RubyGems - license_finder - Versions diffs - 6.14.1 → 7.0.0 - Mend

license_finder 6.14.1 → 7.0.0

Files changed (62) hide show

checksums.yaml +4 -4
data/.github/dependabot.yml +9 -0
data/.rubocop.yml +12 -2
data/CHANGELOG.md +45 -0
data/Dockerfile +26 -5
data/README.md +6 -6
data/Rakefile +2 -2
data/VERSION +1 -1
data/bin/license_finder_pip.py +9 -7
data/ci/pipelines/release.yml.erb +1 -1
data/ci/scripts/pushscript.sh +2 -3
data/ci/scripts/run-tests.sh +4 -3
data/ci/tasks/rubocop.yml +1 -1
data/dlf +9 -5
data/lib/license_finder/cli/approvals.rb +2 -2
data/lib/license_finder/cli/base.rb +9 -5
data/lib/license_finder/cli/dependencies.rb +4 -4
data/lib/license_finder/cli/ignored_dependencies.rb +3 -3
data/lib/license_finder/cli/ignored_groups.rb +3 -3
data/lib/license_finder/cli/inherited_decisions.rb +5 -5
data/lib/license_finder/cli/licenses.rb +2 -2
data/lib/license_finder/cli/main.rb +17 -11
data/lib/license_finder/cli/permitted_licenses.rb +3 -3
data/lib/license_finder/cli/project_name.rb +4 -4
data/lib/license_finder/cli/restricted_licenses.rb +3 -3
data/lib/license_finder/configuration.rb +6 -3
data/lib/license_finder/core.rb +2 -1
data/lib/license_finder/decisions.rb +9 -5
data/lib/license_finder/license/definitions.rb +35 -1
data/lib/license_finder/license/templates/Zlib.txt +17 -0
data/lib/license_finder/license/text.rb +5 -3
data/lib/license_finder/license.rb +8 -2
data/lib/license_finder/logger.rb +1 -1
data/lib/license_finder/package.rb +3 -11
data/lib/license_finder/package_delta.rb +1 -1
data/lib/license_finder/package_manager.rb +1 -0
data/lib/license_finder/package_managers/cocoa_pods.rb +14 -7
data/lib/license_finder/package_managers/conan.rb +2 -2
data/lib/license_finder/package_managers/conda.rb +1 -1
data/lib/license_finder/package_managers/glide.rb +7 -1
data/lib/license_finder/package_managers/go_15vendorexperiment.rb +2 -2
data/lib/license_finder/package_managers/go_dep.rb +1 -1
data/lib/license_finder/package_managers/go_workspace.rb +1 -1
data/lib/license_finder/package_managers/nuget.rb +1 -1
data/lib/license_finder/package_managers/pub.rb +86 -0
data/lib/license_finder/package_managers/sbt.rb +1 -5
data/lib/license_finder/package_managers/yarn.rb +34 -6
data/lib/license_finder/package_utils/license_files.rb +2 -2
data/lib/license_finder/packages/bower_package.rb +5 -2
data/lib/license_finder/packages/erlangmk_package.rb +2 -4
data/lib/license_finder/packages/npm_package.rb +1 -0
data/lib/license_finder/packages/pubspec_package.rb +18 -0
data/lib/license_finder/printer.rb +39 -0
data/lib/license_finder/report.rb +2 -1
data/lib/license_finder/reports/csv_report.rb +1 -1
data/lib/license_finder/reports/erb_report.rb +7 -3
data/lib/license_finder/reports/json_report.rb +2 -1
data/lib/license_finder/reports/junit_report.rb +5 -1
data/lib/license_finder/reports/xml_report.rb +5 -1
data/lib/license_finder/scanner.rb +1 -1
data/license_finder.gemspec +16 -14
metadata +61 -28

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e02cf849bb28047c74646f496dd4ba63f68675103d13d4da53e12c3f5e28de4f
-  data.tar.gz: 0ca411b29afeda504a4eddd6b03c81b46e35a2b9eb553d4bb69ef99f085864c1
