license_finder 6.12.2 → 6.15.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c85ec7cd64df538fe5b99e3984a2ef369c8c09d73c7c07ac72ed39b246054dc1
4
- data.tar.gz: 3c22d0d435a980d2a7853492f7043c7fabc67a2e8a6fede8fc74abdd86b8d4fe
3
+ metadata.gz: e0f3198afeab037eb2406cca40c96d108109195d56061b050d71885d034b2e3f
4
+ data.tar.gz: ffd412a79598a92e58ae9283a3edc3ed69e18fabfda33bc3edafcc5045b51391
5
5
  SHA512:
6
- metadata.gz: f2f62d260d5d8a3f6090f4ceefa4ab1145b301b35cdd2489049936739a2aea3553b30ab112996c04c27c6dd2bcf3fe0f010f6d5b8eedb1e8ea5b22960d4534c2
7
- data.tar.gz: 58f912ce7df4de805fb8a6b80ff1fb39608254bb9e955618d4b8b96d9b2c5a9f1e65b03701f96057b848338c44a3d1eb444c4e09f19f7d8be19f6f1ccbc7a774
6
+ metadata.gz: 2ffa007a078fcc4f805c8d8b2ab5f0310d11977e3ab0c890dbf200cebca6a687bbde42a1159cb971897162882821f2663278ee2e7f24652f3ecb550b6f42894a
7
+ data.tar.gz: e3a8f9809ab13005912da13899d1b9f6078d918afa83ad4f5a11766e00813df1539d42d2b0103807a81f362ac4b15c0bf6b3ad7a8a1d7984b43c826f788baf1b
data/CHANGELOG.md CHANGED
@@ -1,3 +1,36 @@
1
+ # [6.15.0] / 2021-12-17
2
+
3
+ ### Fixed
4
+ * Fix docker Conan and swift - [66031df9](https://github.com/pivotal/LicenseFinder/commit/66031df912c2e1e21aa794a4b897fc61c9ec6b02)
5
+
6
+ # [6.14.2] / 2021-10-27
7
+
8
+ ### Added
9
+ * Zlib License - [0f004b52](https://github.com/pivotal/LicenseFinder/commit/0f004b528d436b4d53db8bd373ede0594c07d9e8) - blooper05
10
+
11
+ # [6.14.1] / 2021-06-25
12
+
13
+ First two commit were supposed to show up in v6.14.0, but GPG bug prevented a correct build. Therefore, a follow up patch build was made to include the GPG fix.
14
+
15
+ ### Changed
16
+ * Upgrade Docker image to use Ubuntu Bionic [#178471230] [1c12588c](https://github.com/pivotal/LicenseFinder/commit/1c12588cceecb8b7350d090c85b519b24bcc6682)
17
+ * Update the default timezone to GMT [#178471230] - [9fcab84](https://github.com/pivotal/LicenseFinder/commit/9fcab84605cda81e7f276d3c567d14409e371333)
18
+ * Use local copy of Swift puglic GPG keys [#178674224] - [4db4b3e](https://github.com/pivotal/LicenseFinder/commit/4db4b3e5980ca52019549d74da574a2342a7846e)
19
+
20
+ ### Added
21
+ * Added --npm_options option to customize npm behavior. [b8457a62](https://github.com/pivotal/LicenseFinder/commit/b8457a62e7b531294934364d1e5f72cd78a7686a) - Alexander-Malott
22
+
23
+ ### Security
24
+ * Fix issue where commands could be injected running on Cocoapods projects. [b0a61a2d](https://github.com/pivotal/LicenseFinder/commit/b0a61a2d833921c714cc39cdda8ba80af3f33d04)
25
+
26
+ Thanks to Joern SchneeweiszStaff Security Engineer, Security Research | GitLab for raising the issue
27
+
28
+
29
+ # [6.13.0] / 2021-04-27
30
+
31
+ ### Fixed
32
+ * Ignore packages with nil modules - [4eca0ec1](https://github.com/pivotal/LicenseFinder/commit/4eca0ec15dc6266afa48b74b3742278351246eb8)
33
+
1
34
  # [6.12.2] / 2021-04-14
2
35
 
3
36
  ### Changed
@@ -948,3 +981,7 @@ Bugfixes:
948
981
  [6.12.0]: https://github.com/pivotal/LicenseFinder/compare/v6.11.0...v6.12.0
949
982
  [6.12.1]: https://github.com/pivotal/LicenseFinder/compare/v6.12.0...v6.12.1
950
983
  [6.12.2]: https://github.com/pivotal/LicenseFinder/compare/v6.12.1...v6.12.2
984
+ [6.13.0]: https://github.com/pivotal/LicenseFinder/compare/v6.12.2...v6.13.0
985
+ [6.14.1]: https://github.com/pivotal/LicenseFinder/compare/v6.13.0...v6.14.1
986
+ [6.14.2]: https://github.com/pivotal/LicenseFinder/compare/v6.14.1...v6.14.2
987
+ [6.15.0]: https://github.com/pivotal/LicenseFinder/compare/v6.14.2...v6.15.0
data/Dockerfile CHANGED
@@ -1,4 +1,6 @@
1
- FROM ubuntu:xenial
1
+ FROM ubuntu:bionic
2
+
3
+ WORKDIR /tmp
2
4
 
3
5
  # Versioning
4
6
  ENV PIP_INSTALL_VERSION 19.0.2
@@ -18,7 +20,8 @@ RUN apt-get update && apt-get install -y \
18
20
  sudo \
19
21
  unzip \
20
22
  wget \
21
- gnupg2 \
23
+ gnupg2 \
24
+ apt-utils \
22
25
  software-properties-common \
23
26
  bzr
24
27
 
@@ -76,7 +79,6 @@ RUN mkdir -p /usr/local/share/sbt-launcher-packaging && \
76
79
  rm -f "/tmp/sbt-${SBT_VERSION}.tgz"
77
80
 
78
81
  # install gradle
79
- WORKDIR /tmp
80
82
  RUN curl -L -o gradle.zip https://services.gradle.org/distributions/gradle-$GRADLE_VERSION-bin.zip && \
81
83
  unzip -q gradle.zip && \
82
84
  rm gradle.zip && \
@@ -102,6 +104,7 @@ RUN mkdir /gopath && \
102
104
  go get -u github.com/rancher/trash && \
103
105
  go clean -cache
104
106
 
107
+ WORKDIR /tmp
105
108
  # Fix the locale
106
109
  RUN apt-get install -y locales
107
110
  RUN locale-gen en_US.UTF-8
@@ -109,11 +112,16 @@ ENV LANG=en_US.UTF-8
109
112
  ENV LANGUAGE=en_US:en
110
113
  ENV LC_ALL=en_US.UTF-8
111
114
 
115
+ # install Cargo
116
+ RUN curl https://sh.rustup.rs -sSf | bash -ls -- -y --profile minimal
117
+
112
118
  #install rvm
113
119
  RUN apt-add-repository -y ppa:rael-gc/rvm && \
114
120
  apt update && apt install -y rvm && \
115
121
  /usr/share/rvm/bin/rvm install --default $RUBY_VERSION
116
- ENV PATH=/usr/share/rvm/bin:$PATH
122
+
123
+ # install bundler
124
+ RUN bash -lc "gem update --system && gem install bundler"
117
125
 
118
126
  #install mix
119
127
  RUN wget https://packages.erlang-solutions.com/erlang-solutions_${MIX_VERSION}_all.deb && \
@@ -123,41 +131,40 @@ RUN wget https://packages.erlang-solutions.com/erlang-solutions_${MIX_VERSION}_a
123
131
  sudo apt-get install -y esl-erlang && \
124
132
  sudo apt-get install -y elixir
125
133
 
126
- # install bundler
127
- RUN bash -lc "gem update --system && gem install bundler"
128
-
129
134
  # install conan
130
135
  RUN apt-get install -y python-dev && \
131
136
  pip install --no-cache-dir --ignore-installed six --ignore-installed colorama \
132
137
  --ignore-installed requests --ignore-installed chardet \
133
138
  --ignore-installed urllib3 \
134
139
  --upgrade setuptools && \
135
- pip install --no-cache-dir -Iv conan==1.11.2
140
+ pip install --no-cache-dir -Iv conan==1.43.0 && \
141
+ conan config install https://github.com/conan-io/conanclientcert.git
136
142
 
137
- # install Cargo
138
- RUN curl https://sh.rustup.rs -sSf | bash -s -- -y --profile minimal
139
143
 
140
144
  # install NuGet (w. mono)
141
145
  # https://docs.microsoft.com/en-us/nuget/install-nuget-client-tools#macoslinux
142
146
  RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF &&\
143
- echo "deb https://download.mono-project.com/repo/ubuntu stable-xenial main" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list &&\
147
+ echo "deb https://download.mono-project.com/repo/ubuntu stable-bionic main" | sudo tee /etc/apt/sources.list.d/mono-official-stable.list &&\
144
148
  apt-get update &&\
145
149
  apt-get install -y mono-complete &&\
146
150
  curl -o "/usr/local/bin/nuget.exe" "https://dist.nuget.org/win-x86-commandline/latest/nuget.exe" &&\
147
151
  curl -o "/usr/local/bin/nugetv3.5.0.exe" "https://dist.nuget.org/win-x86-commandline/v3.5.0/nuget.exe"
148
152
 
