license_finder 6.11.0 → 6.14.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +2 -2
- data/CHANGELOG.md +24 -0
- data/Dockerfile +74 -15
- data/README.md +2 -1
- data/VERSION +1 -1
- data/lib/license_finder/cli/base.rb +1 -0
- data/lib/license_finder/cli/main.rb +1 -0
- data/lib/license_finder/configuration.rb +4 -0
- data/lib/license_finder/core.rb +1 -0
- data/lib/license_finder/package.rb +2 -1
- data/lib/license_finder/package_manager.rb +1 -0
- data/lib/license_finder/package_managers/cocoa_pods.rb +1 -1
- data/lib/license_finder/package_managers/dep.rb +6 -1
- data/lib/license_finder/package_managers/go_15vendorexperiment.rb +6 -1
- data/lib/license_finder/package_managers/go_modules.rb +4 -1
- data/lib/license_finder/package_managers/npm.rb +6 -0
- data/lib/license_finder/package_managers/spm.rb +93 -0
- data/lib/license_finder/package_managers/trash.rb +6 -1
- data/lib/license_finder/packages/spm_package.rb +18 -0
- data/lib/license_finder/scanner.rb +1 -1
- data/swift-all-keys.asc +240 -0
- metadata +6 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e02cf849bb28047c74646f496dd4ba63f68675103d13d4da53e12c3f5e28de4f
|
4
|
+
data.tar.gz: 0ca411b29afeda504a4eddd6b03c81b46e35a2b9eb553d4bb69ef99f085864c1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 7bd4b732e9ce6edee1e3352cd8ead5545fce8a8f047ef7a6b6006084aadbed01effc369d0ccd9ede81bd6889e32f0e1e0360cd76e9b80cf7f9c7cb483818c3cf
|
7
|
+
data.tar.gz: 226f2bf83e75441f72ca5dff09430cc49821eb83bd41af2964e6c1f19df2ce40946437fb4a8b32242653e82379ceadad5d3984961abf295ce81306d857c2ec1d
|
data/.rubocop.yml
CHANGED
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,22 @@
|
|
1
|
+
# [6.14.1] / 2021-06-25
|
2
|
+
|
3
|
+
# [6.13.0] / 2021-04-27
|
4
|
+
|
5
|
+
### Fixed
|
6
|
+
* Ignore packages with nil modules - [4eca0ec1](https://github.com/pivotal/LicenseFinder/commit/4eca0ec15dc6266afa48b74b3742278351246eb8)
|
7
|
+
|
8
|
+
# [6.12.2] / 2021-04-14
|
9
|
+
|
10
|
+
### Changed
|
11
|
+
* exit when go mod list command fails - [fcf1f707](https://github.com/pivotal/LicenseFinder/commit/fcf1f7076dee2ff730e3c8b608381aca22de0e92) - Jeff Jun
|
12
|
+
|
13
|
+
# [6.12.1] / 2021-04-12
|
14
|
+
|
15
|
+
# [6.12.0] / 2021-03-05
|
16
|
+
|
17
|
+
### Added
|
18
|
+
* Provide homepage information for GoDep and Go15Vendor package managers - [bae1bda9](https://github.com/pivotal/LicenseFinder/commit/bae1bda9d76cb922405d7efca9c67e2583db70d4) - Jeff Jun
|
19
|
+
|
1
20
|
# [6.11.0] / 2021-03-04
|
2
21
|
|
3
22
|
### Added
|
@@ -933,3 +952,8 @@ Bugfixes:
|
|
933
952
|
[6.10.0]: https://github.com/pivotal/LicenseFinder/compare/v6.9.0...v6.10.0
|
934
953
|
[6.10.1]: https://github.com/pivotal/LicenseFinder/compare/v6.10.0...v6.10.1
|
935
954
|
[6.11.0]: https://github.com/pivotal/LicenseFinder/compare/v6.10.1...v6.11.0
|
955
|
+
[6.12.0]: https://github.com/pivotal/LicenseFinder/compare/v6.11.0...v6.12.0
|
956
|
+
[6.12.1]: https://github.com/pivotal/LicenseFinder/compare/v6.12.0...v6.12.1
|
957
|
+
[6.12.2]: https://github.com/pivotal/LicenseFinder/compare/v6.12.1...v6.12.2
|
958
|
+
[6.13.0]: https://github.com/pivotal/LicenseFinder/compare/v6.12.2...v6.13.0
|
959
|
+
[6.14.1]: https://github.com/pivotal/LicenseFinder/compare/v6.13.0...v6.14.1
|
data/Dockerfile
CHANGED
@@ -1,4 +1,6 @@
|
|
1
|
-
FROM ubuntu:
|
1
|
+
FROM ubuntu:bionic
|
2
|
+
|
3
|
+
WORKDIR /tmp
|
2
4
|
|
3
5
|
# Versioning
|
4
6
|
ENV PIP_INSTALL_VERSION 19.0.2
|
@@ -18,7 +20,8 @@ RUN apt-get update && apt-get install -y \
|
|
18
20
|
sudo \
|
19
21
|
unzip \
|
20
22
|
wget \
|
21
|
-
gnupg2 \
|
23
|
+
gnupg2 \
|
24
|
+
apt-utils \
|
22
25
|
software-properties-common \
|
23
26
|
bzr
|
24
27
|
|
@@ -76,7 +79,6 @@ RUN mkdir -p /usr/local/share/sbt-launcher-packaging && \
|
|
76
79
|
rm -f "/tmp/sbt-${SBT_VERSION}.tgz"
|
77
80
|
|
78
81
|
# install gradle
|
79
|
-
WORKDIR /tmp
|
80
82
|
RUN curl -L -o gradle.zip https://services.gradle.org/distributions/gradle-$GRADLE_VERSION-bin.zip && \
|
81
83
|
unzip -q gradle.zip && \
|
82
84
|
rm gradle.zip && \
|
@@ -102,6 +104,7 @@ RUN mkdir /gopath && \
|
|
102
104
|
go get -u github.com/rancher/trash && \
|
103
105
|
go clean -cache
|
104
106
|
|
107
|
+
WORKDIR /tmp
|
105
108
|
# Fix the locale
|
106
109
|
RUN apt-get install -y locales
|
107
110
|
RUN locale-gen en_US.UTF-8
|
@@ -109,11 +112,16 @@ ENV LANG=en_US.UTF-8
|
|
109
112
|
ENV LANGUAGE=en_US:en
|
110
113
|
ENV LC_ALL=en_US.UTF-8
|
111
114
|
|
115
|
+
# install Cargo
|
116
|
+
RUN curl https://sh.rustup.rs -sSf | bash -ls -- -y --profile minimal
|
117
|
+
|
112
118
|
#install rvm
|
113
119
|
RUN apt-add-repository -y ppa:rael-gc/rvm && \
|
114
120
|
apt update && apt install -y rvm && \
|
115
121
|
/usr/share/rvm/bin/rvm install --default $RUBY_VERSION
|
116
|
-
|
122
|
+
|
123
|
+
# install bundler
|
124
|
+
RUN bash -lc "gem update --system && gem install bundler"
|
117
125
|
|
118
126
|
#install mix
|
119
127
|
RUN wget https://packages.erlang-solutions.com/erlang-solutions_${MIX_VERSION}_all.deb && \
|
@@ -123,9 +131,6 @@ RUN wget https://packages.erlang-solutions.com/erlang-solutions_${MIX_VERSION}_a
|
|
123
131
|
sudo apt-get install -y esl-erlang && \
|
124
132
|
sudo apt-get install -y elixir
|
125
133
|
|
126
|
-
# install bundler
|
127
|
-
RUN bash -lc "gem update --system && gem install bundler"
|
128
|
-
|
129
134
|
# install conan
|
130
135
|
RUN apt-get install -y python-dev && \
|
131
136
|
pip install --no-cache-dir --ignore-installed six --ignore-installed colorama \
|
@@ -134,30 +139,30 @@ RUN apt-get install -y python-dev && \
|
|
134
139
|
--upgrade setuptools && \
|
135
140
|
pip install --no-cache-dir -Iv conan==1.11.2
|
136
141
|
|
137
|
-
# install Cargo
|
138
|
-
RUN curl https://sh.rustup.rs -sSf | bash -s -- -y --profile minimal
|
139
|
-
|
140
142
|
# install NuGet (w. mono)
|
141
143
|
# https://docs.microsoft.com/en-us/nuget/install-nuget-client-tools#macoslinux
|
142
144
|
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF &&\
|
143
|
-
echo "deb https://download.mono-project.com/repo/ubuntu stable-
|
145
|
+
echo "deb https://download.mono-project.com/repo/ubuntu stable-bionic main" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list &&\
|
144
146
|
apt-get update &&\
|
145
147
|
apt-get install -y mono-complete &&\
|
146
148
|
curl -o "/usr/local/bin/nuget.exe" "https://dist.nuget.org/win-x86-commandline/latest/nuget.exe" &&\
|
147
149
|
curl -o "/usr/local/bin/nugetv3.5.0.exe" "https://dist.nuget.org/win-x86-commandline/v3.5.0/nuget.exe"
|
148
150
|
|
149
151
|
# install dotnet core
|
150
|
-
|
151
|
-
RUN wget -q https://packages.microsoft.com/config/ubuntu/16.04/packages-microsoft-prod.deb &&\
|
152
|
+
RUN wget -q https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb &&\
|
152
153
|
sudo dpkg -i packages-microsoft-prod.deb &&\
|
153
154
|
rm packages-microsoft-prod.deb &&\
|
154
155
|
sudo apt-get update &&\
|
155
156
|
sudo apt-get install -y dotnet-runtime-2.1 dotnet-sdk-2.1 dotnet-sdk-2.2 dotnet-sdk-3.0 dotnet-sdk-3.1