+  metadata.gz: e7009be357d27cb0bcadbff341eea7276b7a9012491f1ff2ebc7c2964d3d6305
+  data.tar.gz: d4a521addc00cf39c7203f667c41dcd9423a8fddb5e7584cf394de47ca249bfd
 SHA512:
-  metadata.gz: 7bd4b732e9ce6edee1e3352cd8ead5545fce8a8f047ef7a6b6006084aadbed01effc369d0ccd9ede81bd6889e32f0e1e0360cd76e9b80cf7f9c7cb483818c3cf
-  data.tar.gz: 226f2bf83e75441f72ca5dff09430cc49821eb83bd41af2964e6c1f19df2ce40946437fb4a8b32242653e82379ceadad5d3984961abf295ce81306d857c2ec1d
+  metadata.gz: e4a29a2ec4bd2022a96382c9a650e536af8881803302a2c60cecb832e49512184e13df28dd666b53bec7c0c7ef3f8fff66df26c589224134d495f621aba71a64
+  data.tar.gz: 6c255bd53fe29179580a920724b0be2e733aa187381e272254fa7d18e682b0bfe1c0ecf80450b5101dfd857aec0428d0e20bb5813f2b476a2bf37572a4486b04

data/.github/dependabot.yml ADDED Viewed

@@ -0,0 +1,9 @@
+version: 2
+updates:
+- package-ecosystem: bundler
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "20:00"
+    timezone: America/Los_Angeles
+  open-pull-requests-limit: 10

data/.rubocop.yml CHANGED Viewed

@@ -1,5 +1,5 @@
 AllCops:
-  TargetRubyVersion: 2.3.3
+  TargetRubyVersion: 2.4.0
   Exclude:
     - 'lib/license_finder/reports/**/*'
     - 'features/fixtures/**/*'
@@ -40,9 +40,17 @@ ModuleLength:
 # Security Cops
 YAMLLoad:
   Enabled: false
+Security/Open:
+  Enabled: false
 #Style Cops
-Style/MethodMissingSuper:
+Naming/VariableNumber:
+  Enabled: false
+Lint/MixedRegexpCaptureTypes:
+  Enabled: false
+Lint/MissingSuper:
+  Enabled: false
+Style/OptionalBooleanParameter:
   Enabled: false
 Style/MissingRespondToMissing:
   Enabled: false
@@ -56,6 +64,8 @@ Style/HashTransformValues:
   Enabled: true
 Layout/MultilineMethodCallIndentation:
     Enabled: false
+Lint/EmptyFile:
+  Enabled: false
 DoubleNegation:
   Enabled: false
 Documentation:

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,46 @@
+# [7.0.0] / 2022-03-04
+### Added
+* Ruby 3.x Support - [02497dfb](https://github.com/pivotal/LicenseFinder/commit/02497dfb60d458e51a43ef26568389b5fcf302af)
+### Changed
+* Raise an error if the yarn licenses list command fails - [8f9ab6bd](https://github.com/pivotal/LicenseFinder/commit/8f9ab6bd681866aee888410672f3babab7aab383) - AJ Esler
+* Updated code to support newest Thor gem - [b118772c](https://github.com/pivotal/LicenseFinder/commit/b118772c3f634dacc56795eebb7c3ba4c89ef639)
+# [6.15.0] / 2021-12-17
+### Added
+* Add Yarn2 support [7f08790](https://github.com/pivotal/LicenseFinder/commit/7f08790ce1d7cd12ccd0aa9de114ca3366ab408c)
+###Changed
+* Upgrade conan and use https://center.conan.io instead of conan.bintray.com [eea1292](https://github.com/pivotal/LicenseFinder/commit/eea1292bf2613f603a8a0ae42747857acf77e361)
+### Fixed
+* Fix docker Conan and swift - [66031df9](https://github.com/pivotal/LicenseFinder/commit/66031df912c2e1e21aa794a4b897fc61c9ec6b02)
+# [6.14.2] / 2021-10-27
+### Added
+* Zlib License - [0f004b52](https://github.com/pivotal/LicenseFinder/commit/0f004b528d436b4d53db8bd373ede0594c07d9e8) - blooper05
 # [6.14.1] / 2021-06-25
+First two commit were supposed to show up in v6.14.0, but GPG bug prevented a correct build. Therefore, a follow up patch build was made to include the GPG fix.