149
153
  # install dotnet core
150
- WORKDIR /tmp
151
- RUN wget -q https://packages.microsoft.com/config/ubuntu/16.04/packages-microsoft-prod.deb &&\
154
+ RUN wget -q https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb &&\
152
155
  sudo dpkg -i packages-microsoft-prod.deb &&\
153
156
  rm packages-microsoft-prod.deb &&\
154
157
  sudo apt-get update &&\
155
158
  sudo apt-get install -y dotnet-runtime-2.1 dotnet-sdk-2.1 dotnet-sdk-2.2 dotnet-sdk-3.0 dotnet-sdk-3.1
156
159
 
157
160
  # install Composer
161
+ # The ARG and ENV are for installing tzdata which is part of this installaion.
162
+ # https://serverfault.com/questions/949991/how-to-install-tzdata-on-a-ubuntu-docker-image
163
+ ENV TZ=GMT
158
164
  RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 4F4EA0AAE5267A6C &&\
159
- echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu xenial main" | sudo tee /etc/apt/sources.list.d/php.list &&\
165
+ echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu bionic main" | sudo tee /etc/apt/sources.list.d/php.list &&\
160
166
  apt-get update &&\
167
+ export DEBIAN_FRONTEND=noninteractive &&\
161
168
  apt-get install -y php7.4-cli &&\
162
169
  EXPECTED_COMPOSER_INSTALLER_CHECKSUM="$(curl --silent https://composer.github.io/installer.sig)" &&\
163
170
  php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" &&\
@@ -170,7 +177,6 @@ RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 4F4EA0AAE5
170
177
  # install miniconda
171
178
  # See https://docs.conda.io/en/latest/miniconda_hashes.html
172
179
  # for latest versions and SHAs.
173
- WORKDIR /tmp
174
180
  RUN \
175
181
  conda_installer=Miniconda3-py38_4.9.2-Linux-x86_64.sh &&\
176
182
  ref='1314b90489f154602fd794accfc90446111514a5a72fe1f71ab83e07de9504a7' &&\
@@ -179,6 +185,61 @@ RUN \
179
185
  ([ "$sha" = "${ref}" ] || (echo "Verification failed: ${sha} != ${ref}"; false)) &&\
180
186
  (echo; echo "yes") | sh "${conda_installer}"
181
187
 
188
+ # install Swift Package Manager
189
+ # Based on https://github.com/apple/swift-docker/blob/main/5.3/ubuntu/18.04/Dockerfile
190
+ # The GPG download steps has been modified. Keys are now on LF repo and copied instaad of downloaded.
191
+ # Refer to https://swift.org/download/#using-downloads in the Linux section on how to download the keys
192
+ RUN apt-get -q install -y \
193
+ libatomic1 \
194
+ libcurl4 \
195
+ libxml2 \
196
+ libedit2 \
197
+ libsqlite3-0 \
198
+ libc6-dev \
199
+ binutils \
200
+ libgcc-5-dev \
201
+ libstdc++-5-dev \
202
+ zlib1g-dev \
203
+ libpython2.7 \
204
+ tzdata \
205
+ git \
206
+ pkg-config \
207
+ && rm -r /var/lib/apt/lists/*
208
+
209
+ # pub 4096R/ED3D1561 2019-03-22 [SC] [expires: 2023-03-23]
210
+ # Key fingerprint = A62A E125 BBBF BB96 A6E0 42EC 925C C1CC ED3D 1561
211
+ # uid Swift 5.x Release Signing Key <swift-infrastructure@swift.org
212
+ ARG SWIFT_SIGNING_KEY=A62AE125BBBFBB96A6E042EC925CC1CCED3D1561
213
+ ARG SWIFT_PLATFORM=ubuntu18.04
214
+ ARG SWIFT_BRANCH=swift-5.3.3-release
215
+ ARG SWIFT_VERSION=swift-5.3.3-RELEASE
216
+ ARG SWIFT_WEBROOT=https://download.swift.org
217
+
218
+ ENV SWIFT_SIGNING_KEY=$SWIFT_SIGNING_KEY \
219
+ SWIFT_PLATFORM=$SWIFT_PLATFORM \
220
+ SWIFT_BRANCH=$SWIFT_BRANCH \
221
+ SWIFT_VERSION=$SWIFT_VERSION \
222
+ SWIFT_WEBROOT=$SWIFT_WEBROOT
223
+
224
+ COPY swift-all-keys.asc .
225
+ RUN set -e; \
226
+ SWIFT_WEBDIR="$SWIFT_WEBROOT/$SWIFT_BRANCH/$(echo $SWIFT_PLATFORM | tr -d .)" \
227
+ && SWIFT_BIN_URL="$SWIFT_WEBDIR/$SWIFT_VERSION/$SWIFT_VERSION-$SWIFT_PLATFORM.tar.gz" \
228
+ && SWIFT_SIG_URL="$SWIFT_BIN_URL.sig" \
229
+ # - Grab curl here so we cache better up above
230
+ && export DEBIAN_FRONTEND=noninteractive \
231
+ && apt-get -q update && apt-get -q install -y curl && rm -rf /var/lib/apt/lists/* \
232
+ # - Download the GPG keys, Swift toolchain, and toolchain signature, and verify.
233
+ && export GNUPGHOME="$(mktemp -d)" \
234
+ && curl -fsSL "$SWIFT_BIN_URL" -o swift.tar.gz "$SWIFT_SIG_URL" -o swift.tar.gz.sig \
235
+ && gpg --import swift-all-keys.asc \
236
+ && gpg --batch --verify swift.tar.gz.sig swift.tar.gz \
237
+ # - Unpack the toolchain, set libs permissions, and clean up.
238
+ && tar -xzf swift.tar.gz --directory / --strip-components=1 \
239
+ && chmod -R o+r /usr/lib/swift \
240
+ && rm -rf "$GNUPGHOME" swift.tar.gz.sig swift.tar.gz \
241
+ set +e
242
+
182
243
  # install license_finder
183
244
  COPY . /LicenseFinder
184
245
  RUN bash -lc "cd /LicenseFinder && bundle config set no-cache 'true' && bundle install -j4 && rake install"
data/README.md CHANGED
@@ -44,7 +44,7 @@ and give you an actionable exception report.
44
44
  ### Experimental project types
45
45
 
46
46
  * Erlang (via `rebar` and `Erlang.mk`)
47
- * Objective-C, Swift (via Carthage or CocoaPods \[0.39 and below. See [CocoaPods Specs Repo Sharding](http://blog.cocoapods.org/Sharding/)\])
47
+ * Objective-C, Swift (via Carthage, CocoaPods \[0.39 and below. See [CocoaPods Specs Repo Sharding](http://blog.cocoapods.org/Sharding/)\]) and Swift Package Manager)
48
48
  * Objective-C (+ CocoaPods 0.39 and below. See [CocoaPods Specs Repo Sharding](http://blog.cocoapods.org/Sharding/))
49
49
  * Elixir (via `mix`)
50
50
  * Golang (via `gvt`, `glide`,`dep`, `trash` and `govendor`)
@@ -176,6 +176,7 @@ languages, as long as that language has a package definition in the project dire
176
176
  * `bower.json` (for `bower`)
177
177
  * `Podfile` (for `pod`)
178
178
  * `Cartfile` (for `carthage`)
179
+ * `workspace-state.json` under build directory (provided as enviroment variable `SPM_DERIVED_DATA` for Xcode, or default `.build` for non-Xcode projects), (for `spm`)
179
180
  * `rebar.config` (for `rebar`)
180
181
  * `Erlang.mk` or `erlang.mk` file (for `Erlang.mk`)
181
182
  * `mix.exs` (for `mix`)
data/VERSION CHANGED
@@ -1 +1 @@
1
- 6.12.2
1
+ 6.15.0
@@ -1,5 +1,4 @@
1
1
  #!/usr/bin/env python
2
-
3
2
  import json
4
3
  import sys
5
4
 
@@ -21,12 +20,16 @@ except ImportError:
21
20
  from pip._vendor import pkg_resources
22
21
  from pip._vendor.six import print_
23
22
 
23
+
24
24
  reqs = []
25
25
  for req in parse_requirements(sys.argv[1], session=PipSession()):
26
- if req.req == None or (req.markers != None and not req.markers.evaluate()): continue
27
- reqs.append(req)
28
-
29
- requirements = [pkg_resources.Requirement.parse(str(req.req)) for req in reqs]
26
+ try:
27
+ if req.req is not None and (req.markers is None or req.markers.evaluate()):
28
+ reqs.append(pkg_resources.Requirement.parse(str(req.req)))
29
+ except AttributeError:
30
+ # Since pip 20.1 (pip now takes care of markers at the resolve step)
31
+ if req.requirement is not None:
32
+ reqs.append(pkg_resources.Requirement.parse(str(req.requirement)))
30
33
 