|
156
157
|
|
157
158
|
# install Composer
|
159
|
+
# The ARG and ENV are for installing tzdata which is part of this installaion.
|
160
|
+
# https://serverfault.com/questions/949991/how-to-install-tzdata-on-a-ubuntu-docker-image
|
161
|
+
ENV TZ=GMT
|
158
162
|
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 4F4EA0AAE5267A6C &&\
|
159
|
-
echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu
|
163
|
+
echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu bionic main" | sudo tee /etc/apt/sources.list.d/php.list &&\
|
160
164
|
apt-get update &&\
|
165
|
+
export DEBIAN_FRONTEND=noninteractive &&\
|
161
166
|
apt-get install -y php7.4-cli &&\
|
162
167
|
EXPECTED_COMPOSER_INSTALLER_CHECKSUM="$(curl --silent https://composer.github.io/installer.sig)" &&\
|
163
168
|
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" &&\
|
@@ -170,7 +175,6 @@ RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 4F4EA0AAE5
|
|
170
175
|
# install miniconda
|
171
176
|
# See https://docs.conda.io/en/latest/miniconda_hashes.html
|
172
177
|
# for latest versions and SHAs.
|
173
|
-
WORKDIR /tmp
|
174
178
|
RUN \
|
175
179
|
conda_installer=Miniconda3-py38_4.9.2-Linux-x86_64.sh &&\
|
176
180
|
ref='1314b90489f154602fd794accfc90446111514a5a72fe1f71ab83e07de9504a7' &&\
|
@@ -179,6 +183,61 @@ RUN \
|
|
179
183
|
([ "$sha" = "${ref}" ] || (echo "Verification failed: ${sha} != ${ref}"; false)) &&\
|
180
184
|
(echo; echo "yes") | sh "${conda_installer}"
|
181
185
|
|
186
|
+
# install Swift Package Manager
|
187
|
+
# Based on https://github.com/apple/swift-docker/blob/main/5.3/ubuntu/18.04/Dockerfile
|
188
|
+
# The GPG download steps has been modified. Keys are now on LF repo and copied instaad of downloaded.
|
189
|
+
# Refer to https://swift.org/download/#using-downloads in the Linux section on how to download the keys
|
190
|
+
RUN apt-get -q install -y \
|
191
|
+
libatomic1 \
|
192
|
+
libcurl4 \
|
193
|
+
libxml2 \
|
194
|
+
libedit2 \
|
195
|
+
libsqlite3-0 \
|
196
|
+
libc6-dev \
|
197
|
+
binutils \
|
198
|
+
libgcc-5-dev \
|
199
|
+
libstdc++-5-dev \
|
200
|
+
zlib1g-dev \
|
201
|
+
libpython2.7 \
|
202
|
+
tzdata \
|
203
|
+
git \
|
204
|
+
pkg-config \
|
205
|
+
&& rm -r /var/lib/apt/lists/*
|
206
|
+
|
207
|
+
# pub 4096R/ED3D1561 2019-03-22 [SC] [expires: 2023-03-23]
|
208
|
+
# Key fingerprint = A62A E125 BBBF BB96 A6E0 42EC 925C C1CC ED3D 1561
|
209
|
+
# uid Swift 5.x Release Signing Key <swift-infrastructure@swift.org
|
210
|
+
ARG SWIFT_SIGNING_KEY=A62AE125BBBFBB96A6E042EC925CC1CCED3D1561
|
211
|
+
ARG SWIFT_PLATFORM=ubuntu18.04
|
212
|
+
ARG SWIFT_BRANCH=swift-5.3.3-release
|
213
|
+
ARG SWIFT_VERSION=swift-5.3.3-RELEASE
|
214
|
+
ARG SWIFT_WEBROOT=https://swift.org/builds/
|
215
|
+
|
216
|
+
ENV SWIFT_SIGNING_KEY=$SWIFT_SIGNING_KEY \
|
217
|
+
SWIFT_PLATFORM=$SWIFT_PLATFORM \
|
218
|
+
SWIFT_BRANCH=$SWIFT_BRANCH \
|
219
|
+
SWIFT_VERSION=$SWIFT_VERSION \
|
220
|
+
SWIFT_WEBROOT=$SWIFT_WEBROOT
|
221
|
+
|
222
|
+
COPY swift-all-keys.asc .
|
223
|
+
RUN set -e; \
|
224
|
+
SWIFT_WEBDIR="$SWIFT_WEBROOT/$SWIFT_BRANCH/$(echo $SWIFT_PLATFORM | tr -d .)/" \
|
225
|
+
&& SWIFT_BIN_URL="$SWIFT_WEBDIR/$SWIFT_VERSION/$SWIFT_VERSION-$SWIFT_PLATFORM.tar.gz" \
|
226
|
+
&& SWIFT_SIG_URL="$SWIFT_BIN_URL.sig" \
|
227
|
+
# - Grab curl here so we cache better up above
|
228
|
+
&& export DEBIAN_FRONTEND=noninteractive \
|
229
|
+
&& apt-get -q update && apt-get -q install -y curl && rm -rf /var/lib/apt/lists/* \
|
230
|
+
# - Download the GPG keys, Swift toolchain, and toolchain signature, and verify.
|
231
|
+
&& export GNUPGHOME="$(mktemp -d)" \
|
232
|
+
&& curl -fsSL "$SWIFT_BIN_URL" -o swift.tar.gz "$SWIFT_SIG_URL" -o swift.tar.gz.sig \
|
233
|
+
&& gpg --import swift-all-keys.asc \
|
234
|
+
&& gpg --batch --verify swift.tar.gz.sig swift.tar.gz \
|
235
|
+
# - Unpack the toolchain, set libs permissions, and clean up.
|
236
|
+
&& tar -xzf swift.tar.gz --directory / --strip-components=1 \
|
237
|
+
&& chmod -R o+r /usr/lib/swift \
|
238
|
+
&& rm -rf "$GNUPGHOME" swift.tar.gz.sig swift.tar.gz \
|
239
|
+
set +e
|
240
|
+
|
182
241
|
# install license_finder
|
183
242
|
COPY . /LicenseFinder
|
184
243
|
RUN bash -lc "cd /LicenseFinder && bundle config set no-cache 'true' && bundle install -j4 && rake install"
|
data/README.md
CHANGED
@@ -44,7 +44,7 @@ and give you an actionable exception report.
|
|
44
44
|
### Experimental project types
|
45
45
|
|
46
46
|
* Erlang (via `rebar` and `Erlang.mk`)
|
47
|
-
* Objective-C, Swift (via Carthage
|
47
|
+
* Objective-C, Swift (via Carthage, CocoaPods \[0.39 and below. See [CocoaPods Specs Repo Sharding](http://blog.cocoapods.org/Sharding/)\]) and Swift Package Manager)
|
48
48
|
* Objective-C (+ CocoaPods 0.39 and below. See [CocoaPods Specs Repo Sharding](http://blog.cocoapods.org/Sharding/))
|
49
49
|
* Elixir (via `mix`)
|
50
50
|
* Golang (via `gvt`, `glide`,`dep`, `trash` and `govendor`)
|
@@ -176,6 +176,7 @@ languages, as long as that language has a package definition in the project dire
|
|
176
176
|
* `bower.json` (for `bower`)
|
177
177
|
* `Podfile` (for `pod`)
|
178
178
|
* `Cartfile` (for `carthage`)
|
179
|
+
* `workspace-state.json` under build directory (provided as enviroment variable `SPM_DERIVED_DATA` for Xcode, or default `.build` for non-Xcode projects), (for `spm`)
|
179
180
|
* `rebar.config` (for `rebar`)
|
180
181
|
* `Erlang.mk` or `erlang.mk` file (for `Erlang.mk`)
|
181
182
|
* `mix.exs` (for `mix`)
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
6.