+### Changed
+* Upgrade Docker image to use Ubuntu Bionic [#178471230] [1c12588c](https://github.com/pivotal/LicenseFinder/commit/1c12588cceecb8b7350d090c85b519b24bcc6682)
+* Update the default timezone to GMT [#178471230] - [9fcab84](https://github.com/pivotal/LicenseFinder/commit/9fcab84605cda81e7f276d3c567d14409e371333)
+* Use local copy of Swift puglic GPG keys [#178674224] - [4db4b3e](https://github.com/pivotal/LicenseFinder/commit/4db4b3e5980ca52019549d74da574a2342a7846e)
+### Added
+* Added --npm_options option to customize npm behavior. [b8457a62](https://github.com/pivotal/LicenseFinder/commit/b8457a62e7b531294934364d1e5f72cd78a7686a) - Alexander-Malott
+### Security
+* Fix issue where commands could be injected running on Cocoapods projects. [b0a61a2d](https://github.com/pivotal/LicenseFinder/commit/b0a61a2d833921c714cc39cdda8ba80af3f33d04)
+  Thanks to Joern Schneeweisz Staff Security Engineer, Security Research | GitLab for raising the issue
 # [6.13.0] / 2021-04-27
 ### Fixed
@@ -957,3 +998,7 @@ Bugfixes:
 [6.12.2]: https://github.com/pivotal/LicenseFinder/compare/v6.12.1...v6.12.2
 [6.13.0]: https://github.com/pivotal/LicenseFinder/compare/v6.12.2...v6.13.0
 [6.14.1]: https://github.com/pivotal/LicenseFinder/compare/v6.13.0...v6.14.1
+[6.14.2]: https://github.com/pivotal/LicenseFinder/compare/v6.14.1...v6.14.2
+[6.15.0]: https://github.com/pivotal/LicenseFinder/compare/v6.14.2...v6.15.0
+[7.0.0]: https://github.com/pivotal/LicenseFinder/compare/v6.15.0...v7.0.0
+[7.0.0]: https://github.com/pivotal/LicenseFinder/compare/v6.15.0...v7.0.0

data/Dockerfile CHANGED Viewed

@@ -9,7 +9,7 @@ ENV GO_LANG_VERSION 1.14.3
 ENV MAVEN_VERSION 3.6.0
 ENV SBT_VERSION 1.3.3
 ENV GRADLE_VERSION 5.6.4
-ENV RUBY_VERSION 2.7.1
+ENV RUBY_VERSION 3.1.1
 ENV MIX_VERSION 1.0
 ENV COMPOSER_ALLOW_SUPERUSER 1
@@ -137,7 +137,9 @@ RUN apt-get install -y python-dev && \
 	    --ignore-installed requests --ignore-installed chardet \
 	    --ignore-installed urllib3 \
 	    --upgrade setuptools && \
-    pip install --no-cache-dir -Iv conan==1.11.2
+    pip install --no-cache-dir -Iv conan==1.43.0 && \
+    conan config install https://github.com/conan-io/conanclientcert.git
 # install NuGet (w. mono)
 # https://docs.microsoft.com/en-us/nuget/install-nuget-client-tools#macoslinux
@@ -204,6 +206,25 @@ RUN apt-get -q install -y \
     pkg-config \
     && rm -r /var/lib/apt/lists/*
+#install flutter
+ENV FLUTTER_HOME=/root/flutter
+RUN curl -o flutter_linux_2.8.1-stable.tar.xz https://storage.googleapis.com/flutter_infra_release/releases/stable/linux/flutter_linux_2.8.1-stable.tar.xz \
+    && tar xf flutter_linux_2.8.1-stable.tar.xz \
+    && mv flutter ${FLUTTER_HOME} \
+    && rm flutter_linux_2.8.1-stable.tar.xz
+ENV PATH=$PATH:${FLUTTER_HOME}/bin:${FLUTTER_HOME}/bin/cache/dart-sdk/bin
+RUN flutter doctor -v \
+    && flutter update-packages \
+    && flutter precache
+# Accepting all licences
+RUN yes | flutter doctor --android-licenses -v
+# Creating Flutter sample projects to put binaries in cache fore each template type
+RUN flutter create --template=app ${TEMP}/app_sample \