31
34
  transform = lambda dist: {
32
35
  'name': dist.project_name,
@@ -35,7 +38,6 @@ transform = lambda dist: {
35
38
  'dependencies': list(map(lambda dependency: dependency.project_name, dist.requires())),
36
39
  }
37
40
 
38
- packages = [transform(dist) for dist
39
- in pkg_resources.working_set.resolve(requirements)]
40
41
 
42
+ packages = [transform(dist) for dist in pkg_resources.working_set.resolve(reqs)]
41
43
  print_(json.dumps(packages))
data/dlf CHANGED
@@ -1,10 +1,14 @@
1
1
  #!/bin/bash
2
2
  if `which docker > /dev/null`; then
3
- if [ $# -eq 0 ]; then
4
- docker run -v $PWD:/scan -it licensefinder/license_finder
5
- else
6
- docker run -v $PWD:/scan -it licensefinder/license_finder /bin/bash -lc "cd /scan && `echo $@`"
7
- fi
3
+ if [ $# -eq 0 ]; then
4
+ docker run -v $PWD:/scan -it licensefinder/license_finder
5
+ else
6
+ escaped_params=""
7
+ for p in "$@"; do
8
+ escaped_params="$escaped_params \"$p\""
9
+ done
10
+ docker run -v $PWD:/scan -it licensefinder/license_finder /bin/bash -lc "cd /scan && $escaped_params"
11
+ fi
8
12
  else
9
13
  echo "You do not have docker installed. Please install it:"
10
14
  echo " https://docs.docker.com/engine/installation/"
@@ -42,6 +42,7 @@ module LicenseFinder
42
42
  :gradle_include_groups,
43
43
  :maven_include_groups,
44
44
  :maven_options,
45
+ :npm_options,
45
46
  :pip_requirements_path,
46
47
  :python_version,
47
48
  :rebar_command,
@@ -30,6 +30,7 @@ module LicenseFinder
30
30
  Defaults to 'gradlew' / 'gradlew.bat' if the wrapper is present, otherwise to 'gradle'."
31
31
  class_option :maven_include_groups, desc: 'Whether dependency name should include group id. Only meaningful if used with a Java/maven project. Defaults to false.'
32
32
  class_option :maven_options, desc: 'Maven options to append to command. Defaults to empty.'
33
+ class_option :npm_options, desc: 'npm options to append to command. Defaults to empty.'
33
34
  class_option :pip_requirements_path, desc: 'Path to python requirements file. Defaults to requirements.txt.'
34
35
  class_option :python_version, desc: 'Python version to invoke pip with. Valid versions: 2 or 3. Default: 2'
35
36
  class_option :rebar_command, desc: "Command to use when fetching rebar packages. Only meaningful if used with a Erlang/rebar project. Defaults to 'rebar'."
@@ -93,6 +93,10 @@ module LicenseFinder
93
93
  get(:maven_options)
94
94
  end
95
95
 
96
+ def npm_options
97
+ get(:npm_options)
98
+ end
99
+
96
100
  def pip_requirements_path
97
101
  get(:pip_requirements_path)
98
102
  end
@@ -99,6 +99,7 @@ module LicenseFinder
99
99
  gradle_include_groups: config.gradle_include_groups,
100
100
  maven_include_groups: config.maven_include_groups,
101
101
  maven_options: config.maven_options,
102
+ npm_options: config.npm_options,
102
103
  pip_requirements_path: config.pip_requirements_path,
103
104
  python_version: config.python_version,
104
105
  rebar_command: config.rebar_command,
@@ -27,7 +27,8 @@ module LicenseFinder
27
27
  ruby,
28
28
  simplifiedbsd,
29
29
  wtfpl,
30
- zerobsd
30
+ zerobsd,
31
+ zlib
31
32
  ]
32
33
  end
33
34
 
@@ -349,6 +350,17 @@ module LicenseFinder
349
350
  matcher: matcher
350
351
  )
351
352
  end
353
+
354
+ def zlib
355
+ License.new(
356
+ short_name: 'Zlib',
357
+ pretty_name: 'zlib/libpng license',
358
+ other_names: [
359
+ 'zlib License'
360
+ ],
361
+ url: 'https://opensource.org/licenses/Zlib'
362
+ )
363
+ end
352
364
  end
353
365
  end
354
366
  end
@@ -0,0 +1,17 @@
1
+ Copyright (c) <year> <copyright holders>
2
+
3
+ This software is provided 'as-is', without any express or implied
4
+ warranty. In no event will the authors be held liable for any damages
5
+ arising from the use of this software.
6
+
7
+ Permission is granted to anyone to use this software for any purpose,
8
+ including commercial applications, and to alter it and redistribute it
9
+ freely, subject to the following restrictions:
10
+
11
+ 1. The origin of this software must not be misrepresented; you must not
12
+ claim that you wrote the original software. If you use this software
13
+ in a product, an acknowledgment in the product documentation would be
14
+ appreciated but is not required.
15
+ 2. Altered source versions must be plainly marked as such, and must not be
16
+ misrepresented as being the original software.
17
+ 3. This notice may not be removed or altered from any source distribution.
@@ -5,6 +5,7 @@ module LicenseFinder
5
5
  module Text
6
6
  SPACES = /\s+/.freeze
7
7
  QUOTES = /['`"]{1,2}/.freeze
8
+ YEAR_PLACEHOLDERS = /<year>/.freeze
8
9
  PLACEHOLDERS = /<[^<>]+>/.freeze
9
10
  SPECIAL_SINGLE_QUOTES = /[‘’]/.freeze
10
11
  SPECIAL_DOUBLE_QUOTES = /[“”„«»]/.freeze
@@ -32,6 +33,7 @@ module LicenseFinder
32
33
 
33
34
  def self.compile_to_regex(text)
34
35
  Regexp.new(Regexp.escape(normalize_punctuation(text))
36
+ .gsub(YEAR_PLACEHOLDERS, '(\S*)')
35
37
  .gsub(PLACEHOLDERS, '(.*)')
36
38
  .gsub(',', '(,)?')
37
39
  .gsub('HOLDER', '(HOLDER|OWNER)')
@@ -188,6 +188,7 @@ require 'license_finder/packages/maven_package'
188
188
  require 'license_finder/packages/gradle_package'
189
189
  require 'license_finder/packages/cocoa_pods_package'
190
190
  require 'license_finder/packages/carthage_package'
191
+ require 'license_finder/packages/spm_package'
191
192
  require 'license_finder/packages/rebar_package'
192
193
  require 'license_finder/packages/erlangmk_package'
193
194
  require 'license_finder/packages/mix_package'
@@ -165,6 +165,7 @@ require 'license_finder/package_managers/maven'
165
165
  require 'license_finder/package_managers/mix'
166
166
  require 'license_finder/package_managers/cocoa_pods'
167
167
  require 'license_finder/package_managers/carthage'
168
+ require 'license_finder/package_managers/spm'
168
169
  require 'license_finder/package_managers/gradle'
169
170
  require 'license_finder/package_managers/rebar'
170
171
  require 'license_finder/package_managers/erlangmk'
@@ -53,7 +53,9 @@ module LicenseFinder
53
53
  end
54
54
 
55
55
  def read_plist(pathname)
56
- JSON.parse(`plutil -convert json -o - '#{pathname}'`)
56
+ transformed_pathname = pathname.gsub!(%r{[^0-9A-Za-z. \-'/]}, '')
57
+ transformed_pathname = pathname if transformed_pathname.nil?
58
+ JSON.parse(`plutil -convert json -o - '#{transformed_pathname}'`)
57
59
  end
58
60
  end
59
61
  end
@@ -18,10 +18,10 @@ module LicenseFinder
18
18
 
19
19
  deps = info_parser.parse(info_output)
20
20
  deps.map do |dep|
21
- name, version = dep['name'].split('@').first.split('/')
21
+ name, version = dep['name'].split('/')
22
22
  url = dep['URL']
23
23
  license_file_path = Dir.glob("#{project_path}/licenses/#{name}/**/LICENSE*").first
24
- ConanPackage.new(name, version, File.open(license_file_path).read, url) unless name == 'PROJECT'
24
+ ConanPackage.new(name, version, File.open(license_file_path).read, url) unless name == 'conanfile.txt'
25
25
  end.compact
26
26
  end
27
27
  end
@@ -33,6 +33,8 @@ module LicenseFinder
33
33
  # Explanations:
34
34
  # * Only list dependencies (packages not listed in the project directory)
35
35
  # (.DepOnly)
36
+ # * Ignore packages that have nil modules
37
+ # (.Module)
36
38
  # * Ignore standard library packages
37
39
  # (not .Standard)
38
40
  # * Replacement modules are respected
@@ -40,7 +42,7 @@ module LicenseFinder
40
42
  # * Module cache directory or (vendored) package directory
41
43
  # (or $mod.Dir .Dir)
42
44
  format_str = \
43
- '{{ if and (.DepOnly) (not .Standard) }}'\
45
+ '{{ if and (.DepOnly) (.Module) (not .Standard) }}'\
44
46
  '{{ $mod := (or .Module.Replace .Module) }}'\
45
47
  '{{ $mod.Path }},{{ $mod.Version }},{{ or $mod.Dir .Dir }}'\
46
48
  '{{ end }}'
@@ -5,6 +5,11 @@ require 'tempfile'
5
5
 
