RubyGems - license_finder - Versions diffs - 6.14.1 → 7.0.0 - Mend

license_finder 6.14.1 → 7.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (62) hide show

checksums.yaml +4 -4
data/.github/dependabot.yml +9 -0
data/.rubocop.yml +12 -2
data/CHANGELOG.md +45 -0
data/Dockerfile +26 -5
data/README.md +6 -6
data/Rakefile +2 -2
data/VERSION +1 -1
data/bin/license_finder_pip.py +9 -7
data/ci/pipelines/release.yml.erb +1 -1
data/ci/scripts/pushscript.sh +2 -3
data/ci/scripts/run-tests.sh +4 -3
data/ci/tasks/rubocop.yml +1 -1
data/dlf +9 -5
data/lib/license_finder/cli/approvals.rb +2 -2
data/lib/license_finder/cli/base.rb +9 -5
data/lib/license_finder/cli/dependencies.rb +4 -4
data/lib/license_finder/cli/ignored_dependencies.rb +3 -3
data/lib/license_finder/cli/ignored_groups.rb +3 -3
data/lib/license_finder/cli/inherited_decisions.rb +5 -5
data/lib/license_finder/cli/licenses.rb +2 -2
data/lib/license_finder/cli/main.rb +17 -11
data/lib/license_finder/cli/permitted_licenses.rb +3 -3
data/lib/license_finder/cli/project_name.rb +4 -4
data/lib/license_finder/cli/restricted_licenses.rb +3 -3
data/lib/license_finder/configuration.rb +6 -3
data/lib/license_finder/core.rb +2 -1
data/lib/license_finder/decisions.rb +9 -5
data/lib/license_finder/license/definitions.rb +35 -1
data/lib/license_finder/license/templates/Zlib.txt +17 -0
data/lib/license_finder/license/text.rb +5 -3
data/lib/license_finder/license.rb +8 -2
data/lib/license_finder/logger.rb +1 -1
data/lib/license_finder/package.rb +3 -11
data/lib/license_finder/package_delta.rb +1 -1
data/lib/license_finder/package_manager.rb +1 -0
data/lib/license_finder/package_managers/cocoa_pods.rb +14 -7
data/lib/license_finder/package_managers/conan.rb +2 -2
data/lib/license_finder/package_managers/conda.rb +1 -1
data/lib/license_finder/package_managers/glide.rb +7 -1
data/lib/license_finder/package_managers/go_15vendorexperiment.rb +2 -2
data/lib/license_finder/package_managers/go_dep.rb +1 -1
data/lib/license_finder/package_managers/go_workspace.rb +1 -1
data/lib/license_finder/package_managers/nuget.rb +1 -1
data/lib/license_finder/package_managers/pub.rb +86 -0
data/lib/license_finder/package_managers/sbt.rb +1 -5
data/lib/license_finder/package_managers/yarn.rb +34 -6
data/lib/license_finder/package_utils/license_files.rb +2 -2
data/lib/license_finder/packages/bower_package.rb +5 -2
data/lib/license_finder/packages/erlangmk_package.rb +2 -4
data/lib/license_finder/packages/npm_package.rb +1 -0
data/lib/license_finder/packages/pubspec_package.rb +18 -0
data/lib/license_finder/printer.rb +39 -0
data/lib/license_finder/report.rb +2 -1
data/lib/license_finder/reports/csv_report.rb +1 -1
data/lib/license_finder/reports/erb_report.rb +7 -3
data/lib/license_finder/reports/json_report.rb +2 -1
data/lib/license_finder/reports/junit_report.rb +5 -1
data/lib/license_finder/reports/xml_report.rb +5 -1
data/lib/license_finder/scanner.rb +1 -1
data/license_finder.gemspec +16 -14
metadata +61 -28

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e02cf849bb28047c74646f496dd4ba63f68675103d13d4da53e12c3f5e28de4f
-  data.tar.gz: 0ca411b29afeda504a4eddd6b03c81b46e35a2b9eb553d4bb69ef99f085864c1