+    && flutter create --template=package ${TEMP}/package_sample \
+    && flutter create --template=plugin ${TEMP}/plugin_sample
 # pub   4096R/ED3D1561 2019-03-22 [SC] [expires: 2023-03-23]
 #       Key fingerprint = A62A E125 BBBF BB96 A6E0  42EC 925C C1CC ED3D 1561
 # uid                  Swift 5.x Release Signing Key <swift-infrastructure@swift.org
@@ -211,7 +232,7 @@ ARG SWIFT_SIGNING_KEY=A62AE125BBBFBB96A6E042EC925CC1CCED3D1561
 ARG SWIFT_PLATFORM=ubuntu18.04
 ARG SWIFT_BRANCH=swift-5.3.3-release
 ARG SWIFT_VERSION=swift-5.3.3-RELEASE
-ARG SWIFT_WEBROOT=https://swift.org/builds/
+ARG SWIFT_WEBROOT=https://download.swift.org
 ENV SWIFT_SIGNING_KEY=$SWIFT_SIGNING_KEY \
     SWIFT_PLATFORM=$SWIFT_PLATFORM \
@@ -221,7 +242,7 @@ ENV SWIFT_SIGNING_KEY=$SWIFT_SIGNING_KEY \
 COPY swift-all-keys.asc .
 RUN set -e; \
-    SWIFT_WEBDIR="$SWIFT_WEBROOT/$SWIFT_BRANCH/$(echo $SWIFT_PLATFORM | tr -d .)/" \
+    SWIFT_WEBDIR="$SWIFT_WEBROOT/$SWIFT_BRANCH/$(echo $SWIFT_PLATFORM | tr -d .)" \
     && SWIFT_BIN_URL="$SWIFT_WEBDIR/$SWIFT_VERSION/$SWIFT_VERSION-$SWIFT_PLATFORM.tar.gz" \
     && SWIFT_SIG_URL="$SWIFT_BIN_URL.sig" \
     # - Grab curl here so we cache better up above
@@ -240,7 +261,7 @@ RUN set -e; \
 # install license_finder
 COPY . /LicenseFinder
-RUN bash -lc "cd /LicenseFinder && bundle config set no-cache 'true' && bundle install -j4 && rake install"
+RUN bash -lc "cd /LicenseFinder && bundle config set no-cache 'true' && bundle install -j4 && bundle pristine && rake install"
 WORKDIR /

data/README.md CHANGED Viewed

@@ -3,12 +3,11 @@
 [![Code Climate](https://codeclimate.com/github/pivotal/LicenseFinder.png)](https://codeclimate.com/github/pivotal/LicenseFinder)
 Build status
-* Ruby 2.3.8 [![Ruby 2.3.8 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.3.8/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
 * Ruby 2.4.9 [![Ruby 2.4.9 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.4.9/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
 * Ruby 2.5.7 [![Ruby 2.5.7 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.5.7/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
-* Ruby 2.6.5 [![Ruby 2.6.5 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.6.5/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
-* Ruby 2.7.1 [![Ruby 2.7.1 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.7.1/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
-* JRuby 9.2.9.0 [![JRuby 9.2.9.0 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-jruby-9.2.9.0/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
+* Ruby 2.6.9 [![Ruby 2.6.9 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.6.9/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
+* Ruby 2.7.5 [![Ruby 2.7.5 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.7.5/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
+* Ruby 3.1.1 [![Ruby 3.1.1 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-3.1.1/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
 LicenseFinder works with your package managers to find dependencies,
@@ -55,10 +54,11 @@ and give you an actionable exception report.