6
6
  module LicenseFinder
7
7
  class NPM < PackageManager
8
+ def initialize(options = {})
9
+ super
10
+ @npm_options = options[:npm_options]
11
+ end
12
+
8
13
  def current_packages
9
14
  NpmPackage.packages_from_json(npm_json, detected_package_path)
10
15
  end
@@ -35,6 +40,7 @@ module LicenseFinder
35
40
 
36
41
  def npm_json
37
42
  command = "#{package_management_command} list --json --long#{production_flag}"
43
+ command += " #{@npm_options}" unless @npm_options.nil?
38
44
  stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(command) }
39
45
  # we can try and continue if we got an exit status 1 - unmet peer dependency
40
46
  raise "Command '#{command}' failed to execute: #{stderr}" if !status.success? && status.exitstatus != 1
@@ -0,0 +1,93 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'json'
4
+
5
+ module LicenseFinder
6
+ class Spm < PackageManager
7
+ class SpmError < RuntimeError; end
8
+
9
+ def current_packages
10
+ unless File.exist?(workspace_state_path)
11
+ raise SpmError, 'No checked-out SPM packages found.
12
+ Please install your dependencies first.'
13
+ end
14
+
15
+ workspace_state = JSON.parse(IO.read(workspace_state_path))
16
+ workspace_state['object']['dependencies'].map do |dependency|
17
+ package_ref = dependency['packageRef']
18
+ checkout_state = dependency['state']['checkoutState']
19
+
20
+ subpath = dependency['subpath']
21
+ package_name = package_ref['name']
22
+ package_version = checkout_state['version'] || checkout_state['revision']
23
+ homepage = package_ref['path']
24
+
25
+ SpmPackage.new(
26
+ package_name,
27
+ package_version,
28
+ license_text(subpath),
29
+ logger: logger,
30
+ install_path: project_checkout(subpath),
31
+ homepage: homepage
32
+ )
33
+ end
34
+ end
35
+
36
+ def package_management_command
37
+ LicenseFinder::Platform.darwin? ? 'xcodebuild' : 'swift'
38
+ end
39
+
40
+ def prepare_command
41
+ LicenseFinder::Platform.darwin? ? 'xcodebuild -resolvePackageDependencies' : 'swift package resolve'
42
+ end
43
+
44
+ def possible_package_paths
45
+ [workspace_state_path]
46
+ end
47
+
48
+ private
49
+
50
+ def resolved_package
51
+ if File.exist?(resolved_path)
52
+ @resolved_file ||= IO.read(resolved_path)
53
+ else
54
+ raise SpmError, 'No Package.resolved found.
55
+ Please install your dependencies first and provide it via environment variable
56
+ SPM_PACKAGE_RESOLVED'
57
+ end
58
+ end
59
+
60
+ def resolved_path
61
+ # Xcode projects have SPM packages info under project's derived data location
62
+ derived_data_folder = ENV['SPM_DERIVED_DATA']
63
+ if derived_data_folder
64
+ pathname = Pathname.new(derived_data_folder)
65
+ pathname.absolute? ? pathname : project_path.join(derived_data_folder)
66
+ else
67
+ project_path.join('.build')
68
+ end
69
+ end
70
+
71
+ def workspace_state_path
72
+ resolved_path.join('workspace-state.json')
73
+ end
74
+
75
+ def license_text(subpath)
76
+ license_path = license_pattern(subpath).find { |f| File.exist?(f) }
77
+ license_path.nil? ? nil : IO.read(license_path)
78
+ end
79
+
80
+ def project_checkout(subpath)
81
+ resolved_path.join('checkouts', subpath)
82
+ end
83
+
84
+ def license_pattern(subpath)
85
+ checkout_path = project_checkout(subpath)
86
+ Dir.glob(checkout_path.join('LICENSE*'), File::FNM_CASEFOLD)
87
+ end
88
+
89
+ def name_version_from_line(cartfile_line)
90
+ cartfile_line.split(' ')[1, 2].map { |f| f.split('/').last.delete('"').gsub('.git', '') }
91
+ end
92
+ end
93
+ end
@@ -9,7 +9,7 @@ module LicenseFinder
9
9
  end
10
10
 
11
11
  def current_packages
12
- cmd = "#{Yarn::SHELL_COMMAND}#{production_flag}"
12
+ cmd = "#{Yarn::SHELL_COMMAND}#{yarn1_production_flag}"
13
13
  suffix = " --cwd #{project_path}" unless project_path.nil?
14
14
  cmd += suffix unless suffix.nil?
15
15
 
@@ -39,7 +39,7 @@ module LicenseFinder
39
39
  end
40
40
 
41
41
  def prepare
42
- prep_cmd = "#{prepare_command}#{production_flag}"
42
+ prep_cmd = prepare_command.to_s
43
43
  _stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(prep_cmd) }
44
44
  return if status.success?
45
45
 
@@ -56,11 +56,33 @@ module LicenseFinder
56
56
  end
57
57
 
58
58
  def prepare_command
59
- 'yarn install --ignore-engines --ignore-scripts'
59
+ if yarn2_project?
60
+ yarn2_prepare_command
61
+ else
62
+ yarn1_prepare_command
63
+ end
60
64
  end
61
65
 
62
66
  private
63
67
 
68
+ def yarn2_prepare_command
69
+ "#{yarn2_production_flag}yarn install"
70
+ end
71
+
72
+ def yarn1_prepare_command
73
+ "yarn install --ignore-engines --ignore-scripts#{yarn1_production_flag}"
74
+ end
75
+
76
+ def yarn2_project?
77
+ Dir.chdir(project_path) do
78
+ version_string, stderr_str, status = Cmd.run('yarn -v')
79
+ raise "Command 'yarn -v' failed to execute: #{stderr_str}" unless status.success?
80
+
81
+ version = version_string.split('.').map(&:to_i)
82
+ return version[0] >= 2
83
+ end
84
+ end
85
+
64
86
  def packages_from_json(json_data)
65
87
  body = json_data['body']
66
88
  head = json_data['head']
@@ -98,10 +120,16 @@ module LicenseFinder
98
120
  all_packages - [yarn_internal_package]
99
121
  end
100
122
 
101
- def production_flag
123
+ def yarn1_production_flag
102
124
  return '' if @ignored_groups.nil?
103
125
 
104
126
  @ignored_groups.include?('devDependencies') ? ' --production' : ''
105
127
  end
128
+
129
+ def yarn2_production_flag
130
+ return '' if @ignored_groups.nil?
131
+
132
+ @ignored_groups.include?('devDependencies') ? 'yarn plugin import workspace-tools && yarn workspaces focus --all --production && ' : ''
133
+ end
106
134
  end
107
135
  end
@@ -0,0 +1,18 @@
1
+ # frozen_string_literal: true
2
+
3
+ module LicenseFinder
4
+ class SpmPackage < Package
5
+ def initialize(name, version, license_text, options = {})
6
+ super(name, version, options)
7
+ @license = License.find_by_text(license_text.to_s)
8
+ end
9
+
10
+ def licenses_from_spec
11
+ [@license].compact
12
+ end
13
+
14
+ def package_manager
15
+ 'Spm'
16
+ end
17
+ end
18
+ end
@@ -5,7 +5,7 @@ module LicenseFinder
5
5
  PACKAGE_MANAGERS = [
6
6
  GoModules, GoDep, GoWorkspace, Go15VendorExperiment, Glide, Gvt, Govendor, Trash, Dep, Bundler, NPM, Pip,
7
7
  Yarn, Bower, Maven, Gradle, CocoaPods, Rebar, Erlangmk, Nuget, Carthage, Mix, Conan, Sbt, Cargo, Dotnet, Composer, Pipenv,
8
- Conda
8
+ Conda, Spm
9
9
  ].freeze
10
10
 
11
11
  class << self
@@ -50,7 +50,7 @@ Gem::Specification.new do |s|
50
50
  s.add_dependency 'with_env', '1.1.0'
51
51
  s.add_dependency 'xml-simple', '~> 1.1.5'
52
52
 