+  metadata.gz: e7009be357d27cb0bcadbff341eea7276b7a9012491f1ff2ebc7c2964d3d6305
+  data.tar.gz: d4a521addc00cf39c7203f667c41dcd9423a8fddb5e7584cf394de47ca249bfd
 SHA512:
-  metadata.gz: 7bd4b732e9ce6edee1e3352cd8ead5545fce8a8f047ef7a6b6006084aadbed01effc369d0ccd9ede81bd6889e32f0e1e0360cd76e9b80cf7f9c7cb483818c3cf
-  data.tar.gz: 226f2bf83e75441f72ca5dff09430cc49821eb83bd41af2964e6c1f19df2ce40946437fb4a8b32242653e82379ceadad5d3984961abf295ce81306d857c2ec1d
+  metadata.gz: e4a29a2ec4bd2022a96382c9a650e536af8881803302a2c60cecb832e49512184e13df28dd666b53bec7c0c7ef3f8fff66df26c589224134d495f621aba71a64
+  data.tar.gz: 6c255bd53fe29179580a920724b0be2e733aa187381e272254fa7d18e682b0bfe1c0ecf80450b5101dfd857aec0428d0e20bb5813f2b476a2bf37572a4486b04

data/.github/dependabot.yml ADDED Viewed

@@ -0,0 +1,9 @@
+version: 2
+updates:
+- package-ecosystem: bundler
+  directory: "/"
+  schedule:
+    interval: daily
+    time: "20:00"
+    timezone: America/Los_Angeles
+  open-pull-requests-limit: 10

data/.rubocop.yml CHANGED Viewed

@@ -1,5 +1,5 @@
 AllCops:
-  TargetRubyVersion: 2.3.3
+  TargetRubyVersion: 2.4.0
   Exclude:
     - 'lib/license_finder/reports/**/*'
     - 'features/fixtures/**/*'
@@ -40,9 +40,17 @@ ModuleLength:
 # Security Cops
 YAMLLoad:
   Enabled: false
+Security/Open:
+  Enabled: false
 #Style Cops
-Style/MethodMissingSuper:
+Naming/VariableNumber:
+  Enabled: false
+Lint/MixedRegexpCaptureTypes:
+  Enabled: false
+Lint/MissingSuper:
+  Enabled: false
+Style/OptionalBooleanParameter:
   Enabled: false
 Style/MissingRespondToMissing:
   Enabled: false
@@ -56,6 +64,8 @@ Style/HashTransformValues:
   Enabled: true
 Layout/MultilineMethodCallIndentation:
     Enabled: false
+Lint/EmptyFile:
+  Enabled: false
 DoubleNegation:
   Enabled: false
 Documentation:

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,46 @@
+# [7.0.0] / 2022-03-04
+### Added
+* Ruby 3.x Support - [02497dfb](https://github.com/pivotal/LicenseFinder/commit/02497dfb60d458e51a43ef26568389b5fcf302af)
+### Changed
+* Raise an error if the yarn licenses list command fails - [8f9ab6bd](https://github.com/pivotal/LicenseFinder/commit/8f9ab6bd681866aee888410672f3babab7aab383) - AJ Esler
+* Updated code to support newest Thor gem - [b118772c](https://github.com/pivotal/LicenseFinder/commit/b118772c3f634dacc56795eebb7c3ba4c89ef639)
+# [6.15.0] / 2021-12-17
+### Added
+* Add Yarn2 support [7f08790](https://github.com/pivotal/LicenseFinder/commit/7f08790ce1d7cd12ccd0aa9de114ca3366ab408c)
+###Changed
+* Upgrade conan and use https://center.conan.io instead of conan.bintray.com [eea1292](https://github.com/pivotal/LicenseFinder/commit/eea1292bf2613f603a8a0ae42747857acf77e361)
+### Fixed
+* Fix docker Conan and swift - [66031df9](https://github.com/pivotal/LicenseFinder/commit/66031df912c2e1e21aa794a4b897fc61c9ec6b02)
+# [6.14.2] / 2021-10-27
+### Added
+* Zlib License - [0f004b52](https://github.com/pivotal/LicenseFinder/commit/0f004b528d436b4d53db8bd373ede0594c07d9e8) - blooper05
 # [6.14.1] / 2021-06-25
+First two commit were supposed to show up in v6.14.0, but GPG bug prevented a correct build. Therefore, a follow up patch build was made to include the GPG fix.