 * Go Modules (via `go mod`)
 * PHP (via `composer`)
 * Python (via Conda [Conda 4.8.3, Python 3.7, Bash; requires an `environment.yml` or `environment.yaml`])
+* Flutter (via `flutter pub, requires pubspec.yaml & .pub cache locaton through ENV variable`)
 ## Installation
-License Finder requires Ruby 2.3.3 or greater to run. If you have an older
+License Finder requires Ruby 2.4.0 or greater to run. If you have an older
 version of Ruby installed, you can update via Homebrew:
 ```sh
@@ -174,7 +174,7 @@ languages, as long as that language has a package definition in the project dire
 * `build.gradle` (for `gradle`)
 * `settings.gradle` that specifies `rootProject.buildFileName` (for `gradle`)
 * `bower.json` (for `bower`)
-* `Podfile` (for `pod`)
+* `Podfile` (for `pod`) (set `ACKNOWLEDGEMENTS_PATH` variable if you want to target a particular `Pods-acknowledgements-<TARGET>.plist`. Can be useful in multi-target pods projects.)
 * `Cartfile` (for `carthage`)
 * `workspace-state.json` under build directory (provided as enviroment variable `SPM_DERIVED_DATA` for Xcode, or default `.build` for non-Xcode projects), (for `spm`)
 * `rebar.config` (for `rebar`)

data/Rakefile CHANGED Viewed

@@ -40,7 +40,7 @@ task :check_dependencies do
   LicenseFinder::Scanner::PACKAGE_MANAGERS.each do |package_manager|
     satisfied = false unless package_manager.new(project_path: Pathname.new('')).installed?(LicenseFinder::Logger.new(LicenseFinder::Logger::MODE_INFO))
   end
-  STDOUT.flush
+  $stdout.flush
   exit 1 unless satisfied
 end
@@ -54,7 +54,7 @@ task :update_pipeline, [:slack_url, :slack_channel] do |_, args|
     puts 'Warning: You should provide slack channel and url to receive slack notifications on build failures'
   end
-  ruby_versions = %w[2.7.1 2.6.5 2.5.7 2.4.9 2.3.8 jruby-9.2.14.0]
+  ruby_versions = %w[3.1.1 2.7.5 2.6.9 2.5.7 2.4.9]
   params = []
   params << "ruby_versions=#{ruby_versions.join(',')}"

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 6.14.1
1	+ 7.0.0

data/bin/license_finder_pip.py CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/usr/bin/env python
 import json
 import sys
@@ -21,12 +20,16 @@ except ImportError:
 from pip._vendor import pkg_resources
 from pip._vendor.six import print_
 reqs = []
 for req in parse_requirements(sys.argv[1], session=PipSession()):
-    if req.req == None or (req.markers != None and not req.markers.evaluate()): continue
-    reqs.append(req)
-requirements = [pkg_resources.Requirement.parse(str(req.req)) for req in reqs]
+    try:
+        if req.req is not None and (req.markers is None or req.markers.evaluate()):
+            reqs.append(pkg_resources.Requirement.parse(str(req.req)))
+    except AttributeError:
+        # Since pip 20.1 (pip now takes care of markers at the resolve step)
+        if req.requirement is not None:
+            reqs.append(pkg_resources.Requirement.parse(str(req.requirement)))
 transform = lambda dist: {
         'name': dist.project_name,
@@ -35,7 +38,6 @@ transform = lambda dist: {
         'dependencies': list(map(lambda dependency: dependency.project_name, dist.requires())),
         }
-packages = [transform(dist) for dist
-            in pkg_resources.working_set.resolve(requirements)]
+packages = [transform(dist) for dist in pkg_resources.working_set.resolve(reqs)]
 print_(json.dumps(packages))

data/ci/pipelines/release.yml.erb CHANGED Viewed

@@ -156,7 +156,7 @@ jobs:
   plan:
   - get: lf-git
     tags: ["private-worker"]
-    passed: [<%= "#{ruby_versions.map{ |version| "ruby-#{version}" unless version == "jruby-9.2.14.0" }.compact.join(', ') }, rubocop" %>]