|
1
|
+
6.14.1
|
@@ -30,6 +30,7 @@ module LicenseFinder
|
|
30
30
|
Defaults to 'gradlew' / 'gradlew.bat' if the wrapper is present, otherwise to 'gradle'."
|
31
31
|
class_option :maven_include_groups, desc: 'Whether dependency name should include group id. Only meaningful if used with a Java/maven project. Defaults to false.'
|
32
32
|
class_option :maven_options, desc: 'Maven options to append to command. Defaults to empty.'
|
33
|
+
class_option :npm_options, desc: 'npm options to append to command. Defaults to empty.'
|
33
34
|
class_option :pip_requirements_path, desc: 'Path to python requirements file. Defaults to requirements.txt.'
|
34
35
|
class_option :python_version, desc: 'Python version to invoke pip with. Valid versions: 2 or 3. Default: 2'
|
35
36
|
class_option :rebar_command, desc: "Command to use when fetching rebar packages. Only meaningful if used with a Erlang/rebar project. Defaults to 'rebar'."
|
data/lib/license_finder/core.rb
CHANGED
@@ -99,6 +99,7 @@ module LicenseFinder
|
|
99
99
|
gradle_include_groups: config.gradle_include_groups,
|
100
100
|
maven_include_groups: config.maven_include_groups,
|
101
101
|
maven_options: config.maven_options,
|
102
|
+
npm_options: config.npm_options,
|
102
103
|
pip_requirements_path: config.pip_requirements_path,
|
103
104
|
python_version: config.python_version,
|
104
105
|
rebar_command: config.rebar_command,
|
@@ -38,7 +38,7 @@ module LicenseFinder
|
|
38
38
|
|
39
39
|
## DESCRIPTION
|
40
40
|
@name = name
|
41
|
-
@version = version
|
41
|
+
@version = version || ''
|
42
42
|
@authors = options[:authors] || ''
|
43
43
|
@summary = options[:summary] || ''
|
44
44
|
@description = options[:description] || ''
|
@@ -188,6 +188,7 @@ require 'license_finder/packages/maven_package'
|
|
188
188
|
require 'license_finder/packages/gradle_package'
|
189
189
|
require 'license_finder/packages/cocoa_pods_package'
|
190
190
|
require 'license_finder/packages/carthage_package'
|
191
|
+
require 'license_finder/packages/spm_package'
|
191
192
|
require 'license_finder/packages/rebar_package'
|
192
193
|
require 'license_finder/packages/erlangmk_package'
|
193
194
|
require 'license_finder/packages/mix_package'
|
@@ -165,6 +165,7 @@ require 'license_finder/package_managers/maven'
|
|
165
165
|
require 'license_finder/package_managers/mix'
|
166
166
|
require 'license_finder/package_managers/cocoa_pods'
|
167
167
|
require 'license_finder/package_managers/carthage'
|
168
|
+
require 'license_finder/package_managers/spm'
|
168
169
|
require 'license_finder/package_managers/gradle'
|
169
170
|
require 'license_finder/package_managers/rebar'
|
170
171
|
require 'license_finder/package_managers/erlangmk'
|
@@ -18,11 +18,16 @@ module LicenseFinder
|
|
18
18
|
GoPackage.from_dependency({
|
19
19
|
'ImportPath' => project['name'],
|
20
20
|
'InstallPath' => project_path.join('vendor', project['name']),
|
21
|
-
'Rev' => project['revision']
|
21
|
+
'Rev' => project['revision'],
|
22
|
+
'Homepage' => repo_name(project['name'])
|
22
23
|
}, nil, true)
|
23
24
|
end
|
24
25
|
end
|
25
26
|
|
27
|
+
def repo_name(name)
|
28
|
+
name.split('/')[0..2].join('/')
|
29
|
+
end
|
30
|
+
|
26
31
|
def self.takes_priority_over
|
27
32
|
Go15VendorExperiment
|
28
33
|
end
|
@@ -37,11 +37,16 @@ module LicenseFinder
|
|
37
37
|
GoPackage.from_dependency({
|
38
38
|
'ImportPath' => dep,
|
39
39
|
'InstallPath' => detected_package_path.join(dep),
|
40
|
-
'Rev' => 'vendored-' + project_sha(detected_package_path.join(dep))
|
40
|
+
'Rev' => 'vendored-' + project_sha(detected_package_path.join(dep)),
|
41
|
+
'Homepage' => repo_name(dep)
|
41
42
|
}, nil, true)
|
42
43
|
end
|
43
44
|
end
|
44
45
|
|
46
|
+
def repo_name(name)
|
47
|
+
name.split('/')[0..2].join('/')
|
48
|
+
end
|
49
|
+
|
45
50
|
def package_management_command
|
46
51
|
'go'
|
47
52
|
end
|
@@ -33,6 +33,8 @@ module LicenseFinder
|
|
33
33
|
# Explanations:
|
34
34
|
# * Only list dependencies (packages not listed in the project directory)
|
35
35
|
# (.DepOnly)
|
36
|
+
# * Ignore packages that have nil modules
|
37
|
+
# (.Module)
|
36
38
|
# * Ignore standard library packages
|
37
39
|
# (not .Standard)
|
38
40
|
# * Replacement modules are respected
|
@@ -40,7 +42,7 @@ module LicenseFinder
|
|
40
42
|
# * Module cache directory or (vendored) package directory
|
41
43
|
# (or $mod.Dir .Dir)
|
42
44
|
format_str = \
|
43
|
-
'{{ if and (.DepOnly) (not .Standard) }}'\
|
45
|
+
'{{ if and (.DepOnly) (.Module) (not .Standard) }}'\
|
44
46
|
'{{ $mod := (or .Module.Replace .Module) }}'\
|
45
47
|
'{{ $mod.Path }},{{ $mod.Version }},{{ or $mod.Dir .Dir }}'\
|
46
48
|
'{{ end }}'
|
@@ -58,6 +60,7 @@ module LicenseFinder
|
|
58
60
|
go_list_cmd = "GO111MODULE=on go list -mod=readonly -deps -f '#{format_str}' ./..."
|
59
61
|
info_output, stderr, status = Cmd.run(go_list_cmd)
|
60
62
|
log_errors_with_cmd(go_list_cmd, "Getting the dependencies from go list failed \n\t#{stderr}") unless status.success?
|
63
|
+
raise "Command '#{go_list_cmd}' failed to execute" unless status.success?
|
61
64
|
|
62
65
|
# Since many packages may belong to a single module, #uniq is used to deduplicate
|
63
66
|
info_output.split("\n").uniq
|
@@ -5,6 +5,11 @@ require 'tempfile'
|
|
5
5
|
|
6
6
|
module LicenseFinder
|
7
7
|
class NPM < PackageManager
|
8
|
+
def initialize(options = {})
|
9
|
+
super
|
10
|
+
@npm_options = options[:npm_options]
|
11
|
+
end
|
12
|
+
|
8
13
|
def current_packages
|
9
14
|
NpmPackage.packages_from_json(npm_json, detected_package_path)
|
10
15
|
end
|
@@ -35,6 +40,7 @@ module LicenseFinder
|
|
35
40
|
|
36
41
|
def npm_json
|
37
42
|
command = "#{package_management_command} list --json --long#{production_flag}"
|
43
|
+
command += " #{@npm_options}" unless @npm_options.nil?
|
38
44
|
stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(command) }
|
39
45
|
# we can try and continue if we got an exit status 1 - unmet peer dependency
|
40
46
|
raise "Command '#{command}' failed to execute: #{stderr}" if !status.success? && status.exitstatus != 1
|
@@ -0,0 +1,93 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'json'
|
4
|
+
|
5
|
+
module LicenseFinder
|
6
|
+
class Spm < PackageManager
|
7
|
+
class SpmError < RuntimeError; end
|
8
|
+
|
9
|
+
def current_packages
|
10
|
+
unless File.exist?(workspace_state_path)
|
11
|
+
raise SpmError, 'No checked-out SPM packages found.
|
12
|
+
Please install your dependencies first.'
