license_finder 6.1.2 → 6.6.0

data/lib/license_finder/license/text.rb

@@ -6,15 +6,37 @@ module LicenseFinder
       SPACES = /\s+/.freeze
       QUOTES = /['`"]{1,2}/.freeze
       PLACEHOLDERS = /<[^<>]+>/.freeze
+      SPECIAL_SINGLE_QUOTES = /[‘’]/.freeze
+      SPECIAL_DOUBLE_QUOTES = /[“”„«»]/.freeze
+      ALPHABET_ORDERED_LIST = /\\\([a-z]\\\)\\\s/.freeze
+      ALPHABET_ORDERED_LIST_OPTIONAL = '(\([a-z]\)\s)?'
+      LIST_BULLETS = /(\d{1,2}\\\.|\\\*)\\\s/.freeze
+      LIST_BULLETS_OPTIONAL = '(\d{1,2}.|\*)?\s*'
+      NEWLINE_CHARACTER = /\n+/.freeze
+      QUOTE_COMMENT_CHARACTER = /^\s*\>+/.freeze
+      ESCAPED_QUOTES = /\\\"/.freeze
 
       def self.normalize_punctuation(text)
-        text.gsub(SPACES, ' ')
+        text.dup.force_encoding('UTF-8')
+            .gsub(SPECIAL_DOUBLE_QUOTES, '"')
+            .gsub(SPECIAL_SINGLE_QUOTES, "'")
+            .gsub(QUOTE_COMMENT_CHARACTER, '')
+            .gsub(SPACES, ' ')
+            .gsub(NEWLINE_CHARACTER, ' ')
+            .gsub(ESCAPED_QUOTES, '"')
             .gsub(QUOTES, '"')
             .strip
+      rescue ArgumentError => _e
+        text
       end
 
       def self.compile_to_regex(text)
-        Regexp.new(Regexp.escape(text).gsub(PLACEHOLDERS, '(.*)'))
+        Regexp.new(Regexp.escape(normalize_punctuation(text))
+                       .gsub(PLACEHOLDERS, '(.*)')
+                       .gsub(',', '(,)?')
+                       .gsub('HOLDER', '(HOLDER|OWNER)')
+                       .gsub(ALPHABET_ORDERED_LIST, ALPHABET_ORDERED_LIST_OPTIONAL)
+                       .gsub(LIST_BULLETS, LIST_BULLETS_OPTIONAL))
       end
     end
   end

data/lib/license_finder/logger.rb

@@ -36,6 +36,8 @@ module LicenseFinder
         "\e[31m#{string}\e[0m"
       when :green
         "\e[32m#{string}\e[0m"
+      when :magenta
+        "\e[35m#{string}\e[0m"
       else
         string
       end

data/lib/license_finder/package.rb

@@ -43,6 +43,7 @@ module LicenseFinder
       @summary = options[:summary] || ''
       @description = options[:description] || ''
       @homepage = options[:homepage] || ''
+      @package_url = options[:package_url].to_s
       @children = options[:children] || []
       @parents = Set.new # will be figured out later by package manager
       @groups = options[:groups] || []
@@ -61,7 +62,7 @@ module LicenseFinder
 
     ## DESCRIPTION
 
-    attr_accessor :homepage
+    attr_accessor :homepage, :package_url
 
     attr_reader :name, :version, :authors,
                 :summary, :description,

data/lib/license_finder/package_manager.rb

@@ -119,8 +119,12 @@ module LicenseFinder
     attr_reader :logger, :project_path
 
     def log_errors(stderr)
-      logger.info prepare_command, 'did not succeed.', color: :red
-      logger.info prepare_command, stderr, color: :red
+      log_errors_with_cmd(prepare_command, stderr)
+    end
+
+    def log_errors_with_cmd(prep_cmd, stderr)
+      logger.info prep_cmd, 'did not succeed.', color: :red
+      logger.info prep_cmd, stderr, color: :red
       log_to_file stderr
     end
 

data/lib/license_finder/package_managers/bundler.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'bundler'
+require 'securerandom'
 
 module LicenseFinder
   class Bundler < PackageManager
@@ -26,7 +27,10 @@ module LicenseFinder
     def prepare_command
       ignored_groups_argument = !ignored_groups.empty? ? "--without #{ignored_groups.to_a.join(' ')}" : ''
 