53
- s.add_development_dependency 'addressable', '2.7.0'
53
+ s.add_development_dependency 'addressable', '2.8.0'
54
54
  s.add_development_dependency 'capybara', '~> 3.15.0'
55
55
  s.add_development_dependency 'cocoapods', '>= 1.0.0' if RUBY_PLATFORM =~ /darwin/
56
56
  s.add_development_dependency 'fakefs', '~> 1.2.0'
@@ -0,0 +1,240 @@
1
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
2
+ Version: GnuPG v2.0.14 (GNU/Linux)
3
+
4
+ mQINBFZNNIwBEADNFSwCfUUyXZujWzQCqYLlvRwZkuMUcJQH4NRwC/an9KwilFrz
5
+ pf/+atZFSciMx5R9vOG2odWbwBYU7t8XEd/NYCgyTwMNxAFkuaN1E0b/3mOWwbT5
6
+ 91HziQNy0jDUlM28370pyv0rBTHvPbBQlo7BxJbwQXL3rs3KObAnhTG51aLztGds
7
+ OTxZDdpNY07dPGKJevP61l35yZI40tUmCKn/z4sLmX+DoUUplA35SMRnvQjd/pGF
8
+ 9BTAFzLfsbN0caBixy++0ZIyK9ep1dezhqisUndE/rNk8KPNAM5zeFA1onzEEGFc
9
+ gk4iZ0N/S7dVb7N4Uhn8C/87E9yUkrzO0Kl+p2zumORiqIvkv9vtHMaKa6rBP/vI
10
+ iG02eiLmaWdDkg7afpJjnC6WrrJoBe/lbDAYrbD5eR4KGHdxMtAdh0sYZrZR8T4m
11
+ gI6alC8PjYY22wiNLeekATobDu5JVQna0525L57gpbLOhSjXk/69HHw/l7d/e6br
12
+ 35rmMYGJd/9Q1w/4gMo8tX5m1WaoQxac4tZs8bBRKNP7YJkHmwfVG21h0KA91yFA
13
+ l1BMe9U+gomfqRoBCRXGDl1mHmyGqu59JjpYEP04Xu2dLCu8yt/HHYirMdsKIvHT
14
+ WKm6EvuQ4vFTQbPcdrMltL9yf8xG8EL0oDIbaSAnHI+sY+C30i0S557G3wARAQAB
15
+ tD9Td2lmdCBBdXRvbWF0aWMgU2lnbmluZyBLZXkgIzEgPHN3aWZ0LWluZnJhc3Ry
16
+ dWN0dXJlQHN3aWZ0Lm9yZz6JAj0EEwEKACcFAlZNNIwCGwMFCQPCZwAFCwkIBwMF
17
+ FQoJCAsFFgIDAQACHgECF4AACgkQ1EHJd0ErN63tFA/+N3ANSFFc2FcdimzisPOv
18
+ wBL8xSxQxUdsdELsht6WLh3buTunlIO36Ubo980hXyf6oxsfvMrDsn1eve28cpks
19
+ SXZxLpfQm96753mWICz1WJcoUv1EXpFKuqxb3OJXu6di11NQEtFNd9rM4x7MJQja
20
+ ICr5WXxzX0ObEUxY6xTjMlUyHkmR9ekEEPZUdrwpRFC847bV35vdCtMRztghecBH
21
+ tHMhTEbuYxpjBZ0hqIkLzDAiWenqca2P9YD2sgntTJFfZ3V/oi/REFxj5v5BmNQ2
22
+ wCyppoWDyD+oWJyh5dwuOc+xlYboN5EtIkuhS7/ZuvQipZpeJD7w4pkPO7l2Twal
23
+ aHulJJV5f40gpIniullTC/I6P9HIp94wZ+UPm3/9M4AiO0oB0x4uk+buA7nCZ5Oi
24
+ BaZKwO8nMFQBEaNuqKz+xLeokum3Alcwx3drwi0TlBX+GafrFFHwhdwDGuQsWpGT
25
+ vNl6LEBNduPvs57382W13aiYT/p470M/RuTt6qpLyLVsWmGO5oh8mm/WWGDzza6Q
26
+ 2NuUBcs2ZCECvRlEt//689elx7VDbJwE6Mw3V8bosGx8y4XcQYATFqxm7WflbBpo
27
+ 5HR9AST2Noc6g4VPepZSgi0T4lRbIsyLml7kIvOQBre4i36br0VLIUairez1mqpm
28
+ sG3P11076R+g/BcL4hg9jXE=
29
+ =ONEK
30
+ -----END PGP PUBLIC KEY BLOCK-----
31
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
32
+ Version: GnuPG v2
33
+
34
+ mQINBFZZS3oBEACbRmmzVwF/Zf/zGEZTGXWzeCjwmYcvCx/aqklIWRFC/PPRwZ53
35
+ rNgeVpEHNu31duF3JCEX/7fL9rmjnW0C2mQCzkvKF+rZNO+jPL/0/fsjVfnSXx+g
36
+ m9yVyPmR0XvR0Kk5PqjR8XH/syNblnCo16fr7YK/JMrGM9E/d+UomomXKALbgebX
37
+ oO0c8eA2Vij4b2BAFr+L54MTzquKqyEru9Ty2PTcIBxcEYqko8i3Ttej6WVMKphW
38
+ J9QNaeVF9mfHuA7zpFlwtfFOrUnA2Qh6IwT+w7o941q4TpzYNVlcR3IV2P51CZrG
39
+ zQAGRvWWmg5yswhyTEJpt0i4eLoqeJrcNZRT8FQjmcXgtdPvSFkJPi39e5LrT23M
40
+ /W5tHvnldFDd4RYQmoO3XcIJzyEe6yXNrcaTT386m2e+cjA0SwZ7l6kHVhMikaS3
41
+ FWccQ9VgWqLHZPd0f9oKdXbMMoIZs0D3F4hoz4oE6xkntEhw3Z3cVrKGpYuhJOKQ
42
+ yPoCaNEpnT9qaTU8BmG/ToUWXZDuhm3FOAOEOOtFFChfy/0+9HnS6Q2aogYuD++o
43
+ 6XNSFCwONIRnoHyIRjCA8ce/GNsxpBp7bjUDGLoQJzmki4O/lyxMxS5k0Z4mjLS+
44
+ xZo6OLt8LW5/w3YJUEU6PM88GhA1c3dm+U4mV3oW0QL0WG0b1tSxhLHf+wARAQAB
45
+ tD5Td2lmdCAyLjIgUmVsZWFzZSBTaWduaW5nIEtleSA8c3dpZnQtaW5mcmFzdHJ1
46
+ Y3R1cmVAc3dpZnQub3JnPokCPQQTAQoAJwUCVllLegIbAwUJA8JnAAULCQgHAwUV
47
+ CgkICwUWAgMBAAIeAQIXgAAKCRCfWX9NIaVtX/L3D/9NJVFh9tBYgzwtbhgHTVxq
48
+ U3VKeKUIvvWxETtaYmKsL8BPBwVM2IHDPyiOGczxe7RbpNszoIY/EBKNsI7yOnon
49
+ qrMebQVpzV0wK2WwfHKnXYXXFeWADapwBGEcST7WNwX+la/oJOQtBZpMbBHDia4C
50
+ g7EENIdeWDRHxzl785PSlAOERvaKsPlFk3bolQl/Vhy5YZIe4Mt9KN5LZ2E+xz3Q
51
+ DDplOTi3I2df9Maf9UOxrS7zk2NvHw+5YeqNs7cqp++mjIRQ7/M+PGPx7PZMttBk
52
+ Y7sIn1m3uSZkK2nEWZ91b3pZdr3Sff2Ig1H+ConUqy9w0CqGSqCmY/6QP05J4kpv
53
+ ga1uNmKRJdv/pGHfTaoZ+dubm4+UzGpfzHdEhvmm4gC/+kU+nq5BuhvzO7iWKk0o
54
+ kZOKT642WSsp7TYKp96sMh2xeUbYl/eAHi8nQfGuYeo6n1NaUMtwb8jYusTuISuW
55
+ yWRSKaUanjjKGkl9LTpODWLkXHmqGJhp9l61AQ3fKDQgXuKuglWBfsZOhDRl+oYr
56
+ Q22LzpSd4ISG/gXN3X4ADeuWJpe8d+nvpc6KtuShgRT+KeqrE9BcXfDdEk56I0Xx
57
+ +eGb1v4f4nibyiCvw/mBDCRMIqOsc/jyqA9lydLMxv/Us7KNYqh/Dzx7obfRUE6L
58
+ 2S6Hfx8PaYq16WXdxd/PBg==
59
+ =5r2z
60
+ -----END PGP PUBLIC KEY BLOCK-----
61
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
62
+ Version: GnuPG v2
63
+
64
+ mQINBFdM2VsBEAC63xLZsLc7HBbJ1V7ak8dGNSDs2ibcaMKAuWU916UWjFX+KlZE
65
+ 8ruOVTol1KvA0cac6CX+Fd5SMirpxAaEUbYMwVEMzxOG7NhBp0wAJiO3LWsVoL4z
66
+ G7wIpdPzjxP32qUABpF0Z8uo5zhQL6uaWtmKIhlBlzUmhbxYFzGUuCO8Y94hCH5A
67
+ 9l5Oedin3D3/v2T60/B2rygmQ1fC372Peg6m0dR8PCp42Jm+VXjgF4yfGyP4MJPO
68
+ c1gq8AWNQ4Ex1qhQ9E/Mhbn88LvUQ+OO5u3iNw7AflBuvLaLy7VbD+pGpoGv3EdJ
69
+ LsDJg3dU4F9Ii2hLAD5Sushtjx6DwwFJvKFsm7QzG7OTQB0rC9Gtw/MpopafFI0e
