-changelog.yml
163
+ file: lf-git/ci/tasks/update-changelog.yml
175
164
  - put: dockerhub
176
165
  tags: ["private-worker"]
177
166
  params:
178
- build: lf-git-version
167
+ build: lf-git-changed
179
168
  tag: version/version.txt
180
169
  tag_as_latest: true
181
- - put: lf-git-version
170
+ - put: lf-git
182
171
  tags: ["private-worker"]
183
172
  params:
184
173
  repository: lf-git-changed
@@ -190,7 +179,7 @@ jobs:
190
179
  GIT_EMAIL: ((GithubApiEmail))
191
180
  GIT_PRIVATE_KEY: ((CfOslBot.private_key))
192
181
  GEM_API_KEY: ((LicenseFinderGemApiKey))
193
- file: lf-git-version/ci/tasks/build-and-push-gem.yml
182
+ file: lf-git/ci/tasks/build-and-push-gem.yml
194
183
  - put: lf-release
195
184
  tags: ["private-worker"]
196
185
  params:
@@ -3,8 +3,8 @@
3
3
  echo -e "---\n:rubygems_api_key: $GEM_API_KEY" > ~/.gem/credentials
4
4
  chmod 0600 ~/.gem/credentials
5
5
 
6
- cd lf-git-version
7
6
  build_version="$(cat semver-version/version)"
7
+ cd lf-git
8
8
  built_gem="pkg/license_finder-$build_version.gem"
9
9
 
10
10
  git config --global user.email $GIT_EMAIL
@@ -2,9 +2,11 @@
2
2
 
3
3
  set -e
4
4
 
5
- git clone lf-git-version lf-git-changed
5
+ git clone lf-git lf-git-changed
6
6
 
7
7
  CHANGELOG_FILE="CHANGELOG.md"
8
+ VERSION_FILE="VERSION"
9
+
8
10
  COMMIT_URL="https://github.com/pivotal/LicenseFinder/commit/"
9
11
 
10
12
  TAGS=( "Added" "ADDED" "Fixed" "FIXED" "Changed" "CHANGED" "Deprecated" "DEPRECATED" "Removed" "REMOVED" "Security" "SECURITY" )
@@ -50,10 +52,15 @@ echo -e "$LOG\n$(cat $CHANGELOG_FILE)" > $CHANGELOG_FILE
50
52
  # Append version hyperlink to the end of the file
51
53
  echo -e "[$VERSION]: https://github.com/pivotal/LicenseFinder/compare/$OLD...$VERSION_TAG" >> $CHANGELOG_FILE
52
54
 
55
+ # Update version file in git
56
+ echo $VERSION > $VERSION_FILE
57
+
53
58
  git config --global user.email $GIT_EMAIL
54
59
  git config --global user.name $GIT_USERNAME
55
60
 
56
61
  git add $CHANGELOG_FILE
62
+ git add $VERSION_FILE
63
+
57
64
  git commit -m "Update changelog for version: $VERSION"
58
65
 
59
66
  echo "New version: $VERSION"
@@ -1,10 +1,10 @@
1
1
  ---
2
2
  platform: linux
3
3
  inputs:
4
- - name: lf-git-version
4
+ - name: lf-git
5
5
  - name: semver-version
6
6
  run:
7
7
  path: bash
8
8
  args:
9
9
  - "-lc"
10
- - lf-git-version/ci/scripts/pushscript.sh
10
+ - lf-git/ci/scripts/pushscript.sh
@@ -4,7 +4,7 @@ image_resource:
4
4
  type: registry-image
5
5
  source:
6
6
  repository: ruby
7
- tag: 2.6.5
7
+ tag: 2.7.1
8
8
 
9
9
  inputs:
10
10
  - name: LicenseFinder
@@ -6,11 +6,11 @@ image_resource:
6
6
  tag: latest
7
7
  platform: linux
8
8
  inputs:
9
- - name: lf-git-version
9
+ - name: lf-git
10
10
  - name: lf-release
11
11
  - name: semver-version
12
12
  outputs:
13
13
  - name: lf-git-changed
14
14
  - name: version
15
15
  run:
16
- path: lf-git-version/ci/scripts/updateChangelog.sh
16
+ path: lf-git/ci/scripts/updateChangelog.sh
@@ -8,6 +8,7 @@ end
8
8
  require 'license_finder/cli/patched_thor'
9
9
  require 'license_finder/cli/base'
10
10
  require 'license_finder/cli/makes_decisions'
11
+ require 'license_finder/cli/inherited_decisions'
11
12
  require 'license_finder/cli/permitted_licenses'
12
13
  require 'license_finder/cli/restricted_licenses'
13
14
  require 'license_finder/cli/dependencies'
@@ -44,6 +44,7 @@ module LicenseFinder
44
44
  :elixir_command,
45
45
  :mix_command,
46
46
  :mix_deps_dir,
47
+ :write_headers,
47
48
  :save,
48
49
  :prepare,
49
50
  :prepare_no_fail,
@@ -0,0 +1,32 @@
1
+ # frozen_string_literal: true
2
+
3
+ module LicenseFinder
4
+ module CLI
5
+ class InheritedDecisions < Base
6
+ extend Subcommand
7
+ include MakesDecisions
8
+
9
+ desc 'list', 'List all the inherited decision files'
10
+ def list
11
+ say 'Inherited Decision Files:', :blue
12
+ say_each(decisions.inherited_decisions)
13
+ end
14
+
15
+ auditable
16
+ desc 'add DECISION_FILE...', 'Add one or more decision files to the inherited decisions'
17
+ def add(*decision_files)
18
+ assert_some decision_files
19
+ modifying { decision_files.each { |filepath| decisions.inherit_from(filepath) } }
20
+ say "Added #{decision_files.join(', ')} to the inherited decisions"
21
+ end
22
+
23
+ auditable
24
+ desc 'remove DECISION_FILE...', 'Remove one or more decision files from the inherited decisions'
25
+ def remove(*decision_files)
26
+ assert_some decision_files
27
+ modifying { decision_files.each { |filepath| decisions.remove_inheritance(filepath) } }
28
+ say "Removed #{decision_files.join(', ')} from the inherited decisions"
29
+ end
30
+ end
31
+ end
32
+ end
@@ -140,6 +140,7 @@ module LicenseFinder
140
140
  desc 'report', "Print a report of the project's dependencies to stdout"
141
141
  shared_options
142
142
  format_option
143
+ method_option :write_headers, type: :boolean, desc: 'Write exported columns as header row (csv).', default: false, required: false
143
144
  method_option :save, desc: "Save report to a file. Default: 'license_report.csv' in project root.", lazy_default: 'license_report'
144
145
 
145
146
  def report
@@ -171,6 +172,7 @@ module LicenseFinder
171
172
  subcommand 'permitted_licenses', PermittedLicenses, 'Automatically approve any dependency that has a permitted license'
172
173
  subcommand 'restricted_licenses', RestrictedLicenses, 'Forbid approval of any dependency whose licenses are all restricted'
173
174
  subcommand 'project_name', ProjectName, 'Set the project name, for display in reports'
175
+ subcommand 'inherited_decisions', InheritedDecisions, 'Add or remove decision files you want to inherit from'
174
176
 
175
177
  private
176
178
 
@@ -203,7 +205,7 @@ module LicenseFinder
203
205
  def report_of(content)
204
206
  report = FORMATS[config.format] || FORMATS['text']
205
207
  report = MergedReport if report == CsvReport && config.aggregate_paths
206
- report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s)
208
+ report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s, write_headers: config.write_headers)
207
209
  end
208
210
 
209
211
  def save?