+    passed: [<%= "#{ruby_versions.map{ |version| "ruby-#{version}" unless version == "jruby-9.3.1.0" }.compact.join(', ') }, rubocop" %>]
   - get: semver-version
     tags: ["private-worker"]
     trigger: true

data/ci/scripts/pushscript.sh CHANGED Viewed

@@ -1,7 +1,6 @@
 #!/bin/bash
-echo -e "---\n:rubygems_api_key: $GEM_API_KEY" > ~/.gem/credentials
-chmod 0600 ~/.gem/credentials
+echo -e "---\n:rubygems_api_key: $GEM_API_KEY" > ~/.local/share/gem/credentials
+chmod 0600 ~/.local/share/gem/credentials
 build_version="$(cat semver-version/version)"
 cd lf-git

data/ci/scripts/run-tests.sh CHANGED Viewed

@@ -16,9 +16,10 @@ pushd "$PROJECT_ROOT"
   gem update --system
   gem install bundler
   bundle install
+  bundle pristine
-  bundle exec rake install
-  bundle exec rake spec
+  rake install
+  rake spec
-  bundle exec rake features
+  rake features
 popd

data/ci/tasks/rubocop.yml CHANGED Viewed

@@ -4,7 +4,7 @@ image_resource:
   type: registry-image
   source:
     repository: ruby
-    tag: 2.7.1
+    tag: 3.1.1
     username: ((LicenseFinderDocker.username))
     password: ((LicenseFinderDocker.password))

data/dlf CHANGED Viewed

@@ -1,10 +1,14 @@
 #!/bin/bash
 if `which docker > /dev/null`; then
-	if [ $# -eq 0 ]; then
-  		docker run -v $PWD:/scan -it licensefinder/license_finder
-	else
-  		docker run -v $PWD:/scan -it licensefinder/license_finder /bin/bash -lc "cd /scan && `echo $@`"
-	fi
+  if [ $# -eq 0 ]; then
+    docker run -v $PWD:/scan -it licensefinder/license_finder
+  else
+    escaped_params=""
+    for p in "$@"; do
+      escaped_params="$escaped_params \"$p\""
+    done
+    docker run -v $PWD:/scan -it licensefinder/license_finder /bin/bash -lc "cd /scan && $escaped_params"
+  fi
 else
   echo "You do not have docker installed. Please install it:"
   echo "    https://docs.docker.com/engine/installation/"

data/lib/license_finder/cli/approvals.rb CHANGED Viewed

@@ -13,7 +13,7 @@ module LicenseFinder
         assert_some names
         modifying { names.each { |name| decisions.approve(name, txn) } }
-        say "The #{names.join(', ')} dependency has been approved!", :green
+        printer.say "The #{names.join(', ')} dependency has been approved!", :green
       end
       auditable
@@ -21,7 +21,7 @@ module LicenseFinder
       def remove(dep)
         modifying { decisions.unapprove(dep, txn) }
-        say "The dependency #{dep} no longer has a manual approval"
+        printer.say "The dependency #{dep} no longer has a manual approval"
       end
     end
   end

data/lib/license_finder/cli/base.rb CHANGED Viewed

@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 require 'thor'
 module LicenseFinder
   module CLI
     class Base < Thor
@@ -24,12 +23,16 @@ module LicenseFinder
         def config
           @config ||= Configuration.with_optional_saved_config(license_finder_config)
         end
+        def printer
+          @printer || Printer.new
+        end
       end
       private
       def fail(message)
-        say(message) && exit(1)
+        printer.say(message) && exit(1)
       end
       def license_finder_config
@@ -61,7 +64,8 @@ module LicenseFinder
           :recursive,
           :sbt_include_groups,
           :conda_bash_setup_script,
-          :composer_check_require_only
+          :composer_check_require_only,
+          :use_spdx_id
         ).merge(
           logger: logger_mode
         )
@@ -84,10 +88,10 @@ module LicenseFinder
       def say_each(coll)
         if coll.any?