-      "bundle install #{ignored_groups_argument}".strip
+      gem_path = "lf-bundler-gems-#{SecureRandom.uuid}"
+      logger.info self.class, "Running bundle install for #{Dir.pwd} with path #{gem_path}", color: :blue
+
+      "bundle install #{ignored_groups_argument} --path #{gem_path}".strip
     end
 
     def possible_package_paths
@@ -38,8 +42,6 @@ module LicenseFinder
     attr_reader :ignored_groups
 
     def definition
-      # DI
-      ENV['BUNDLE_PATH'] = project_path.to_s
       ENV['BUNDLE_GEMFILE'] = "#{project_path}/#{gemfile}"
 
       @definition ||= ::Bundler::Definition.build(detected_package_path, lockfile_path, nil)

data/lib/license_finder/package_managers/cargo.rb

@@ -6,7 +6,8 @@ module LicenseFinder
   class Cargo < PackageManager
     def current_packages
       cargo_output.map do |package|
-        CargoPackage.new(package, logger: logger)
+        path = Dir.glob("#{Dir.home}/.cargo/registry/src/**/#{package['name']}-#{package['version']}").first
+        CargoPackage.new(package, logger: logger, install_path: path)
       end
     end
 

data/lib/license_finder/package_managers/composer.rb

@@ -12,7 +12,11 @@ module LicenseFinder
 
     def current_packages
       dependency_list.map do |name, dependency|
-        ComposerPackage.new(name, dependency['version'], spec_licenses: dependency['license'])
+        path_command = "composer show #{name} -P"
+        stdout, _stderr, status = Dir.chdir(project_path) { Cmd.run(path_command) }
+
+        path = status.success? ? stdout.split(' ').last : ''
+        ComposerPackage.new(name, dependency['version'], spec_licenses: dependency['license'], install_path: path)
       end
     end
 

data/lib/license_finder/package_managers/dep.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require 'toml'
+require 'tomlrb'
 
 module LicenseFinder
   class Dep < PackageManager
@@ -9,7 +9,7 @@ module LicenseFinder
     end
 
     def current_packages
-      toml = TOML.load_file(detected_package_path)
+      toml = Tomlrb.load_file(detected_package_path)
       projects = toml['projects']
 
       return [] if projects.nil?

data/lib/license_finder/package_managers/dotnet.rb

@@ -63,7 +63,8 @@ module LicenseFinder
                           .uniq { |d| [d.name, d.version] }
 
       package_metadatas.map do |d|
-        NugetPackage.new(d.name, d.version, spec_licenses: d.read_license_urls)
+        path = Dir.glob("#{Dir.home}/.nuget/packages/#{d.name.downcase}/#{d.version}").first
+        NugetPackage.new(d.name, d.version, spec_licenses: d.read_license_urls, install_path: path)
       end
     end
 

data/lib/license_finder/package_managers/glide.rb

@@ -3,7 +3,7 @@
 module LicenseFinder
   class Glide < PackageManager
     def possible_package_paths
-      [project_path.join('src', 'glide.lock'), project_path.join('glide.lock')]
+      [project_path.join('glide.lock')]
     end
 
     def current_packages
@@ -11,12 +11,7 @@ module LicenseFinder
 
       YAML.load_file(detected_path).fetch('imports').map do |package_hash|
         import_path = package_hash.fetch('name')
-        license_path =
-          if detected_path == possible_package_paths.first
-            project_path.join('src', 'vendor', import_path)
-          else
-            project_path.join('vendor', import_path)
-          end
+        license_path = project_path.join('vendor', import_path)
 
         GoPackage.from_dependency({
                                     'ImportPath' => import_path,

data/lib/license_finder/package_managers/go_15vendorexperiment.rb

@@ -14,7 +14,7 @@ module LicenseFinder
     end
 
     def go_files_exist?
-      !Dir[project_path.join('**/*.go')].empty?
+      !Dir[project_path.join('**/*.go')].empty? && !Dir[project_path.join('vendor/**/*.go')].empty?
     end
 
     def possible_package_paths

data/lib/license_finder/package_managers/go_modules.rb

@@ -21,12 +21,10 @@ module LicenseFinder
     end
 
     def current_packages
-      info_output, _stderr, _status = Cmd.run("GO111MODULE=on go list -m -mod=vendor -f '{{.Path}},{{.Version}},{{.Dir}}' all")
-      packages_info = info_output.split("\n")
       packages = packages_info.map do |package|
         name, version, install_path = package.split(',')
-        read_package(install_path, name, version)
-      end
+        read_package(install_path, name, version) if install_path.to_s != ''
+      end.compact
       packages.reject do |package|
         Pathname(package.install_path).cleanpath == Pathname(project_path).cleanpath
       end
@@ -34,6 +32,15 @@ module LicenseFinder
 