70
+ Wo/6xmXnw9GQQ6uS8RoVri6Lfp4IpXdLZ3CMxBeJulmUpBdIFK+/SnyMfYW88tzx
71
+ DbEFpXa6SaksSXjAXuXhUu+h37YdIfWcbE0KUXH848RcRPnTUOBwsqE2UzLQjF3A
72
+ aPV7YIQxNNp0mUsRE+9R6yGhSog77jsu5XusswYEOfSU9p/bkQd5kJ5acTyHDU8A
73
+ +q/+O2T6aZqIFOhgXFiRj2TDGlqj4K+LUycpMWzPgn+KWKNnWgbJH1u3xXPnOZjT
74
+ 0i1Vm2umWd7OxzThSvlPGlvRLwPKWhdeFL37M3Bg3og1P5TgP7j4HT6Q2QARAQAB
75
+ tD5Td2lmdCAzLnggUmVsZWFzZSBTaWduaW5nIEtleSA8c3dpZnQtaW5mcmFzdHJ1
76
+ Y3R1cmVAc3dpZnQub3JnPokCPQQTAQoAJwUCV0zZWwIbAwUJA8JnAAULCQgHAwUV
77
+ CgkICwUWAgMBAAIeAQIXgAAKCRBjvBz+kdMGxjBhD/9RUFlNP0cG6RJPl51mPCtO
78
+ YMW/y5ssYyWi6u8q44Ccqit4EKjXUaeha4KSWQS9c+7q8bbfxbtl6AEsI+fxx3RA
79
+ mYMjXfPnpjxqJLvwXOzAmG8bZzycdKiC1XBINR3e/Jw4Zu/yj/GtWSG2+OogFfNH
80
+ n5Gg43B8D/fdqQkvlFXVuM0kMKPmAc+S1ikBvprpyjya47EKx5rWSf7pl/gm4jBE
81
+ dBrWdpaBicOQmuv+Vr59rj2/UCWdD/dZRtwB66qn/AIZIgEOLyW2s/Mu9VK5zoNs
82
+ oUZhRpe9t3eH59KbKvU+JdADMhBnUe3r4/HkSbHmPoML56g8RQV4T3LZa2sMt9Z3
83
+ UC7WFr3VfPxXHpI9BhY8HJvaB4ML6PvYuXHP7TYkrSQ9FMoxjHcwEE7cga8BzAHu
84
+ MxCuGrPryHRyApdFOh6oTts8/bjn+sb0VVvnAjFsAjDcBF18s5aI58eGLzLBgRnZ
85
+ jyGvZ20h+I0JE3vDydi3rVEBm/fgkUwTtBuEG/mIwIea9QEcMkv5dq1aYheav1NZ
86
+ Amqr2BsSl8PufUdfGgMKjMIR6Sv40mhTCUFSL1TG8OsaOecK7XXEjcpaQjCg1lqj
87
+ hL04ayrZehJzuiP30htRdbrFraDr/WQOPW3VqE0DtjVfaH7AARKLp/HRDOd5hiUU
88
+ RBrjB1unJxVpnKg4t0El0g==
89
+ =ssEv
90
+ -----END PGP PUBLIC KEY BLOCK-----
91
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
92
+ Version: GnuPG v2
93
+
94
+ mQINBFlAigEBEACbGsfWe5nCOFrYSpz6oPh9ihq0RZQlktSz7E3Ou0cwSNqOnGRO
95
+ s6z5pyPYlJgpvvaxsKcBS6R4DFq4/30Aut4Jj4T2qa0BXZqqrHrXyM8ucmpPpF0T
96
+ jcRJAQZg/Rj8AhelYtcNKml/j8b9n8p14K+u+Zp0SudaNxLdxIbr94eEEDd/ecH/
97
+ caGspqPuJjBanQNTzV9ws8ft7NLCdWnSvh5aiZrsWIrFfFxQm8zh9kCim2e3QX+p
98
+ wufMDIKH/uEaOlinVCmFJNXGqpeyRjrile+r6Bd8fJiFLFtUeIiCdyxD4nrV+iLx
99
+ ZAc6boVeSXdawPpX/eyXeH7NhpEofFz02W1EAoNFKgzdoEi6CBaA9P9Jrk/wRZuH
100
+ vR+Mzbuu5aXDwDCjhtFu2Mm3bmN5pt3xuYCYoCgOp1wEld+szMfSjQNNJfUkFwzU
101
+ eaHuaofXHQxuQ/uIEh8cr8/GEYtqGOU82T1raj3Sv1GcUfj5RO9k2rI7hWro8Hzc
102
+ oXjLTDfABSZJrsuDLrzMUDOSKb+R3rf7uDYf/bTWkpLwSvrJRQaMXkQm70WWBFF0
103
+ A75HxFBi8/9f35azYlFfCi0cEHAAHm0wdxU/D9b6TV/9zDedbgFl+/8xMBQiOX1r
104
+ WfQrXA7zONhZpc+to5tyzrV57+Q4buKQUibyYut/7Gl1FbVaD4LvAUpbqwARAQAB
105
+ tD5Td2lmdCA0LnggUmVsZWFzZSBTaWduaW5nIEtleSA8c3dpZnQtaW5mcmFzdHJ1
106
+ Y3R1cmVAc3dpZnQub3JnPokCPQQTAQoAJwUCWUCKAQIbAwUJA8JnAAULCQgHAwUV
107
+ CgkICwUWAgMBAAIeAQIXgAAKCRDvVDDwceGyNQE4D/4jyvkwjMzp3KSZKTMvcalT
108
+ JPmc4rkpqc1b3VJCTpG/QRK9faJAbUVBz+iJBRIA7OjsjW9nS+oEkschjs7mjdiA
109
+ U3XxtJMsZSJiO6TRdstJg0i2jT1yhQ7zuf8xeFEpx0Ekya05mYHiz3LdS2TZJcZZ
110
+ D713M1GFsb+bDRGk18nVvlUIDB+9jIoqLgXf3muzHUmF0VF1HHfjB5zHfd9h6P+n
111
+ DG5e/qA1MA6jaoGcHK31qoqvrLvoDMYlo6Nirq5Gsjf8rNTwij2GM1tNP8BIn2Y2
112
+ 5rgQ+UbZ3dUE+2KgUg+cqNtZPe0szHOInUew/Kq4ogRWgSWw/NbR+W5J5Ro9pCFJ
113
+ pJaLBhCDQ35CIfcp5Mn2qSr0UW+7U4wfsoI4Oui5/dRx4iXFLD2LRlQuLTe0vRDK
114
+ N6PcSeybtCyxeXXopWZvdNvO9oMoJ6vrorZciF+tcG9qaqaaf/Y1h7pfwiYkLvwp
115
+ 4RC/FFURZyjeyk8gfxaE1NfcnXM3rByW8br/gtL1VR/s3igKXk/rVeywlMeXyeXP
116
+ CxS1uflC2dxGfzFiNFJoQlS+0XYV4nYNTVALe4/css3LLFtLt9rBKe3U7JmXl52k
117
+ zyUq5nMsltYp3kg3dRYHejwzyrlVGt0Twos/Zqf8NztD9LPiVsZP/f84AobFsmkN
118
+ ex1agHRY0JDH1IrwmfVwrw==
119
+ =nP+X
120
+ -----END PGP PUBLIC KEY BLOCK-----
121
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
122
+ Version: GnuPG v2
123
+
124
+ mQINBFoBAhsBEACtaQbqQhwMedruhTrierPCHRy6ZmO4HuRdrd9LnOBSraQnHFb9
125
+ kc2IfuHwB6YytZg6VFy4iaFx6vOkZQk7bFiAMB5RwIdPm7OmHGAYWkKeDOCB3lJB
126
+ gJ0YdP7bMOGJL21RRZfUmkTMaT4zP3J0NeUL/mt4ezdJQyyWxdYigN2AgglAxZve
127
+ 27K+IjlQVvuAe5MWqPn4pTktjWxuDkIN2BvdWXz5Ycbewul7Hi9dZzaLIVDeTq2F
128
+ MUjR9FBJoNpJKjPTAeOyXj2jvHR753yAeRG/79sfeId9568XNxTi/2OXqdkvwg/q
129
+ huGbx0fgkqnkMw/0nvqDVsbnHXMdE0WNVluemt6I9hJvoHfOEBYYAZi4+spoVCJW
130
+ xwwgVt8tNTgbynejzr09d1RgVJH/OKcKCCOTtbbjUdtMt3MMbaBaN10AKKFWWBbR
131
+ Tom8J6wwM8LsKkFj0F5uzkG928C/vx5hFv3ZltlFUu9j8u4WU2kF1D1nzhw4E9+S
132
+ epq4jrWMa5Dvr9UhnkJCW0g/0vPnynbOcJaXyWQtqxdgAT9LxMBeMSd26O9UklaH
133
+ INivaw8l2SpdauJrYon0uhK8RTTp2rSt+SLHqgxsbmGmr5jTm1Z37EzffgoIFDOB
134
+ a+3zHaLJvkeZQXzbLAqzfHYSV9lUe7In+F9tqZ5l7702UqJmIWoGb6IGqwARAQAB
135
+ tD9Td2lmdCBBdXRvbWF0aWMgU2lnbmluZyBLZXkgIzIgPHN3aWZ0LWluZnJhc3Ry
136
+ dWN0dXJlQHN3aWZ0Lm9yZz6JAj0EEwEKACcFAloBAhsCGwMFCQPCZwAFCwkIBwMF
137
+ FQoJCAsFFgIDAQACHgECF4AACgkQdjjx+ysrCMSihxAApw7qKGfiN8a4bFVwKRdY
138
+ 7BLYu9HLetKHUJPerypKEKfUshU0X8Ns3lBxjSqNY2TvLyun1kbtUsxy+qi/X+HM
139
+ nb93ONYOAeny1DFxUdiehhVttTQQB3RXdmhHGytoxzHX62N/uo9tYW9xQ+gaK+QC
140
+ Rt6nZN0Prm6X+4vpQGD7H7O9cN8pw4YuoJRDwn6bFPl7WgqrYWX8/jvbXH1NjbJi