           coll.each do |item|
-            say(block_given? ? yield(item) : item)
+            printer.say(block_given? ? yield(item) : item)
           end
         else
-          say '(none)'
+          printer.say '(none)'
         end
       end

data/lib/license_finder/cli/dependencies.rb CHANGED Viewed

@@ -20,9 +20,9 @@ module LicenseFinder
           decisions.approve(name, txn) if options[:approve]
         end
         if options[:approve]
-          say "The #{name} dependency has been added and approved!", :green
+          printer.say "The #{name} dependency has been added and approved!", :green
         else
-          say "The #{name} dependency has been added!", :green
+          printer.say "The #{name} dependency has been added!", :green
         end
       end
@@ -31,12 +31,12 @@ module LicenseFinder
       def remove(name)
         modifying { decisions.remove_package(name, txn) }
-        say "The #{name} dependency has been removed.", :green
+        printer.say "The #{name} dependency has been removed.", :green
       end
       desc 'list', 'List manually added dependencies'
       def list
-        say 'Manually Added Dependencies:', :blue
+        printer.say 'Manually Added Dependencies:', :blue
         say_each(decisions.packages, &:name)
       end
     end

data/lib/license_finder/cli/ignored_dependencies.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module LicenseFinder
       desc 'list', 'List all the ignored dependencies'
       def list
-        say 'Ignored Dependencies:', :blue
+        printer.say 'Ignored Dependencies:', :blue
         say_each(decisions.ignored)
       end
@@ -17,7 +17,7 @@ module LicenseFinder
       def add(dep)
         modifying { decisions.ignore(dep, txn) }
-        say "Added #{dep} to the ignored dependencies"
+        printer.say "Added #{dep} to the ignored dependencies"
       end
       auditable
@@ -25,7 +25,7 @@ module LicenseFinder
       def remove(dep)
         modifying { decisions.heed(dep, txn) }
-        say "Removed #{dep} from the ignored dependencies"
+        printer.say "Removed #{dep} from the ignored dependencies"
       end
     end
   end

data/lib/license_finder/cli/ignored_groups.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module LicenseFinder
       desc 'list', 'List all the ignored groups'
       def list
-        say 'Ignored Groups:', :blue
+        printer.say 'Ignored Groups:', :blue
         say_each(decisions.ignored_groups)
       end
@@ -17,7 +17,7 @@ module LicenseFinder
       def add(group)
         modifying { decisions.ignore_group(group, txn) }
-        say "Added #{group} to the ignored groups"
+        printer.say "Added #{group} to the ignored groups"
       end
       auditable
@@ -25,7 +25,7 @@ module LicenseFinder
       def remove(group)
         modifying { decisions.heed_group(group, txn) }
-        say "Removed #{group} from the ignored groups"
+        printer.say "Removed #{group} from the ignored groups"
       end
     end
   end

data/lib/license_finder/cli/inherited_decisions.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module LicenseFinder
       desc 'list', 'List all the inherited decision files'
       def list
-        say 'Inherited Decision Files:', :blue
+        printer.say 'Inherited Decision Files:', :blue
         say_each(decisions.inherited_decisions)
       end
@@ -17,7 +17,7 @@ module LicenseFinder
       def add(*decision_files)
         assert_some decision_files
         modifying { decision_files.each { |filepath| decisions.inherit_from(filepath) } }
-        say "Added #{decision_files.join(', ')} to the inherited decisions"
+        printer.say "Added #{decision_files.join(', ')} to the inherited decisions"
       end
       auditable
@@ -26,7 +26,7 @@ module LicenseFinder
         url, auth_type, token_or_env = params
         auth_info = { 'url' => url, 'authorization' => "#{auth_type} #{token_or_env}" }
         modifying { decisions.add_decision [:inherit_from, auth_info] }
-        say "Added #{url} to the inherited decisions"
+        printer.say "Added #{url} to the inherited decisions"
       end
       auditable
@@ -34,7 +34,7 @@ module LicenseFinder
       def remove(*decision_files)
         assert_some decision_files
         modifying { decision_files.each { |filepath| decisions.remove_inheritance(filepath) } }
-        say "Removed #{decision_files.join(', ')} from the inherited decisions"
+        printer.say "Removed #{decision_files.join(', ')} from the inherited decisions"
       end
       auditable
@@ -43,7 +43,7 @@ module LicenseFinder
         url, auth_type, token_or_env = params