+### Changed
+* Upgrade Docker image to use Ubuntu Bionic [#178471230] [1c12588c](https://github.com/pivotal/LicenseFinder/commit/1c12588cceecb8b7350d090c85b519b24bcc6682)
+* Update the default timezone to GMT [#178471230] - [9fcab84](https://github.com/pivotal/LicenseFinder/commit/9fcab84605cda81e7f276d3c567d14409e371333)
+* Use local copy of Swift puglic GPG keys [#178674224] - [4db4b3e](https://github.com/pivotal/LicenseFinder/commit/4db4b3e5980ca52019549d74da574a2342a7846e)
+### Added
+* Added --npm_options option to customize npm behavior. [b8457a62](https://github.com/pivotal/LicenseFinder/commit/b8457a62e7b531294934364d1e5f72cd78a7686a) - Alexander-Malott
+### Security
+* Fix issue where commands could be injected running on Cocoapods projects. [b0a61a2d](https://github.com/pivotal/LicenseFinder/commit/b0a61a2d833921c714cc39cdda8ba80af3f33d04)
+  Thanks to Joern Schneeweisz Staff Security Engineer, Security Research | GitLab for raising the issue
 # [6.13.0] / 2021-04-27
 ### Fixed
@@ -957,3 +998,7 @@ Bugfixes:
 [6.12.2]: https://github.com/pivotal/LicenseFinder/compare/v6.12.1...v6.12.2
 [6.13.0]: https://github.com/pivotal/LicenseFinder/compare/v6.12.2...v6.13.0
 [6.14.1]: https://github.com/pivotal/LicenseFinder/compare/v6.13.0...v6.14.1
+[6.14.2]: https://github.com/pivotal/LicenseFinder/compare/v6.14.1...v6.14.2
+[6.15.0]: https://github.com/pivotal/LicenseFinder/compare/v6.14.2...v6.15.0
+[7.0.0]: https://github.com/pivotal/LicenseFinder/compare/v6.15.0...v7.0.0
+[7.0.0]: https://github.com/pivotal/LicenseFinder/compare/v6.15.0...v7.0.0

data/Dockerfile CHANGED Viewed

@@ -9,7 +9,7 @@ ENV GO_LANG_VERSION 1.14.3
 ENV MAVEN_VERSION 3.6.0
 ENV SBT_VERSION 1.3.3
 ENV GRADLE_VERSION 5.6.4
-ENV RUBY_VERSION 2.7.1
+ENV RUBY_VERSION 3.1.1
 ENV MIX_VERSION 1.0
 ENV COMPOSER_ALLOW_SUPERUSER 1
@@ -137,7 +137,9 @@ RUN apt-get install -y python-dev && \
 	    --ignore-installed requests --ignore-installed chardet \
 	    --ignore-installed urllib3 \
 	    --upgrade setuptools && \
-    pip install --no-cache-dir -Iv conan==1.11.2
+    pip install --no-cache-dir -Iv conan==1.43.0 && \
+    conan config install https://github.com/conan-io/conanclientcert.git
 # install NuGet (w. mono)
 # https://docs.microsoft.com/en-us/nuget/install-nuget-client-tools#macoslinux
@@ -204,6 +206,25 @@ RUN apt-get -q install -y \
     pkg-config \
     && rm -r /var/lib/apt/lists/*
+#install flutter
+ENV FLUTTER_HOME=/root/flutter
+RUN curl -o flutter_linux_2.8.1-stable.tar.xz https://storage.googleapis.com/flutter_infra_release/releases/stable/linux/flutter_linux_2.8.1-stable.tar.xz \
+    && tar xf flutter_linux_2.8.1-stable.tar.xz \
+    && mv flutter ${FLUTTER_HOME} \
+    && rm flutter_linux_2.8.1-stable.tar.xz
+ENV PATH=$PATH:${FLUTTER_HOME}/bin:${FLUTTER_HOME}/bin/cache/dart-sdk/bin
+RUN flutter doctor -v \
+    && flutter update-packages \
+    && flutter precache
+# Accepting all licences
+RUN yes | flutter doctor --android-licenses -v
+# Creating Flutter sample projects to put binaries in cache fore each template type
+RUN flutter create --template=app ${TEMP}/app_sample \