|
13
|
+
end
|
14
|
+
|
15
|
+
workspace_state = JSON.parse(IO.read(workspace_state_path))
|
16
|
+
workspace_state['object']['dependencies'].map do |dependency|
|
17
|
+
package_ref = dependency['packageRef']
|
18
|
+
checkout_state = dependency['state']['checkoutState']
|
19
|
+
|
20
|
+
subpath = dependency['subpath']
|
21
|
+
package_name = package_ref['name']
|
22
|
+
package_version = checkout_state['version'] || checkout_state['revision']
|
23
|
+
homepage = package_ref['path']
|
24
|
+
|
25
|
+
SpmPackage.new(
|
26
|
+
package_name,
|
27
|
+
package_version,
|
28
|
+
license_text(subpath),
|
29
|
+
logger: logger,
|
30
|
+
install_path: project_checkout(subpath),
|
31
|
+
homepage: homepage
|
32
|
+
)
|
33
|
+
end
|
34
|
+
end
|
35
|
+
|
36
|
+
def package_management_command
|
37
|
+
LicenseFinder::Platform.darwin? ? 'xcodebuild' : 'swift'
|
38
|
+
end
|
39
|
+
|
40
|
+
def prepare_command
|
41
|
+
LicenseFinder::Platform.darwin? ? 'xcodebuild -resolvePackageDependencies' : 'swift package resolve'
|
42
|
+
end
|
43
|
+
|
44
|
+
def possible_package_paths
|
45
|
+
[workspace_state_path]
|
46
|
+
end
|
47
|
+
|
48
|
+
private
|
49
|
+
|
50
|
+
def resolved_package
|
51
|
+
if File.exist?(resolved_path)
|
52
|
+
@resolved_file ||= IO.read(resolved_path)
|
53
|
+
else
|
54
|
+
raise SpmError, 'No Package.resolved found.
|
55
|
+
Please install your dependencies first and provide it via environment variable
|
56
|
+
SPM_PACKAGE_RESOLVED'
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
def resolved_path
|
61
|
+
# Xcode projects have SPM packages info under project's derived data location
|
62
|
+
derived_data_folder = ENV['SPM_DERIVED_DATA']
|
63
|
+
if derived_data_folder
|
64
|
+
pathname = Pathname.new(derived_data_folder)
|
65
|
+
pathname.absolute? ? pathname : project_path.join(derived_data_folder)
|
66
|
+
else
|
67
|
+
project_path.join('.build')
|
68
|
+
end
|
69
|
+
end
|
70
|
+
|
71
|
+
def workspace_state_path
|
72
|
+
resolved_path.join('workspace-state.json')
|
73
|
+
end
|
74
|
+
|
75
|
+
def license_text(subpath)
|
76
|
+
license_path = license_pattern(subpath).find { |f| File.exist?(f) }
|
77
|
+
license_path.nil? ? nil : IO.read(license_path)
|
78
|
+
end
|
79
|
+
|
80
|
+
def project_checkout(subpath)
|
81
|
+
resolved_path.join('checkouts', subpath)
|
82
|
+
end
|
83
|
+
|
84
|
+
def license_pattern(subpath)
|
85
|
+
checkout_path = project_checkout(subpath)
|
86
|
+
Dir.glob(checkout_path.join('LICENSE*'), File::FNM_CASEFOLD)
|
87
|
+
end
|
88
|
+
|
89
|
+
def name_version_from_line(cartfile_line)
|
90
|
+
cartfile_line.split(' ')[1, 2].map { |f| f.split('/').last.delete('"').gsub('.git', '') }
|
91
|
+
end
|
92
|
+
end
|
93
|
+
end
|
@@ -30,9 +30,14 @@ module LicenseFinder
|
|
30
30
|
GoPackage.from_dependency({
|
31
31
|
'ImportPath' => import_path,
|
32
32
|
'InstallPath' => license_path,
|
33
|
-
'Rev' => package_hash.fetch('version')
|
33
|
+
'Rev' => package_hash.fetch('version'),
|
34
|
+
'Homepage' => repo_name(import_path)
|
34
35
|
}, nil, true)
|
35
36
|
end
|
36
37
|
end
|
38
|
+
|
39
|
+
def repo_name(name)
|
40
|
+
name.split('/')[0..2].join('/')
|
41
|
+
end
|
37
42
|
end
|
38
43
|
end
|
@@ -0,0 +1,18 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module LicenseFinder
|
4
|
+
class SpmPackage < Package
|
5
|
+
def initialize(name, version, license_text, options = {})
|
6
|
+
super(name, version, options)
|
7
|
+
@license = License.find_by_text(license_text.to_s)
|
8
|
+
end
|
9
|
+
|
10
|
+
def licenses_from_spec
|
11
|
+
[@license].compact
|
12
|
+
end
|
13
|
+
|
14
|
+
def package_manager
|
15
|
+
'Spm'
|
16
|
+
end
|
17
|
+
end
|
18
|
+
end
|
@@ -5,7 +5,7 @@ module LicenseFinder
|
|
5
5
|
PACKAGE_MANAGERS = [
|
6
6
|
GoModules, GoDep, GoWorkspace, Go15VendorExperiment, Glide, Gvt, Govendor, Trash, Dep, Bundler, NPM, Pip,
|
7
7
|
Yarn, Bower, Maven, Gradle, CocoaPods, Rebar, Erlangmk, Nuget, Carthage, Mix, Conan, Sbt, Cargo, Dotnet, Composer, Pipenv,
|
8
|
-
Conda
|
8
|
+
Conda, Spm
|
9
9
|
].freeze
|
10
10
|
|
11
11
|
class << self
|
data/swift-all-keys.asc
ADDED
@@ -0,0 +1,240 @@
|
|
1
|
+
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
2
|
+
Version: GnuPG v2.0.14 (GNU/Linux)
|
3
|
+
|
4
|
+
mQINBFZNNIwBEADNFSwCfUUyXZujWzQCqYLlvRwZkuMUcJQH4NRwC/an9KwilFrz
|
5
|
+
pf/+atZFSciMx5R9vOG2odWbwBYU7t8XEd/NYCgyTwMNxAFkuaN1E0b/3mOWwbT5
|
6
|
+