         auth_info = { 'url' => url, 'authorization' => "#{auth_type} #{token_or_env}" }
         modifying { decisions.remove_inheritance(auth_info) }
-        say "Removed #{url} from the inherited decisions"
+        printer.say "Removed #{url} from the inherited decisions"
       end
     end
   end

data/lib/license_finder/cli/licenses.rb CHANGED Viewed

@@ -11,7 +11,7 @@ module LicenseFinder
       def add(name, license)
         modifying { decisions.license(name, license, txn) }
-        say "The #{name} dependency has been marked as using #{license} license!", :green
+        printer.say "The #{name} dependency has been marked as using #{license} license!", :green
       end
       auditable
@@ -19,7 +19,7 @@ module LicenseFinder
       def remove(dep, lic)
         modifying { decisions.unlicense(dep, lic, txn) }
-        say "The dependency #{dep} no longer has a manual license"
+        printer.say "The dependency #{dep} no longer has a manual license"
       end
     end
   end

data/lib/license_finder/cli/main.rb CHANGED Viewed

@@ -7,6 +7,7 @@ require 'license_finder/package_delta'
 require 'license_finder/license_aggregator'
 require 'license_finder/project_finder'
 require 'license_finder/logger'
+require 'license_finder/printer'
 module LicenseFinder
   module CLI
@@ -90,6 +91,11 @@ module LicenseFinder
         method_option :columns,
                       desc: "For text or CSV reports, which columns to print. Pick from: #{CsvReport::AVAILABLE_COLUMNS}",
                       type: :array
+        method_option :use_spdx_id,
+                      type: :boolean,
+                      desc: 'For reports, use the SPDX identifier instead of license name (useful to match license with other standard tools)',
+                      default: false
       end
       desc 'project_roots', 'List project directories to be scanned'
@@ -102,7 +108,7 @@ module LicenseFinder
         filtered_project_roots << project_path if aggregate_paths.include?(project_path) && !filtered_project_roots.include?(project_path)
-        say(filtered_project_roots)
+        printer.say(filtered_project_roots)
       end
       desc 'action_items', 'List unapproved dependencies (the default action for `license_finder`)'
@@ -115,25 +121,25 @@ module LicenseFinder
         restricted = finder.restricted
         # Ensure to start output on a new line even with dot progress indicators.
-        say "\n"
+        printer.say "\n"
         unless any_packages
-          say 'No dependencies recognized!', :red
+          printer.say 'No dependencies recognized!', :red
           exit 0
         end
         if unapproved.empty?
-          say 'All dependencies are approved for use', :green
+          printer.say 'All dependencies are approved for use', :green
         else
           unless restricted.empty?
-            say 'Restricted dependencies:', :red
-            say report_of(restricted)
+            printer.say 'Restricted dependencies:', :red
+            printer.say report_of(restricted)
           end
           other_unapproved = unapproved - restricted
           unless other_unapproved.empty?
-            say 'Dependencies that need approval:', :yellow
-            say report_of(other_unapproved)
+            printer.say 'Dependencies that need approval:', :yellow
+            printer.say report_of(other_unapproved)
           end
           exit 1
@@ -151,7 +157,7 @@ module LicenseFinder
       def report
         finder = LicenseAggregator.new(config, aggregate_paths)
         report = report_of(finder.dependencies)
-        save? ? save_report(report, config.save_file) : say(report)
+        save? ? save_report(report, config.save_file) : printer.say(report)
       end
       desc 'version', 'Print the version of LicenseFinder'
@@ -166,7 +172,7 @@ module LicenseFinder
         f1 = IO.read(file1)
         f2 = IO.read(file2)
         report = DiffReport.new(Diff.compare(f1, f2))
-        save? ? save_report(report, config.save_file) : say(report)
+        save? ? save_report(report, config.save_file) : printer.say(report)
       end
       subcommand 'dependencies', Dependencies, 'Add or remove dependencies that your package managers are not aware of'
@@ -210,7 +216,7 @@ module LicenseFinder
       def report_of(content)
         report = FORMATS[config.format] || FORMATS['text']
         report = MergedReport if report == CsvReport && config.aggregate_paths
-        report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s, write_headers: config.write_headers)
+        report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s, write_headers: config.write_headers, use_spdx_id: config.use_spdx_id)
       end
       def save?