+    && flutter create --template=package ${TEMP}/package_sample \
+    && flutter create --template=plugin ${TEMP}/plugin_sample
 # pub   4096R/ED3D1561 2019-03-22 [SC] [expires: 2023-03-23]
 #       Key fingerprint = A62A E125 BBBF BB96 A6E0  42EC 925C C1CC ED3D 1561
 # uid                  Swift 5.x Release Signing Key <swift-infrastructure@swift.org
@@ -211,7 +232,7 @@ ARG SWIFT_SIGNING_KEY=A62AE125BBBFBB96A6E042EC925CC1CCED3D1561
 ARG SWIFT_PLATFORM=ubuntu18.04
 ARG SWIFT_BRANCH=swift-5.3.3-release
 ARG SWIFT_VERSION=swift-5.3.3-RELEASE
-ARG SWIFT_WEBROOT=https://swift.org/builds/
+ARG SWIFT_WEBROOT=https://download.swift.org
 ENV SWIFT_SIGNING_KEY=$SWIFT_SIGNING_KEY \
     SWIFT_PLATFORM=$SWIFT_PLATFORM \
@@ -221,7 +242,7 @@ ENV SWIFT_SIGNING_KEY=$SWIFT_SIGNING_KEY \
 COPY swift-all-keys.asc .
 RUN set -e; \
-    SWIFT_WEBDIR="$SWIFT_WEBROOT/$SWIFT_BRANCH/$(echo $SWIFT_PLATFORM | tr -d .)/" \
+    SWIFT_WEBDIR="$SWIFT_WEBROOT/$SWIFT_BRANCH/$(echo $SWIFT_PLATFORM | tr -d .)" \
     && SWIFT_BIN_URL="$SWIFT_WEBDIR/$SWIFT_VERSION/$SWIFT_VERSION-$SWIFT_PLATFORM.tar.gz" \
     && SWIFT_SIG_URL="$SWIFT_BIN_URL.sig" \
     # - Grab curl here so we cache better up above
@@ -240,7 +261,7 @@ RUN set -e; \
 # install license_finder
 COPY . /LicenseFinder
-RUN bash -lc "cd /LicenseFinder && bundle config set no-cache 'true' && bundle install -j4 && rake install"
+RUN bash -lc "cd /LicenseFinder && bundle config set no-cache 'true' && bundle install -j4 && bundle pristine && rake install"
 WORKDIR /

data/README.md CHANGED Viewed

@@ -3,12 +3,11 @@
 [![Code Climate](https://codeclimate.com/github/pivotal/LicenseFinder.png)](https://codeclimate.com/github/pivotal/LicenseFinder)
 Build status
-* Ruby 2.3.8 [![Ruby 2.3.8 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.3.8/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
 * Ruby 2.4.9 [![Ruby 2.4.9 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.4.9/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
 * Ruby 2.5.7 [![Ruby 2.5.7 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.5.7/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
-* Ruby 2.6.5 [![Ruby 2.6.5 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.6.5/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
-* Ruby 2.7.1 [![Ruby 2.7.1 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.7.1/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
-* JRuby 9.2.9.0 [![JRuby 9.2.9.0 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-jruby-9.2.9.0/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
+* Ruby 2.6.9 [![Ruby 2.6.9 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.6.9/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
+* Ruby 2.7.5 [![Ruby 2.7.5 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.7.5/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
+* Ruby 3.1.1 [![Ruby 3.1.1 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-3.1.1/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
 LicenseFinder works with your package managers to find dependencies,
@@ -55,10 +54,11 @@ and give you an actionable exception report.