91HziQNy0jDUlM28370pyv0rBTHvPbBQlo7BxJbwQXL3rs3KObAnhTG51aLztGds
|
7
|
+
OTxZDdpNY07dPGKJevP61l35yZI40tUmCKn/z4sLmX+DoUUplA35SMRnvQjd/pGF
|
8
|
+
9BTAFzLfsbN0caBixy++0ZIyK9ep1dezhqisUndE/rNk8KPNAM5zeFA1onzEEGFc
|
9
|
+
gk4iZ0N/S7dVb7N4Uhn8C/87E9yUkrzO0Kl+p2zumORiqIvkv9vtHMaKa6rBP/vI
|
10
|
+
iG02eiLmaWdDkg7afpJjnC6WrrJoBe/lbDAYrbD5eR4KGHdxMtAdh0sYZrZR8T4m
|
11
|
+
gI6alC8PjYY22wiNLeekATobDu5JVQna0525L57gpbLOhSjXk/69HHw/l7d/e6br
|
12
|
+
35rmMYGJd/9Q1w/4gMo8tX5m1WaoQxac4tZs8bBRKNP7YJkHmwfVG21h0KA91yFA
|
13
|
+
l1BMe9U+gomfqRoBCRXGDl1mHmyGqu59JjpYEP04Xu2dLCu8yt/HHYirMdsKIvHT
|
14
|
+
WKm6EvuQ4vFTQbPcdrMltL9yf8xG8EL0oDIbaSAnHI+sY+C30i0S557G3wARAQAB
|
15
|
+
tD9Td2lmdCBBdXRvbWF0aWMgU2lnbmluZyBLZXkgIzEgPHN3aWZ0LWluZnJhc3Ry
|
16
|
+
dWN0dXJlQHN3aWZ0Lm9yZz6JAj0EEwEKACcFAlZNNIwCGwMFCQPCZwAFCwkIBwMF
|
17
|
+
FQoJCAsFFgIDAQACHgECF4AACgkQ1EHJd0ErN63tFA/+N3ANSFFc2FcdimzisPOv
|
18
|
+
wBL8xSxQxUdsdELsht6WLh3buTunlIO36Ubo980hXyf6oxsfvMrDsn1eve28cpks
|
19
|
+
SXZxLpfQm96753mWICz1WJcoUv1EXpFKuqxb3OJXu6di11NQEtFNd9rM4x7MJQja
|
20
|
+
ICr5WXxzX0ObEUxY6xTjMlUyHkmR9ekEEPZUdrwpRFC847bV35vdCtMRztghecBH
|
21
|
+
tHMhTEbuYxpjBZ0hqIkLzDAiWenqca2P9YD2sgntTJFfZ3V/oi/REFxj5v5BmNQ2
|
22
|
+
wCyppoWDyD+oWJyh5dwuOc+xlYboN5EtIkuhS7/ZuvQipZpeJD7w4pkPO7l2Twal
|
23
|
+
aHulJJV5f40gpIniullTC/I6P9HIp94wZ+UPm3/9M4AiO0oB0x4uk+buA7nCZ5Oi
|
24
|
+
BaZKwO8nMFQBEaNuqKz+xLeokum3Alcwx3drwi0TlBX+GafrFFHwhdwDGuQsWpGT
|
25
|
+
vNl6LEBNduPvs57382W13aiYT/p470M/RuTt6qpLyLVsWmGO5oh8mm/WWGDzza6Q
|
26
|
+
2NuUBcs2ZCECvRlEt//689elx7VDbJwE6Mw3V8bosGx8y4XcQYATFqxm7WflbBpo
|
27
|
+
5HR9AST2Noc6g4VPepZSgi0T4lRbIsyLml7kIvOQBre4i36br0VLIUairez1mqpm
|
28
|
+
sG3P11076R+g/BcL4hg9jXE=
|
29
|
+
=ONEK
|
30
|
+
-----END PGP PUBLIC KEY BLOCK-----
|
31
|
+
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
32
|
+
Version: GnuPG v2
|
33
|
+
|
34
|
+
mQINBFZZS3oBEACbRmmzVwF/Zf/zGEZTGXWzeCjwmYcvCx/aqklIWRFC/PPRwZ53
|
35
|
+
rNgeVpEHNu31duF3JCEX/7fL9rmjnW0C2mQCzkvKF+rZNO+jPL/0/fsjVfnSXx+g
|
36
|
+
m9yVyPmR0XvR0Kk5PqjR8XH/syNblnCo16fr7YK/JMrGM9E/d+UomomXKALbgebX
|
37
|
+
oO0c8eA2Vij4b2BAFr+L54MTzquKqyEru9Ty2PTcIBxcEYqko8i3Ttej6WVMKphW
|
38
|
+
J9QNaeVF9mfHuA7zpFlwtfFOrUnA2Qh6IwT+w7o941q4TpzYNVlcR3IV2P51CZrG
|
39
|
+
zQAGRvWWmg5yswhyTEJpt0i4eLoqeJrcNZRT8FQjmcXgtdPvSFkJPi39e5LrT23M
|
40
|
+
/W5tHvnldFDd4RYQmoO3XcIJzyEe6yXNrcaTT386m2e+cjA0SwZ7l6kHVhMikaS3
|
41
|
+
FWccQ9VgWqLHZPd0f9oKdXbMMoIZs0D3F4hoz4oE6xkntEhw3Z3cVrKGpYuhJOKQ
|
42
|
+
yPoCaNEpnT9qaTU8BmG/ToUWXZDuhm3FOAOEOOtFFChfy/0+9HnS6Q2aogYuD++o
|
43
|
+
6XNSFCwONIRnoHyIRjCA8ce/GNsxpBp7bjUDGLoQJzmki4O/lyxMxS5k0Z4mjLS+
|
44
|
+
xZo6OLt8LW5/w3YJUEU6PM88GhA1c3dm+U4mV3oW0QL0WG0b1tSxhLHf+wARAQAB
|
45
|
+
tD5Td2lmdCAyLjIgUmVsZWFzZSBTaWduaW5nIEtleSA8c3dpZnQtaW5mcmFzdHJ1
|
46
|
+
Y3R1cmVAc3dpZnQub3JnPokCPQQTAQoAJwUCVllLegIbAwUJA8JnAAULCQgHAwUV
|
47
|
+
CgkICwUWAgMBAAIeAQIXgAAKCRCfWX9NIaVtX/L3D/9NJVFh9tBYgzwtbhgHTVxq
|
48
|
+
U3VKeKUIvvWxETtaYmKsL8BPBwVM2IHDPyiOGczxe7RbpNszoIY/EBKNsI7yOnon
|
49
|
+
qrMebQVpzV0wK2WwfHKnXYXXFeWADapwBGEcST7WNwX+la/oJOQtBZpMbBHDia4C
|
50
|
+
g7EENIdeWDRHxzl785PSlAOERvaKsPlFk3bolQl/Vhy5YZIe4Mt9KN5LZ2E+xz3Q
|
51
|
+
DDplOTi3I2df9Maf9UOxrS7zk2NvHw+5YeqNs7cqp++mjIRQ7/M+PGPx7PZMttBk
|
52
|
+
Y7sIn1m3uSZkK2nEWZ91b3pZdr3Sff2Ig1H+ConUqy9w0CqGSqCmY/6QP05J4kpv
|
53
|
+
ga1uNmKRJdv/pGHfTaoZ+dubm4+UzGpfzHdEhvmm4gC/+kU+nq5BuhvzO7iWKk0o
|
54
|
+
kZOKT642WSsp7TYKp96sMh2xeUbYl/eAHi8nQfGuYeo6n1NaUMtwb8jYusTuISuW
|
55
|
+
yWRSKaUanjjKGkl9LTpODWLkXHmqGJhp9l61AQ3fKDQgXuKuglWBfsZOhDRl+oYr
|
56
|
+
Q22LzpSd4ISG/gXN3X4ADeuWJpe8d+nvpc6KtuShgRT+KeqrE9BcXfDdEk56I0Xx
|
57
|
+
+eGb1v4f4nibyiCvw/mBDCRMIqOsc/jyqA9lydLMxv/Us7KNYqh/Dzx7obfRUE6L
|
58
|
+
2S6Hfx8PaYq16WXdxd/PBg==
|
59
|
+
=5r2z
|
60
|
+
-----END PGP PUBLIC KEY BLOCK-----
|
61
|
+
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
62
|
+
Version: GnuPG v2
|
63
|
+
|
64
|
+
mQINBFdM2VsBEAC63xLZsLc7HBbJ1V7ak8dGNSDs2ibcaMKAuWU916UWjFX+KlZE
|
65
|
+
8ruOVTol1KvA0cac6CX+Fd5SMirpxAaEUbYMwVEMzxOG7NhBp0wAJiO3LWsVoL4z
|
66
|
+
G7wIpdPzjxP32qUABpF0Z8uo5zhQL6uaWtmKIhlBlzUmhbxYFzGUuCO8Y94hCH5A
|
67
|
+
9l5Oedin3D3/v2T60/B2rygmQ1fC372Peg6m0dR8PCp42Jm+VXjgF4yfGyP4MJPO
|
68
|
+
c1gq8AWNQ4Ex1qhQ9E/Mhbn88LvUQ+OO5u3iNw7AflBuvLaLy7VbD+pGpoGv3EdJ
|
69
|
+
LsDJg3dU4F9Ii2hLAD5Sushtjx6DwwFJvKFsm7QzG7OTQB0rC9Gtw/MpopafFI0e
|
70
|
+
Wo/6xmXnw9GQQ6uS8RoVri6Lfp4IpXdLZ3CMxBeJulmUpBdIFK+/SnyMfYW88tzx
|
71
|
+
DbEFpXa6SaksSXjAXuXhUu+h37YdIfWcbE0KUXH848RcRPnTUOBwsqE2UzLQjF3A
|
72
|
+
aPV7YIQxNNp0mUsRE+9R6yGhSog77jsu5XusswYEOfSU9p/bkQd5kJ5acTyHDU8A