141
+ j6kXvDSzwtPQNsj7vTC5K4TBMgfBFw5kndu+1sEHAfPIbwK8w/EGr32eSRT6l3xk
142
+ TYFquL0S5NGCi9/pIqT90knsDqXyNer4xmwQ5FJPUTpdUbFz0o/DQvIFrbJ465Q4
143
+ feibfhpxVqLCpX8goosAS5nd0jRGicSYmoxdtUBUp4gn3ee3yI6JbA0TN8haczNC
144
+ e0FfQD9s9O+m6ft2/CzIx7YFeiIRhfcjfmGJ0+eAdpEsDqC5Hyc60hwHhPg222Ah
145
+ ASkhwDD9NejskxvdMUPALk2C41ZlR1dYqfXwUJJDPwNY210QQgBZ0+GG72ErYssh
146
+ 4sG5U9XRv4IZhFlgBVmMlfbSi71BawOy+IN7ii49m9AY7p6U+m7yoeZV2H8YJbTk
147
+ KhfnS3rZqsSU+ZYJYkGOxnQetkKUDGaVKdwJE49ll5R1/4om0h8aOOU8VyzrXPc9
148
+ cZMQ1BcfMNkeu81HaxE0Lpc=
149
+ =l0K5
150
+ -----END PGP PUBLIC KEY BLOCK-----
151
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
152
+ Version: GnuPG v2
153
+
154
+ mQINBFyUJhwBEADDBN6jVDScsgzfQDxSQga0Og4O3N/nIquwi/DGOgsAsTMWcVA1
155
+ gmRJb792vWa9CmnHILl3ap8zObDSbcXg90nx+eCzWJjG+Ud5c7xuam96NR8ntKmU
156
+ 8+BbH/dp8zc9WJB37TiWcaLsddrn58zfm7Ml6P9M48WAeRJX8nxVBTw1SjXJurW0
157
+ Ab8LOgfb60I09Skq72Ud7HaYJOG03iNTf6qLlF977OQsHCb21BnKSAmJqapUS96/
158
+ VOngz7TBzYz4rntfetb8hg28WtUl1s5BQzWaFunkP03b8mPh3PL1SZxutwViVWBu
159
+ hf9kJtx/MLb79fnuJEOus1FvDqJdpd83H+XmXMIDYWgcBIBVrLT5HDtRerjF178H
160
+ okb1F+gboGIqhnx25xTPIYctSHPgJRScZp4WKrqQLKswAmSL4YJXnkXSff05l4gE
161
+ WXQpEMLBZa46qmu8lj8HfoZSbP9lfvEtZ6A+Q3sfh3gjYPv7e6n37x22tSgvyzCb
162
+ jHU1pA2rv10AHK7EIeEQElN+zCyAbmKuhPBiCyxDFg5Dx3xNkYwg9szBJ0KleVD4
163
+ +Y3PZJ4N+u+SSATYnHGtmzvkhiNtqJCCwuaqY+jjVObzzqvLLtGjtjxNUWi2X4He
164
+ q+r2fubjCOW14UnQ06qfr3mVUSmuLSKs8BD8qTGuqlgcenGsY0bk0qUPcwARAQAB
165
+ tD5Td2lmdCA1LnggUmVsZWFzZSBTaWduaW5nIEtleSA8c3dpZnQtaW5mcmFzdHJ1
166
+ Y3R1cmVAc3dpZnQub3JnPokCPQQTAQoAJwUCXJQmHAIbAwUJA8JnAAULCQgHAwUV
167
+ CgkICwUWAgMBAAIeAQIXgAAKCRCSXMHM7T0VYSm3EACUtuxMfTmGexA2xBvGhKQ+
168
+ bi3kRMBj+9BoSkVV11gDvumurldXRoKsIIxEdrD4xjagSNiVd7zj3L9wANu6+YgP
169
+ HgBq8sUMXwsyXdL16jNC28qVqKF4jZxwmI9t6nVpQOSxGfBxdXmIhTxDDXFo4JMT
170
+ uKx67BaP1GzZ+BKvxm09xChIJ5xh7x8/bsZ7HlXqc++ARn0Lh9d5CISUKE1PPnMN
171
+ KyRUNt4X/qj7zJHDoAihufPKodvvXPsVAIpfCJZm7XB5WvP63IvQaFW/cX5wineR
172
+ FZY/BKS+tsJt45jJ9c/Ofzqrr//stCz4a44fYvpqaxIqTLr4CpNH3WBIM0RBQqJj
173
+ 35jJvdrNIuueby7GN3afRcvZIQBkbMkwZrW1iT8eah3EQDiXszbi7GkbXuOxQOn/
174
+ n8KJJvTJU7wAyH4WLvvWLFUm0oyHjIW4K9vSUM+x74WRuKxVikM6FAJ7uXsYtZ3Z
175
+ lgL2hNlbMwpB+wxvA9isT3dSyzAtZmXpomOLuQTETtm4tSpt8XnF3eCsAKHSWqrA
176
+ /zknqizKeBTPprqibixfO3dwUzFhUu3tkhxznIN3eEUrDMPxNrxObqJf1I4ySUYe
177
+ vc6fqBG86SJ2yjN3IMJm5Y/z58QQUmSOweL9xQSr1hdcCxBtmLSjAlVzJMkpQ/TW
178
+ xXPfHp4mZnRMLsGyO3eYrA==
179
+ =l2j3
180
+ -----END PGP PUBLIC KEY BLOCK-----
181
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
182
+ Version: GnuPG v2
183
+
184
+ mQINBF3DedcBEADmr11PU7BBVSEjSx3z2bqrktMURD2AnrXJgL+sAeZfMaZpDZCU
185
+ pmLKtI32Yp5X3Mv3mlj2Mz3VdtRh7ni83E5cqTLXs4Yjsujgu6nWS5qWqmSYw0Ax
186
+ RszPPJISf2MAbZyBQJpaoDK9t2eIh3yG6J9XhIMu/ZpDND8afNYGNRhXKetv6+l7
187
+ MHTYd5rlU94eIXcxLA/yV340BVTMoaiIfAwUF2uFubDYfro4Ckj+xzjGIvn3ueu0
188
+ u+Yfmc40YIuCsA+zgf24Tie/rIwifEzWxFCka2jNPU+q8XIrbPmTKGvxnpwjBKIz
189
+ B5HtB+yyV5mhnaVg1kkNZH/rZxJQm/FdFS9IXmOmV5CFn+R8grTxsYP/A4jDHnmz
190
+ wx/gJuUvt/ADt3cuU7sGLtT1cvH1UlS/fso2bDDHBhuEa/9hjD0uIYpLuR4eTUQs
191
+ WNU9a2WFxprNfM7nbUIWqfTr6tdnQORPnDi8lSGePlJNWQHzg36WyxPzq9EG0S5r
192
+ 35Gb5NXeok6CN9x0EUiRt/Fl0POQRJ2Y6TWmOzaZ+8B8HExhA02d86Wnzfss8kAB
193
+ eLSHE6aOguwujep9LFrTxUeMZTIkk/kxc0ibHuq0r1jwRWnCx9TwXCFeAW1gs7eo
194
+ xybF/HVuDqSLaRIgpIl2KFxvXRY6g37ggtcAxV5DlH6oK90ja+72Wre8+wARAQAB
195
+ tD9Td2lmdCBBdXRvbWF0aWMgU2lnbmluZyBLZXkgIzMgPHN3aWZ0LWluZnJhc3Ry
196
+ dWN0dXJlQHN3aWZ0Lm9yZz6JAj0EEwEKACcFAl3DedcCGwMFCQPCZwAFCwkIBwMF
197
+ FQoJCAsFFgIDAQACHgECF4AACgkQ+vaYnhvBb+oGHQ//ViB09Rk7W4BxyuvwDZx8
198
+ w7JR/WfCFDYAz210EILu2o3tqHWpfShynA2V/oOFT+VHykr2TK7wT2n/o9axfIq6
199
+ rF8W+X2VnXzwzN3a04iVtakcSeCuH4KIiT7vIjfOtmEwqJlpAIe6LF0NXb5wV9/I
200
+ mxc7xLKbTCBSjrNqQsCOZ6VbLqwQuOjI0afRjnUsI07u/8bo/8WeZS1roKy0ntVI
201
+ wyw05P5cV64pjHwNXH5CN8nB/G4pjCRwehI+4hAm0SOUfIDyLdQ4IThAJY+FVzIQ
202
+ dXSKMyVNQMe/PuwLB3CBNMPOtxsEwOdgrLwClm2jOOS/bjrBI5jerUgCSBDPerEP
203
+ 3rb6hjehuvhYudYZ+awmWG2NRxdWqUBO3twudVci4keQjjaBM+XiaWpEn9jD3XkI
204
+ ZZC++bXx0o6ugDGFNTNwpFZ9hCC0x8djDrJDz1OdSYA4Mn4bB1n/8FI3+wSk8AP2
205
+ YzfjXbdXQMe44FUWPJgcCJ8EEsF9eKtw5019288ECIlfaHIzw+tgeg7iTShhB7wi
206
+ 8T6PFJvRp8L4hssDfzMS9ZG93InUGL+6eyasIVXJtPDmCCP4LHMN3XYH0TgqBriD
207
+ A6MXJzpykPpl51JkXNRtCWtUVBJpDN3L6Ue4Ouxqs0amMBJCNXM/6t+aJfrgwqiq
208
+ bDzlXsGoKE1i/038Ag41vE0=
209
+ =kzvP
210
+ -----END PGP PUBLIC KEY BLOCK-----
211
+ -----BEGIN PGP PUBLIC KEY BLOCK-----
212
+ Version: GnuPG v2
213
+
214
+ mQINBFyUJhwBEADDBN6jVDScsgzfQDxSQga0Og4O3N/nIquwi/DGOgsAsTMWcVA1
215