 * Go Modules (via `go mod`)
 * PHP (via `composer`)
 * Python (via Conda [Conda 4.8.3, Python 3.7, Bash; requires an `environment.yml` or `environment.yaml`])
+* Flutter (via `flutter pub, requires pubspec.yaml & .pub cache locaton through ENV variable`)
 ## Installation
-License Finder requires Ruby 2.3.3 or greater to run. If you have an older
+License Finder requires Ruby 2.4.0 or greater to run. If you have an older
 version of Ruby installed, you can update via Homebrew:
 ```sh
@@ -174,7 +174,7 @@ languages, as long as that language has a package definition in the project dire
 * `build.gradle` (for `gradle`)
 * `settings.gradle` that specifies `rootProject.buildFileName` (for `gradle`)
 * `bower.json` (for `bower`)
-* `Podfile` (for `pod`)
+* `Podfile` (for `pod`) (set `ACKNOWLEDGEMENTS_PATH` variable if you want to target a particular `Pods-acknowledgements-<TARGET>.plist`. Can be useful in multi-target pods projects.)
 * `Cartfile` (for `carthage`)
 * `workspace-state.json` under build directory (provided as enviroment variable `SPM_DERIVED_DATA` for Xcode, or default `.build` for non-Xcode projects), (for `spm`)
 * `rebar.config` (for `rebar`)

data/Rakefile CHANGED Viewed

@@ -40,7 +40,7 @@ task :check_dependencies do
   LicenseFinder::Scanner::PACKAGE_MANAGERS.each do |package_manager|
     satisfied = false unless package_manager.new(project_path: Pathname.new('')).installed?(LicenseFinder::Logger.new(LicenseFinder::Logger::MODE_INFO))
   end
-  STDOUT.flush
+  $stdout.flush
   exit 1 unless satisfied
 end
@@ -54,7 +54,7 @@ task :update_pipeline, [:slack_url, :slack_channel] do |_, args|
     puts 'Warning: You should provide slack channel and url to receive slack notifications on build failures'
   end
-  ruby_versions = %w[2.7.1 2.6.5 2.5.7 2.4.9 2.3.8 jruby-9.2.14.0]
+  ruby_versions = %w[3.1.1 2.7.5 2.6.9 2.5.7 2.4.9]
   params = []
   params << "ruby_versions=#{ruby_versions.join(',')}"

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 6.14.1
1	+ 7.0.0

data/bin/license_finder_pip.py CHANGED Viewed

@@ -1,5 +1,4 @@
 #!/usr/bin/env python
 import json
 import sys
@@ -21,12 +20,16 @@ except ImportError:
 from pip._vendor import pkg_resources
 from pip._vendor.six import print_
 reqs = []
 for req in parse_requirements(sys.argv[1], session=PipSession()):
-    if req.req == None or (req.markers != None and not req.markers.evaluate()): continue
-    reqs.append(req)
-requirements = [pkg_resources.Requirement.parse(str(req.req)) for req in reqs]
+    try:
+        if req.req is not None and (req.markers is None or req.markers.evaluate()):
+            reqs.append(pkg_resources.Requirement.parse(str(req.req)))
+    except AttributeError:
+        # Since pip 20.1 (pip now takes care of markers at the resolve step)
+        if req.requirement is not None:
+            reqs.append(pkg_resources.Requirement.parse(str(req.requirement)))
 transform = lambda dist: {
         'name': dist.project_name,
@@ -35,7 +38,6 @@ transform = lambda dist: {
         'dependencies': list(map(lambda dependency: dependency.project_name, dist.requires())),
         }
-packages = [transform(dist) for dist
-            in pkg_resources.working_set.resolve(requirements)]
+packages = [transform(dist) for dist in pkg_resources.working_set.resolve(reqs)]
 print_(json.dumps(packages))

data/ci/pipelines/release.yml.erb CHANGED Viewed

@@ -156,7 +156,7 @@ jobs:
   plan:
   - get: lf-git
     tags: ["private-worker"]
-    passed: [<%= "#{ruby_versions.map{ |version| "ruby-#{version}" unless version == "jruby-9.2.14.0" }.compact.join(', ') }, rubocop" %>]