|
73
|
+
+q/+O2T6aZqIFOhgXFiRj2TDGlqj4K+LUycpMWzPgn+KWKNnWgbJH1u3xXPnOZjT
|
74
|
+
0i1Vm2umWd7OxzThSvlPGlvRLwPKWhdeFL37M3Bg3og1P5TgP7j4HT6Q2QARAQAB
|
75
|
+
tD5Td2lmdCAzLnggUmVsZWFzZSBTaWduaW5nIEtleSA8c3dpZnQtaW5mcmFzdHJ1
|
76
|
+
Y3R1cmVAc3dpZnQub3JnPokCPQQTAQoAJwUCV0zZWwIbAwUJA8JnAAULCQgHAwUV
|
77
|
+
CgkICwUWAgMBAAIeAQIXgAAKCRBjvBz+kdMGxjBhD/9RUFlNP0cG6RJPl51mPCtO
|
78
|
+
YMW/y5ssYyWi6u8q44Ccqit4EKjXUaeha4KSWQS9c+7q8bbfxbtl6AEsI+fxx3RA
|
79
|
+
mYMjXfPnpjxqJLvwXOzAmG8bZzycdKiC1XBINR3e/Jw4Zu/yj/GtWSG2+OogFfNH
|
80
|
+
n5Gg43B8D/fdqQkvlFXVuM0kMKPmAc+S1ikBvprpyjya47EKx5rWSf7pl/gm4jBE
|
81
|
+
dBrWdpaBicOQmuv+Vr59rj2/UCWdD/dZRtwB66qn/AIZIgEOLyW2s/Mu9VK5zoNs
|
82
|
+
oUZhRpe9t3eH59KbKvU+JdADMhBnUe3r4/HkSbHmPoML56g8RQV4T3LZa2sMt9Z3
|
83
|
+
UC7WFr3VfPxXHpI9BhY8HJvaB4ML6PvYuXHP7TYkrSQ9FMoxjHcwEE7cga8BzAHu
|
84
|
+
MxCuGrPryHRyApdFOh6oTts8/bjn+sb0VVvnAjFsAjDcBF18s5aI58eGLzLBgRnZ
|
85
|
+
jyGvZ20h+I0JE3vDydi3rVEBm/fgkUwTtBuEG/mIwIea9QEcMkv5dq1aYheav1NZ
|
86
|
+
Amqr2BsSl8PufUdfGgMKjMIR6Sv40mhTCUFSL1TG8OsaOecK7XXEjcpaQjCg1lqj
|
87
|
+
hL04ayrZehJzuiP30htRdbrFraDr/WQOPW3VqE0DtjVfaH7AARKLp/HRDOd5hiUU
|
88
|
+
RBrjB1unJxVpnKg4t0El0g==
|
89
|
+
=ssEv
|
90
|
+
-----END PGP PUBLIC KEY BLOCK-----
|
91
|
+
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
92
|
+
Version: GnuPG v2
|
93
|
+
|
94
|
+
mQINBFlAigEBEACbGsfWe5nCOFrYSpz6oPh9ihq0RZQlktSz7E3Ou0cwSNqOnGRO
|
95
|
+
s6z5pyPYlJgpvvaxsKcBS6R4DFq4/30Aut4Jj4T2qa0BXZqqrHrXyM8ucmpPpF0T
|
96
|
+
jcRJAQZg/Rj8AhelYtcNKml/j8b9n8p14K+u+Zp0SudaNxLdxIbr94eEEDd/ecH/
|
97
|
+
caGspqPuJjBanQNTzV9ws8ft7NLCdWnSvh5aiZrsWIrFfFxQm8zh9kCim2e3QX+p
|
98
|
+
wufMDIKH/uEaOlinVCmFJNXGqpeyRjrile+r6Bd8fJiFLFtUeIiCdyxD4nrV+iLx
|
99
|
+
ZAc6boVeSXdawPpX/eyXeH7NhpEofFz02W1EAoNFKgzdoEi6CBaA9P9Jrk/wRZuH
|
100
|
+
vR+Mzbuu5aXDwDCjhtFu2Mm3bmN5pt3xuYCYoCgOp1wEld+szMfSjQNNJfUkFwzU
|
101
|
+
eaHuaofXHQxuQ/uIEh8cr8/GEYtqGOU82T1raj3Sv1GcUfj5RO9k2rI7hWro8Hzc
|
102
|
+
oXjLTDfABSZJrsuDLrzMUDOSKb+R3rf7uDYf/bTWkpLwSvrJRQaMXkQm70WWBFF0
|
103
|
+
A75HxFBi8/9f35azYlFfCi0cEHAAHm0wdxU/D9b6TV/9zDedbgFl+/8xMBQiOX1r
|
104
|
+
WfQrXA7zONhZpc+to5tyzrV57+Q4buKQUibyYut/7Gl1FbVaD4LvAUpbqwARAQAB
|
105
|
+
tD5Td2lmdCA0LnggUmVsZWFzZSBTaWduaW5nIEtleSA8c3dpZnQtaW5mcmFzdHJ1
|
106
|
+
Y3R1cmVAc3dpZnQub3JnPokCPQQTAQoAJwUCWUCKAQIbAwUJA8JnAAULCQgHAwUV
|
107
|
+
CgkICwUWAgMBAAIeAQIXgAAKCRDvVDDwceGyNQE4D/4jyvkwjMzp3KSZKTMvcalT
|
108
|
+
JPmc4rkpqc1b3VJCTpG/QRK9faJAbUVBz+iJBRIA7OjsjW9nS+oEkschjs7mjdiA
|
109
|
+
U3XxtJMsZSJiO6TRdstJg0i2jT1yhQ7zuf8xeFEpx0Ekya05mYHiz3LdS2TZJcZZ
|
110
|
+
D713M1GFsb+bDRGk18nVvlUIDB+9jIoqLgXf3muzHUmF0VF1HHfjB5zHfd9h6P+n
|
111
|
+
DG5e/qA1MA6jaoGcHK31qoqvrLvoDMYlo6Nirq5Gsjf8rNTwij2GM1tNP8BIn2Y2
|
112
|
+
5rgQ+UbZ3dUE+2KgUg+cqNtZPe0szHOInUew/Kq4ogRWgSWw/NbR+W5J5Ro9pCFJ
|
113
|
+
pJaLBhCDQ35CIfcp5Mn2qSr0UW+7U4wfsoI4Oui5/dRx4iXFLD2LRlQuLTe0vRDK
|
114
|
+
N6PcSeybtCyxeXXopWZvdNvO9oMoJ6vrorZciF+tcG9qaqaaf/Y1h7pfwiYkLvwp
|
115
|
+
4RC/FFURZyjeyk8gfxaE1NfcnXM3rByW8br/gtL1VR/s3igKXk/rVeywlMeXyeXP
|
116
|
+
CxS1uflC2dxGfzFiNFJoQlS+0XYV4nYNTVALe4/css3LLFtLt9rBKe3U7JmXl52k
|
117
|
+
zyUq5nMsltYp3kg3dRYHejwzyrlVGt0Twos/Zqf8NztD9LPiVsZP/f84AobFsmkN
|
118
|
+
ex1agHRY0JDH1IrwmfVwrw==
|
119
|
+
=nP+X
|
120
|
+
-----END PGP PUBLIC KEY BLOCK-----
|
121
|
+
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
122
|
+
Version: GnuPG v2
|
123
|
+
|
124
|
+
mQINBFoBAhsBEACtaQbqQhwMedruhTrierPCHRy6ZmO4HuRdrd9LnOBSraQnHFb9
|
125
|
+
kc2IfuHwB6YytZg6VFy4iaFx6vOkZQk7bFiAMB5RwIdPm7OmHGAYWkKeDOCB3lJB
|
126
|
+
gJ0YdP7bMOGJL21RRZfUmkTMaT4zP3J0NeUL/mt4ezdJQyyWxdYigN2AgglAxZve
|
127
|
+
27K+IjlQVvuAe5MWqPn4pTktjWxuDkIN2BvdWXz5Ycbewul7Hi9dZzaLIVDeTq2F
|
128
|
+
MUjR9FBJoNpJKjPTAeOyXj2jvHR753yAeRG/79sfeId9568XNxTi/2OXqdkvwg/q
|
129
|
+
huGbx0fgkqnkMw/0nvqDVsbnHXMdE0WNVluemt6I9hJvoHfOEBYYAZi4+spoVCJW
|
130
|
+
xwwgVt8tNTgbynejzr09d1RgVJH/OKcKCCOTtbbjUdtMt3MMbaBaN10AKKFWWBbR
|
131
|
+
Tom8J6wwM8LsKkFj0F5uzkG928C/vx5hFv3ZltlFUu9j8u4WU2kF1D1nzhw4E9+S
|
132
|
+
epq4jrWMa5Dvr9UhnkJCW0g/0vPnynbOcJaXyWQtqxdgAT9LxMBeMSd26O9UklaH
|
133
|
+
INivaw8l2SpdauJrYon0uhK8RTTp2rSt+SLHqgxsbmGmr5jTm1Z37EzffgoIFDOB
|
134
|
+
a+3zHaLJvkeZQXzbLAqzfHYSV9lUe7In+F9tqZ5l7702UqJmIWoGb6IGqwARAQAB
|
135
|
+
tD9Td2lmdCBBdXRvbWF0aWMgU2lnbmluZyBLZXkgIzIgPHN3aWZ0LWluZnJhc3Ry
|
136
|
+
dWN0dXJlQHN3aWZ0Lm9yZz6JAj0EEwEKACcFAloBAhsCGwMFCQPCZwAFCwkIBwMF
|
137
|
+
FQoJCAsFFgIDAQACHgECF4AACgkQdjjx+ysrCMSihxAApw7qKGfiN8a4bFVwKRdY
|
138
|
+