     private
 
+    def packages_info
+      info_output, stderr, _status = Cmd.run("GO111MODULE=on go list -m -f '{{.Path}},{{.Version}},{{.Dir}}' all")
+      if stderr =~ Regexp.compile("can't compute 'all' using the vendor directory")
+        info_output, _stderr, _status = Cmd.run("GO111MODULE=on go list -m -mod=mod -f '{{.Path}},{{.Version}},{{.Dir}}' all")
+      end
+
+      info_output.split("\n")
+    end
+
     def sum_files?
       sum_file_paths.any?
     end

data/lib/license_finder/package_managers/go_workspace.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'json'
+
 module LicenseFinder
   class GoWorkspacePackageManagerError < ::StandardError
   end
@@ -51,9 +52,10 @@ module LicenseFinder
       return false if @strict_matching
 
       godep = LicenseFinder::GoDep.new(project_path: Pathname(project_path))
+      dep = LicenseFinder::Dep.new(project_path: Pathname(project_path))
       # go workspace is only active if GoDep wasn't. There are some projects
       # that will use the .envrc and have a Godep folder as well.
-      !!(!godep.active? && envrc_path && ENVRC_REGEXP.match(IO.read(envrc_path)))
+      !!(!godep.active? && !dep.active? && envrc_path && ENVRC_REGEXP.match(IO.read(envrc_path)))
     end
 
     private
@@ -81,6 +83,8 @@ module LicenseFinder
         orig_gopath = ENV['GOPATH']
         ENV['GOPATH'] = nil
         val, stderr, status = Cmd.run('go list -f "{{join .Deps \"\n\"}}" ./...')
+        ENV['GOPATH'] = project_path.to_s
+        val, stderr, status = Cmd.run('go list -f "{{join .Deps \"\n\"}}" ./...') unless status.success?
         ENV['GOPATH'] = orig_gopath
         raise GoWorkspacePackageManagerError, "go list failed:\n#{stderr}" unless status.success?
 

data/lib/license_finder/package_managers/nuget.rb

@@ -51,7 +51,9 @@ module LicenseFinder
     def current_packages
       dependencies.each_with_object({}) do |dep, memo|
         licenses = license_urls(dep)
-        memo[dep.name] ||= NugetPackage.new(dep.name, dep.version, spec_licenses: licenses)
+        path = Dir.glob("#{Dir.home}/.nuget/packages/#{dep.name.downcase}/#{dep.version}").first
+
+        memo[dep.name] ||= NugetPackage.new(dep.name, dep.version, spec_licenses: licenses, install_path: path)
         memo[dep.name].groups << dep.assembly unless memo[dep.name].groups.include? dep.assembly
       end.values
     end
@@ -71,10 +73,42 @@ module LicenseFinder
       assemblies.flat_map(&:dependencies)
     end
 
+    def nuget_binary
+      legacy_vcproj = Dir['**/*.vcproj'].any?
+
+      if legacy_vcproj
+        '/usr/local/bin/nugetv3.5.0.exe'
+      else
+        '/usr/local/bin/nuget.exe'
+      end
+    end
+
     def package_management_command
       return 'nuget' if LicenseFinder::Platform.windows?
 
-      'mono /usr/local/bin/nuget.exe'
+      "mono #{nuget_binary}"
+    end
+
+    def prepare
+      cmd = prepare_command
+      stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(cmd) }
+      return if status.success?
+
+      log_errors stderr
+
+      if stderr.include?('-PackagesDirectory')
+        logger.info cmd, 'trying fallback prepare command', color: :magenta
+
+        cmd = "#{cmd} -PackagesDirectory ."
+        stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(cmd) }
+        return if status.success?
+
+        log_errors_with_cmd(cmd, stderr)
+      end
+
+      error_message = "Prepare command '#{cmd}' failed\n#{stderr}"
+      error_message += "\n#{stdout}\n" if !stdout.nil? && !stdout.empty?
+      raise error_message unless @prepare_no_fail
     end
 
     def prepare_command
@@ -94,7 +128,7 @@ module LicenseFinder
     def nuget_check
       return 'where nuget' if LicenseFinder::Platform.windows?
 