+    passed: [<%= "#{ruby_versions.map{ |version| "ruby-#{version}" unless version == "jruby-9.3.1.0" }.compact.join(', ') }, rubocop" %>]
   - get: semver-version
     tags: ["private-worker"]
     trigger: true

data/ci/scripts/pushscript.sh CHANGED Viewed

@@ -1,7 +1,6 @@
 #!/bin/bash
-echo -e "---\n:rubygems_api_key: $GEM_API_KEY" > ~/.gem/credentials
-chmod 0600 ~/.gem/credentials
+echo -e "---\n:rubygems_api_key: $GEM_API_KEY" > ~/.local/share/gem/credentials
+chmod 0600 ~/.local/share/gem/credentials
 build_version="$(cat semver-version/version)"
 cd lf-git

data/ci/scripts/run-tests.sh CHANGED Viewed

@@ -16,9 +16,10 @@ pushd "$PROJECT_ROOT"
   gem update --system
   gem install bundler
   bundle install
+  bundle pristine
-  bundle exec rake install
-  bundle exec rake spec
+  rake install
+  rake spec
-  bundle exec rake features
+  rake features
 popd

data/ci/tasks/rubocop.yml CHANGED Viewed

@@ -4,7 +4,7 @@ image_resource:
   type: registry-image
   source:
     repository: ruby
-    tag: 2.7.1
+    tag: 3.1.1
     username: ((LicenseFinderDocker.username))
     password: ((LicenseFinderDocker.password))

data/dlf CHANGED Viewed

@@ -1,10 +1,14 @@
 #!/bin/bash
 if `which docker > /dev/null`; then
-	if [ $# -eq 0 ]; then
-  		docker run -v $PWD:/scan -it licensefinder/license_finder
-	else
-  		docker run -v $PWD:/scan -it licensefinder/license_finder /bin/bash -lc "cd /scan && `echo $@`"
-	fi
+  if [ $# -eq 0 ]; then
+    docker run -v $PWD:/scan -it licensefinder/license_finder
+  else
+    escaped_params=""
+    for p in "$@"; do
+      escaped_params="$escaped_params \"$p\""
+    done
+    docker run -v $PWD:/scan -it licensefinder/license_finder /bin/bash -lc "cd /scan && $escaped_params"
+  fi
 else
   echo "You do not have docker installed. Please install it:"
   echo "    https://docs.docker.com/engine/installation/"

data/lib/license_finder/cli/approvals.rb CHANGED Viewed

@@ -13,7 +13,7 @@ module LicenseFinder
         assert_some names
         modifying { names.each { |name| decisions.approve(name, txn) } }
-        say "The #{names.join(', ')} dependency has been approved!", :green
+        printer.say "The #{names.join(', ')} dependency has been approved!", :green
       end
       auditable
@@ -21,7 +21,7 @@ module LicenseFinder
       def remove(dep)
         modifying { decisions.unapprove(dep, txn) }
-        say "The dependency #{dep} no longer has a manual approval"
+        printer.say "The dependency #{dep} no longer has a manual approval"
       end
     end
   end

data/lib/license_finder/cli/base.rb CHANGED Viewed

@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 require 'thor'
 module LicenseFinder
   module CLI
     class Base < Thor
@@ -24,12 +23,16 @@ module LicenseFinder
         def config
           @config ||= Configuration.with_optional_saved_config(license_finder_config)
         end
+        def printer
+          @printer || Printer.new
+        end
       end
       private
       def fail(message)
-        say(message) && exit(1)
+        printer.say(message) && exit(1)
       end
       def license_finder_config
@@ -61,7 +64,8 @@ module LicenseFinder
           :recursive,
           :sbt_include_groups,
           :conda_bash_setup_script,
-          :composer_check_require_only
+          :composer_check_require_only,
+          :use_spdx_id
         ).merge(
           logger: logger_mode
         )
@@ -84,10 +88,10 @@ module LicenseFinder
       def say_each(coll)
         if coll.any?