7BLYu9HLetKHUJPerypKEKfUshU0X8Ns3lBxjSqNY2TvLyun1kbtUsxy+qi/X+HM
|
139
|
+
nb93ONYOAeny1DFxUdiehhVttTQQB3RXdmhHGytoxzHX62N/uo9tYW9xQ+gaK+QC
|
140
|
+
Rt6nZN0Prm6X+4vpQGD7H7O9cN8pw4YuoJRDwn6bFPl7WgqrYWX8/jvbXH1NjbJi
|
141
|
+
j6kXvDSzwtPQNsj7vTC5K4TBMgfBFw5kndu+1sEHAfPIbwK8w/EGr32eSRT6l3xk
|
142
|
+
TYFquL0S5NGCi9/pIqT90knsDqXyNer4xmwQ5FJPUTpdUbFz0o/DQvIFrbJ465Q4
|
143
|
+
feibfhpxVqLCpX8goosAS5nd0jRGicSYmoxdtUBUp4gn3ee3yI6JbA0TN8haczNC
|
144
|
+
e0FfQD9s9O+m6ft2/CzIx7YFeiIRhfcjfmGJ0+eAdpEsDqC5Hyc60hwHhPg222Ah
|
145
|
+
ASkhwDD9NejskxvdMUPALk2C41ZlR1dYqfXwUJJDPwNY210QQgBZ0+GG72ErYssh
|
146
|
+
4sG5U9XRv4IZhFlgBVmMlfbSi71BawOy+IN7ii49m9AY7p6U+m7yoeZV2H8YJbTk
|
147
|
+
KhfnS3rZqsSU+ZYJYkGOxnQetkKUDGaVKdwJE49ll5R1/4om0h8aOOU8VyzrXPc9
|
148
|
+
cZMQ1BcfMNkeu81HaxE0Lpc=
|
149
|
+
=l0K5
|
150
|
+
-----END PGP PUBLIC KEY BLOCK-----
|
151
|
+
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
152
|
+
Version: GnuPG v2
|
153
|
+
|
154
|
+
mQINBFyUJhwBEADDBN6jVDScsgzfQDxSQga0Og4O3N/nIquwi/DGOgsAsTMWcVA1
|
155
|
+
gmRJb792vWa9CmnHILl3ap8zObDSbcXg90nx+eCzWJjG+Ud5c7xuam96NR8ntKmU
|
156
|
+
8+BbH/dp8zc9WJB37TiWcaLsddrn58zfm7Ml6P9M48WAeRJX8nxVBTw1SjXJurW0
|
157
|
+
Ab8LOgfb60I09Skq72Ud7HaYJOG03iNTf6qLlF977OQsHCb21BnKSAmJqapUS96/
|
158
|
+
VOngz7TBzYz4rntfetb8hg28WtUl1s5BQzWaFunkP03b8mPh3PL1SZxutwViVWBu
|
159
|
+
hf9kJtx/MLb79fnuJEOus1FvDqJdpd83H+XmXMIDYWgcBIBVrLT5HDtRerjF178H
|
160
|
+
okb1F+gboGIqhnx25xTPIYctSHPgJRScZp4WKrqQLKswAmSL4YJXnkXSff05l4gE
|
161
|
+
WXQpEMLBZa46qmu8lj8HfoZSbP9lfvEtZ6A+Q3sfh3gjYPv7e6n37x22tSgvyzCb
|
162
|
+
jHU1pA2rv10AHK7EIeEQElN+zCyAbmKuhPBiCyxDFg5Dx3xNkYwg9szBJ0KleVD4
|
163
|
+
+Y3PZJ4N+u+SSATYnHGtmzvkhiNtqJCCwuaqY+jjVObzzqvLLtGjtjxNUWi2X4He
|
164
|
+
q+r2fubjCOW14UnQ06qfr3mVUSmuLSKs8BD8qTGuqlgcenGsY0bk0qUPcwARAQAB
|
165
|
+
tD5Td2lmdCA1LnggUmVsZWFzZSBTaWduaW5nIEtleSA8c3dpZnQtaW5mcmFzdHJ1
|
166
|
+
Y3R1cmVAc3dpZnQub3JnPokCPQQTAQoAJwUCXJQmHAIbAwUJA8JnAAULCQgHAwUV
|
167
|
+
CgkICwUWAgMBAAIeAQIXgAAKCRCSXMHM7T0VYSm3EACUtuxMfTmGexA2xBvGhKQ+
|
168
|
+
bi3kRMBj+9BoSkVV11gDvumurldXRoKsIIxEdrD4xjagSNiVd7zj3L9wANu6+YgP
|
169
|
+
HgBq8sUMXwsyXdL16jNC28qVqKF4jZxwmI9t6nVpQOSxGfBxdXmIhTxDDXFo4JMT
|
170
|
+
uKx67BaP1GzZ+BKvxm09xChIJ5xh7x8/bsZ7HlXqc++ARn0Lh9d5CISUKE1PPnMN
|
171
|
+
KyRUNt4X/qj7zJHDoAihufPKodvvXPsVAIpfCJZm7XB5WvP63IvQaFW/cX5wineR
|
172
|
+
FZY/BKS+tsJt45jJ9c/Ofzqrr//stCz4a44fYvpqaxIqTLr4CpNH3WBIM0RBQqJj
|
173
|
+
35jJvdrNIuueby7GN3afRcvZIQBkbMkwZrW1iT8eah3EQDiXszbi7GkbXuOxQOn/
|
174
|
+
n8KJJvTJU7wAyH4WLvvWLFUm0oyHjIW4K9vSUM+x74WRuKxVikM6FAJ7uXsYtZ3Z
|
175
|
+
lgL2hNlbMwpB+wxvA9isT3dSyzAtZmXpomOLuQTETtm4tSpt8XnF3eCsAKHSWqrA
|
176
|
+
/zknqizKeBTPprqibixfO3dwUzFhUu3tkhxznIN3eEUrDMPxNrxObqJf1I4ySUYe
|
177
|
+
vc6fqBG86SJ2yjN3IMJm5Y/z58QQUmSOweL9xQSr1hdcCxBtmLSjAlVzJMkpQ/TW
|
178
|
+
xXPfHp4mZnRMLsGyO3eYrA==
|
179
|
+
=l2j3
|
180
|
+
-----END PGP PUBLIC KEY BLOCK-----
|
181
|
+
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
182
|
+
Version: GnuPG v2
|
183
|
+
|
184
|
+
mQINBF3DedcBEADmr11PU7BBVSEjSx3z2bqrktMURD2AnrXJgL+sAeZfMaZpDZCU
|
185
|
+
pmLKtI32Yp5X3Mv3mlj2Mz3VdtRh7ni83E5cqTLXs4Yjsujgu6nWS5qWqmSYw0Ax
|
186
|
+
RszPPJISf2MAbZyBQJpaoDK9t2eIh3yG6J9XhIMu/ZpDND8afNYGNRhXKetv6+l7
|
187
|
+
MHTYd5rlU94eIXcxLA/yV340BVTMoaiIfAwUF2uFubDYfro4Ckj+xzjGIvn3ueu0
|
188
|
+
u+Yfmc40YIuCsA+zgf24Tie/rIwifEzWxFCka2jNPU+q8XIrbPmTKGvxnpwjBKIz
|
189
|
+
B5HtB+yyV5mhnaVg1kkNZH/rZxJQm/FdFS9IXmOmV5CFn+R8grTxsYP/A4jDHnmz
|
190
|
+
wx/gJuUvt/ADt3cuU7sGLtT1cvH1UlS/fso2bDDHBhuEa/9hjD0uIYpLuR4eTUQs
|
191
|
+
WNU9a2WFxprNfM7nbUIWqfTr6tdnQORPnDi8lSGePlJNWQHzg36WyxPzq9EG0S5r
|
192
|
+
35Gb5NXeok6CN9x0EUiRt/Fl0POQRJ2Y6TWmOzaZ+8B8HExhA02d86Wnzfss8kAB
|
193
|
+
eLSHE6aOguwujep9LFrTxUeMZTIkk/kxc0ibHuq0r1jwRWnCx9TwXCFeAW1gs7eo
|
194
|
+
xybF/HVuDqSLaRIgpIl2KFxvXRY6g37ggtcAxV5DlH6oK90ja+72Wre8+wARAQAB
|
195
|
+
tD9Td2lmdCBBdXRvbWF0aWMgU2lnbmluZyBLZXkgIzMgPHN3aWZ0LWluZnJhc3Ry
|
196
|
+
dWN0dXJlQHN3aWZ0Lm9yZz6JAj0EEwEKACcFAl3DedcCGwMFCQPCZwAFCwkIBwMF
|
197
|
+
FQoJCAsFFgIDAQACHgECF4AACgkQ+vaYnhvBb+oGHQ//ViB09Rk7W4BxyuvwDZx8
|
198
|
+
w7JR/WfCFDYAz210EILu2o3tqHWpfShynA2V/oOFT+VHykr2TK7wT2n/o9axfIq6
|
199
|
+
rF8W+X2VnXzwzN3a04iVtakcSeCuH4KIiT7vIjfOtmEwqJlpAIe6LF0NXb5wV9/I
|
200
|
+
mxc7xLKbTCBSjrNqQsCOZ6VbLqwQuOjI0afRjnUsI07u/8bo/8WeZS1roKy0ntVI
|
201
|
+
wyw05P5cV64pjHwNXH5CN8nB/G4pjCRwehI+4hAm0SOUfIDyLdQ4IThAJY+FVzIQ
|
202
|
+
dXSKMyVNQMe/PuwLB3CBNMPOtxsEwOdgrLwClm2jOOS/bjrBI5jerUgCSBDPerEP
|
203
|
+
3rb6hjehuvhYudYZ+awmWG2NRxdWqUBO3twudVci4keQjjaBM+XiaWpEn9jD3XkI