-      'which mono && ls /usr/local/bin/nuget.exe'
+      "which mono && ls #{nuget_binary}"
     end
 
     def self.nuspec_license_urls(specfile_content)

data/lib/license_finder/package_managers/pipenv.rb

@@ -15,7 +15,7 @@ module LicenseFinder
         begin
           packages = {}
           each_dependency(groups: allowed_groups) do |name, data, group|
-            version = canonicalize(data['version'])
+            version = canonicalize(data['version'] || 'unknown')
             package = packages.fetch(key_for(name, version)) do |key|
               packages[key] = build_package_for(name, version)
             end

data/lib/license_finder/package_managers/sbt.rb

@@ -30,7 +30,9 @@ module LicenseFinder
             'version' => version,
             'licenses' => [{ 'name' => row['License'] }]
           }
-          SbtPackage.new(spec, logger: logger, include_groups: @include_groups)
+
+          path = File.join("#{Dir.home}/.ivy2/cache", "#{spec['groupId']}/#{spec['artifactId']}")
+          SbtPackage.new(spec, logger: logger, include_groups: @include_groups, install_path: path)
         end
       end
 

data/lib/license_finder/package_managers/yarn.rb

@@ -72,11 +72,25 @@ module LicenseFinder
       valid_packages = filter_yarn_internal_package(packages)
 
       valid_packages.map do |package_hash|
-        YarnPackage.new(package_hash['Name'], package_hash['Version'], spec_licenses: [package_hash['License']],
-                                                                       homepage: package_hash['VendorUrl'])
+        YarnPackage.new(
+          package_hash['Name'],
+          package_hash['Version'],
+          spec_licenses: [package_hash['License']],
+          homepage: package_hash['VendorUrl'],
+          authors: package_hash['VendorName'],
+          install_path: project_path.join(modules_folder, package_hash['Name'])
+        )
       end
     end
 
+    def modules_folder
+      return @modules_folder if @modules_folder
+
+      stdout, _stderr, status = Cmd.run('yarn config get modules-folder')
+      @modules_folder = 'node_modules' if !status.success? || stdout.strip == 'undefined'
+      @modules_folder ||= stdout.strip
+    end
+
     # remove fake package created by yarn [Yarn Bug]
     def filter_yarn_internal_package(all_packages)
       internal_package_pattern = /workspace-aggregator-[a-zA-z0-9]{8}-[a-zA-z0-9]{4}-[a-zA-z0-9]{4}-[a-zA-z0-9]{4}-[a-zA-z0-9]{12}/

data/lib/license_finder/package_utils/license_files.rb

@@ -4,7 +4,7 @@ require 'license_finder/package_utils/possible_license_file'
 
 module LicenseFinder
   class LicenseFiles
-    CANDIDATE_FILE_NAMES = %w[LICENSE License LICENCE Licence COPYING README Readme ReadMe].freeze
+    CANDIDATE_FILE_NAMES = %w[License Licence COPYING README].freeze
     CANDIDATE_PATH_WILDCARD = "*{#{CANDIDATE_FILE_NAMES.join(',')}}*"
 
     def self.find(install_path, options = {})
@@ -35,7 +35,7 @@ module LicenseFinder
     def candidate_files_and_dirs
       return [] if install_path.nil?
 
-      Pathname.glob(install_path.join('**', CANDIDATE_PATH_WILDCARD))
+      Pathname.glob(install_path.join('**', CANDIDATE_PATH_WILDCARD), File::FNM_CASEFOLD)
     end
   end
 end

data/lib/license_finder/packages/bower_package.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'open-uri'
+
 module LicenseFinder
   class BowerPackage < Package
     def initialize(bower_module, options = {})
@@ -31,5 +33,10 @@ module LicenseFinder
     def package_manager
       'Bower'
     end
+
+    def package_url
+      meta = JSON.parse(open("https://registry.bower.io/packages/#{CGI.escape(name)}").read)
+      meta['url']
+    end
   end
 end

data/lib/license_finder/packages/bundler_package.rb

@@ -25,5 +25,9 @@ module LicenseFinder
     def package_manager
       'Bundler'
     end
+
+    def package_url
+      "https://rubygems.org/gems/#{CGI.escape(name)}/versions/#{CGI.escape(version)}"
+    end
   end
 end

data/lib/license_finder/packages/cargo_package.rb

@@ -20,5 +20,9 @@ module LicenseFinder
     def package_manager
       'Cargo'
     end
+
+    def package_url
+      "https://crates.io/crates/#{CGI.escape(name)}/#{CGI.escape(version)}"
+    end
   end
 end

data/lib/license_finder/packages/cocoa_pods_package.rb

@@ -14,5 +14,9 @@ module LicenseFinder
     def package_manager
       'CocoaPods'
     end
+
+    def package_url
+      "https://cocoapods.org/pods/#{CGI.escape(name)}"
+    end
   end
 end

data/lib/license_finder/packages/composer_package.rb

@@ -5,5 +5,9 @@ module LicenseFinder
     def package_manager
       'Composer'
     end
+
+    def package_url
+      "https://packagist.org/packages/#{CGI.escape(name)}##{CGI.escape(version)}"
+    end
   end
 end