+ gmRJb792vWa9CmnHILl3ap8zObDSbcXg90nx+eCzWJjG+Ud5c7xuam96NR8ntKmU
216
+ 8+BbH/dp8zc9WJB37TiWcaLsddrn58zfm7Ml6P9M48WAeRJX8nxVBTw1SjXJurW0
217
+ Ab8LOgfb60I09Skq72Ud7HaYJOG03iNTf6qLlF977OQsHCb21BnKSAmJqapUS96/
218
+ VOngz7TBzYz4rntfetb8hg28WtUl1s5BQzWaFunkP03b8mPh3PL1SZxutwViVWBu
219
+ hf9kJtx/MLb79fnuJEOus1FvDqJdpd83H+XmXMIDYWgcBIBVrLT5HDtRerjF178H
220
+ okb1F+gboGIqhnx25xTPIYctSHPgJRScZp4WKrqQLKswAmSL4YJXnkXSff05l4gE
221
+ WXQpEMLBZa46qmu8lj8HfoZSbP9lfvEtZ6A+Q3sfh3gjYPv7e6n37x22tSgvyzCb
222
+ jHU1pA2rv10AHK7EIeEQElN+zCyAbmKuhPBiCyxDFg5Dx3xNkYwg9szBJ0KleVD4
223
+ +Y3PZJ4N+u+SSATYnHGtmzvkhiNtqJCCwuaqY+jjVObzzqvLLtGjtjxNUWi2X4He
224
+ q+r2fubjCOW14UnQ06qfr3mVUSmuLSKs8BD8qTGuqlgcenGsY0bk0qUPcwARAQAB
225
+ tD5Td2lmdCA1LnggUmVsZWFzZSBTaWduaW5nIEtleSA8c3dpZnQtaW5mcmFzdHJ1
226
+ Y3R1cmVAc3dpZnQub3JnPokCPQQTAQoAJwIbAwULCQgHAwUVCgkICwUWAgMBAAIe
227
+ AQIXgAUCYFlw2wUJB4exvwAKCRCSXMHM7T0VYcDjD/9gX5EXlPJU1QgFw4PwRUDj
228
+ 9GxJ7DQ8ocgZT3mtt03gpRj7yTOL0iBDsJ4GtDiPcq6xCm7WEmNYBs/cJWVGwBC2
229
+ jeQCUCkxCXR310V3/RRFMhKZZPBq9A1UqqooO0WYkpR6JFP2a5cf2kounuyBoVGX
230
+ wV7Cn4ZqX/fLOt156EiWUtOxC5L/nJqn6Ea57arwVUwZ3Q2tcKthxFrmMD9H13oW
231
+ Y4coWiQhVx0xCMbc4cPh7TeRIdUu7D2JJPg/ypqhE2fIPPYrCAJSWp9A/m5oaLM+
232
+ 6/ABV+JYw3sgmnCSMxX+EV5iDsRamWMJwO4Yep8qMBD61jID5zn0N+VSLdEVfX+5
233
+ O4tdHMvC/YenJ0SFlWmZ7VGD99497IlsTMBFuOzBwXsfwdbSmG5KB6uKormLB6KB
234
+ INvASgi7HbcYgM6vh82mvpswp5UmrT8f2trnSaxHUz5gtUiYFKdBrLgbLBhMlUTZ
235
+ giRHJqm7DnYJVUAOOj26uu06gcXu77MzEiBT3PGVNPMgfYhc5I6hnx4nrXDYT5IT
236
+ bP9Gt1BpsaG8J2jZL2OyOdkd7FkAuWzJVmozDIhMcsf5AjxrZaSYKc2BwgevdIB/
237
+ nvrD/IHRzS34EDnqv2J2LsQqWI3PM7JC5fW9L69NaSWdWpIoHl4gPcm55wbF+tHP
238
+ SnioHPOvgHUi1wc55I6QNA==
239
+ =z7kI
240
+ -----END PGP PUBLIC KEY BLOCK-----
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: license_finder
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.12.2
4
+ version: 6.15.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ryan Collins
@@ -27,7 +27,7 @@ authors:
27
27
  autorequire:
28
28
  bindir: bin
29
29
  cert_chain: []
30
- date: 2021-04-14 00:00:00.000000000 Z
30
+ date: 2021-12-17 00:00:00.000000000 Z
31
31
  dependencies:
32
32
  - !ruby/object:Gem::Dependency
33
33
  name: bundler
@@ -131,14 +131,14 @@ dependencies:
131
131
  requirements:
132
132
  - - '='
133
133
  - !ruby/object:Gem::Version
134
- version: 2.7.0
134
+ version: 2.8.0
135
135
  type: :development
136
136
  prerelease: false
137
137
  version_requirements: !ruby/object:Gem::Requirement
138
138
  requirements:
139
139
  - - '='
140
140
  - !ruby/object:Gem::Version
141
- version: 2.7.0
141
+ version: 2.8.0
142
142
  - !ruby/object:Gem::Dependency
143
143
  name: capybara
144
144
  requirement: !ruby/object:Gem::Requirement
@@ -424,6 +424,7 @@ files:
424
424
  - lib/license_finder/license/templates/Ruby.txt
425
425
  - lib/license_finder/license/templates/SimplifiedBSD.txt
426
426
  - lib/license_finder/license/templates/WTFPL.txt
427
+ - lib/license_finder/license/templates/Zlib.txt
427
428
  - lib/license_finder/license/text.rb
428
429
  - lib/license_finder/license_aggregator.rb
429
430
  - lib/license_finder/logger.rb
@@ -457,6 +458,7 @@ files:
457
458
  - lib/license_finder/package_managers/pipenv.rb
458
459
  - lib/license_finder/package_managers/rebar.rb
459
460
  - lib/license_finder/package_managers/sbt.rb
461
+ - lib/license_finder/package_managers/spm.rb
460
462
  - lib/license_finder/package_managers/trash.rb
461
463
  - lib/license_finder/package_managers/yarn.rb
462
464
  - lib/license_finder/package_utils/activation.rb
@@ -489,6 +491,7 @@ files:
489
491
  - lib/license_finder/packages/pip_package.rb
490
492
  - lib/license_finder/packages/rebar_package.rb
491
493
  - lib/license_finder/packages/sbt_package.rb
494
+ - lib/license_finder/packages/spm_package.rb
492
495
  - lib/license_finder/packages/yarn_package.rb
493
496
  - lib/license_finder/platform.rb
494
497
  - lib/license_finder/project_finder.rb
@@ -514,6 +517,7 @@ files:
514
517
  - lib/license_finder/version.rb
515
518
  - license_finder.gemspec
516
519
  - release/instructions.md
520
+ - swift-all-keys.asc
517
521
  homepage: https://github.com/pivotal/LicenseFinder
518
522
  licenses:
519
523
  - MIT
@@ -533,7 +537,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
533
537
  - !ruby/object:Gem::Version
534
538
  version: '0'
535
539
  requirements: []
536
- rubygems_version: 3.2.16
540
+ rubygems_version: 3.2.33
537
541
  signing_key:
538
542
  specification_version: 4
539
543
  summary: Audit the OSS licenses of your application's dependencies.