|
204
|
+
ZZC++bXx0o6ugDGFNTNwpFZ9hCC0x8djDrJDz1OdSYA4Mn4bB1n/8FI3+wSk8AP2
|
205
|
+
YzfjXbdXQMe44FUWPJgcCJ8EEsF9eKtw5019288ECIlfaHIzw+tgeg7iTShhB7wi
|
206
|
+
8T6PFJvRp8L4hssDfzMS9ZG93InUGL+6eyasIVXJtPDmCCP4LHMN3XYH0TgqBriD
|
207
|
+
A6MXJzpykPpl51JkXNRtCWtUVBJpDN3L6Ue4Ouxqs0amMBJCNXM/6t+aJfrgwqiq
|
208
|
+
bDzlXsGoKE1i/038Ag41vE0=
|
209
|
+
=kzvP
|
210
|
+
-----END PGP PUBLIC KEY BLOCK-----
|
211
|
+
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
212
|
+
Version: GnuPG v2
|
213
|
+
|
214
|
+
mQINBFyUJhwBEADDBN6jVDScsgzfQDxSQga0Og4O3N/nIquwi/DGOgsAsTMWcVA1
|
215
|
+
gmRJb792vWa9CmnHILl3ap8zObDSbcXg90nx+eCzWJjG+Ud5c7xuam96NR8ntKmU
|
216
|
+
8+BbH/dp8zc9WJB37TiWcaLsddrn58zfm7Ml6P9M48WAeRJX8nxVBTw1SjXJurW0
|
217
|
+
Ab8LOgfb60I09Skq72Ud7HaYJOG03iNTf6qLlF977OQsHCb21BnKSAmJqapUS96/
|
218
|
+
VOngz7TBzYz4rntfetb8hg28WtUl1s5BQzWaFunkP03b8mPh3PL1SZxutwViVWBu
|
219
|
+
hf9kJtx/MLb79fnuJEOus1FvDqJdpd83H+XmXMIDYWgcBIBVrLT5HDtRerjF178H
|
220
|
+
okb1F+gboGIqhnx25xTPIYctSHPgJRScZp4WKrqQLKswAmSL4YJXnkXSff05l4gE
|
221
|
+
WXQpEMLBZa46qmu8lj8HfoZSbP9lfvEtZ6A+Q3sfh3gjYPv7e6n37x22tSgvyzCb
|
222
|
+
jHU1pA2rv10AHK7EIeEQElN+zCyAbmKuhPBiCyxDFg5Dx3xNkYwg9szBJ0KleVD4
|
223
|
+
+Y3PZJ4N+u+SSATYnHGtmzvkhiNtqJCCwuaqY+jjVObzzqvLLtGjtjxNUWi2X4He
|
224
|
+
q+r2fubjCOW14UnQ06qfr3mVUSmuLSKs8BD8qTGuqlgcenGsY0bk0qUPcwARAQAB
|
225
|
+
tD5Td2lmdCA1LnggUmVsZWFzZSBTaWduaW5nIEtleSA8c3dpZnQtaW5mcmFzdHJ1
|
226
|
+
Y3R1cmVAc3dpZnQub3JnPokCPQQTAQoAJwIbAwULCQgHAwUVCgkICwUWAgMBAAIe
|
227
|
+
AQIXgAUCYFlw2wUJB4exvwAKCRCSXMHM7T0VYcDjD/9gX5EXlPJU1QgFw4PwRUDj
|
228
|
+
9GxJ7DQ8ocgZT3mtt03gpRj7yTOL0iBDsJ4GtDiPcq6xCm7WEmNYBs/cJWVGwBC2
|
229
|
+
jeQCUCkxCXR310V3/RRFMhKZZPBq9A1UqqooO0WYkpR6JFP2a5cf2kounuyBoVGX
|
230
|
+
wV7Cn4ZqX/fLOt156EiWUtOxC5L/nJqn6Ea57arwVUwZ3Q2tcKthxFrmMD9H13oW
|
231
|
+
Y4coWiQhVx0xCMbc4cPh7TeRIdUu7D2JJPg/ypqhE2fIPPYrCAJSWp9A/m5oaLM+
|
232
|
+
6/ABV+JYw3sgmnCSMxX+EV5iDsRamWMJwO4Yep8qMBD61jID5zn0N+VSLdEVfX+5
|
233
|
+
O4tdHMvC/YenJ0SFlWmZ7VGD99497IlsTMBFuOzBwXsfwdbSmG5KB6uKormLB6KB
|
234
|
+
INvASgi7HbcYgM6vh82mvpswp5UmrT8f2trnSaxHUz5gtUiYFKdBrLgbLBhMlUTZ
|
235
|
+
giRHJqm7DnYJVUAOOj26uu06gcXu77MzEiBT3PGVNPMgfYhc5I6hnx4nrXDYT5IT
|
236
|
+
bP9Gt1BpsaG8J2jZL2OyOdkd7FkAuWzJVmozDIhMcsf5AjxrZaSYKc2BwgevdIB/
|
237
|
+
nvrD/IHRzS34EDnqv2J2LsQqWI3PM7JC5fW9L69NaSWdWpIoHl4gPcm55wbF+tHP
|
238
|
+
SnioHPOvgHUi1wc55I6QNA==
|
239
|
+
=z7kI
|
240
|
+
-----END PGP PUBLIC KEY BLOCK-----
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: license_finder
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 6.
|
4
|
+
version: 6.14.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Ryan Collins
|
@@ -27,7 +27,7 @@ authors:
|
|
27
27
|
autorequire:
|
28
28
|
bindir: bin
|
29
29
|
cert_chain: []
|
30
|
-
date: 2021-
|
30
|
+
date: 2021-06-25 00:00:00.000000000 Z
|
31
31
|
dependencies:
|
32
32
|
- !ruby/object:Gem::Dependency
|
33
33
|
name: bundler
|
@@ -457,6 +457,7 @@ files:
|
|
457
457
|
- lib/license_finder/package_managers/pipenv.rb
|
458
458
|
- lib/license_finder/package_managers/rebar.rb
|
459
459
|
- lib/license_finder/package_managers/sbt.rb
|
460
|
+
- lib/license_finder/package_managers/spm.rb
|
460
461
|
- lib/license_finder/package_managers/trash.rb
|
461
462
|
- lib/license_finder/package_managers/yarn.rb
|
462
463
|
- lib/license_finder/package_utils/activation.rb
|
@@ -489,6 +490,7 @@ files:
|
|
489
490
|
- lib/license_finder/packages/pip_package.rb
|
490
491
|
- lib/license_finder/packages/rebar_package.rb
|
491
492
|
- lib/license_finder/packages/sbt_package.rb
|
493
|
+
- lib/license_finder/packages/spm_package.rb
|
492
494
|
- lib/license_finder/packages/yarn_package.rb
|
493
495
|
- lib/license_finder/platform.rb
|
494
496
|
- lib/license_finder/project_finder.rb
|
@@ -514,6 +516,7 @@ files:
|
|
514
516
|
- lib/license_finder/version.rb
|
515
517
|
- license_finder.gemspec
|
516
518
|
- release/instructions.md
|
519
|
+
- swift-all-keys.asc
|
517
520
|
homepage: https://github.com/pivotal/LicenseFinder
|
518
521
|
licenses:
|
519
522
|
- MIT
|
@@ -533,7 +536,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
533
536
|
- !ruby/object:Gem::Version
|
534
537
|
version: '0'
|
535
538
|
requirements: []
|
536
|
-
rubygems_version: 3.2.
|
539
|
+
rubygems_version: 3.2.21
|
537
540
|
signing_key:
|
538
541
|
specification_version: 4
|
539
542
|
summary: Audit the OSS licenses of your application's dependencies.
|