           coll.each do |item|
-            say(block_given? ? yield(item) : item)
+            printer.say(block_given? ? yield(item) : item)
           end
         else
-          say '(none)'
+          printer.say '(none)'
         end
       end

data/lib/license_finder/cli/dependencies.rb CHANGED Viewed

@@ -20,9 +20,9 @@ module LicenseFinder
           decisions.approve(name, txn) if options[:approve]
         end
         if options[:approve]
-          say "The #{name} dependency has been added and approved!", :green
+          printer.say "The #{name} dependency has been added and approved!", :green
         else
-          say "The #{name} dependency has been added!", :green
+          printer.say "The #{name} dependency has been added!", :green
         end
       end
@@ -31,12 +31,12 @@ module LicenseFinder
       def remove(name)
         modifying { decisions.remove_package(name, txn) }
-        say "The #{name} dependency has been removed.", :green
+        printer.say "The #{name} dependency has been removed.", :green
       end
       desc 'list', 'List manually added dependencies'
       def list
-        say 'Manually Added Dependencies:', :blue
+        printer.say 'Manually Added Dependencies:', :blue
         say_each(decisions.packages, &:name)
       end
     end

data/lib/license_finder/cli/ignored_dependencies.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module LicenseFinder
       desc 'list', 'List all the ignored dependencies'
       def list
-        say 'Ignored Dependencies:', :blue
+        printer.say 'Ignored Dependencies:', :blue
         say_each(decisions.ignored)
       end
@@ -17,7 +17,7 @@ module LicenseFinder
       def add(dep)
         modifying { decisions.ignore(dep, txn) }
-        say "Added #{dep} to the ignored dependencies"
+        printer.say "Added #{dep} to the ignored dependencies"
       end
       auditable
@@ -25,7 +25,7 @@ module LicenseFinder
       def remove(dep)
         modifying { decisions.heed(dep, txn) }
-        say "Removed #{dep} from the ignored dependencies"
+        printer.say "Removed #{dep} from the ignored dependencies"
       end
     end
   end

data/lib/license_finder/cli/ignored_groups.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module LicenseFinder
       desc 'list', 'List all the ignored groups'
       def list
-        say 'Ignored Groups:', :blue
+        printer.say 'Ignored Groups:', :blue
         say_each(decisions.ignored_groups)
       end
@@ -17,7 +17,7 @@ module LicenseFinder
       def add(group)
         modifying { decisions.ignore_group(group, txn) }
-        say "Added #{group} to the ignored groups"
+        printer.say "Added #{group} to the ignored groups"
       end
       auditable
@@ -25,7 +25,7 @@ module LicenseFinder
       def remove(group)
         modifying { decisions.heed_group(group, txn) }
-        say "Removed #{group} from the ignored groups"
+        printer.say "Removed #{group} from the ignored groups"
       end
     end
   end

data/lib/license_finder/cli/inherited_decisions.rb CHANGED Viewed

@@ -8,7 +8,7 @@ module LicenseFinder
       desc 'list', 'List all the inherited decision files'
       def list
-        say 'Inherited Decision Files:', :blue
+        printer.say 'Inherited Decision Files:', :blue
         say_each(decisions.inherited_decisions)
       end
@@ -17,7 +17,7 @@ module LicenseFinder
       def add(*decision_files)
         assert_some decision_files
         modifying { decision_files.each { |filepath| decisions.inherit_from(filepath) } }
-        say "Added #{decision_files.join(', ')} to the inherited decisions"
+        printer.say "Added #{decision_files.join(', ')} to the inherited decisions"
       end
       auditable
@@ -26,7 +26,7 @@ module LicenseFinder
         url, auth_type, token_or_env = params
         auth_info = { 'url' => url, 'authorization' => "#{auth_type} #{token_or_env}" }
         modifying { decisions.add_decision [:inherit_from, auth_info] }
-        say "Added #{url} to the inherited decisions"
+        printer.say "Added #{url} to the inherited decisions"
       end
       auditable
@@ -34,7 +34,7 @@ module LicenseFinder
       def remove(*decision_files)
         assert_some decision_files
         modifying { decision_files.each { |filepath| decisions.remove_inheritance(filepath) } }
-        say "Removed #{decision_files.join(', ')} from the inherited decisions"
+        printer.say "Removed #{decision_files.join(', ')} from the inherited decisions"
       end
       auditable
@@ -43,7 +43,7 @@ module LicenseFinder
         url, auth_type, token_or_env = params
         auth_info = { 'url' => url, 'authorization' => "#{auth_type} #{token_or_env}" }
         modifying { decisions.remove_inheritance(auth_info) }
-        say "Removed #{url} from the inherited decisions"
+        printer.say "Removed #{url} from the inherited decisions"
       end
     end
   end

data/lib/license_finder/cli/licenses.rb CHANGED Viewed

@@ -11,7 +11,7 @@ module LicenseFinder
       def add(name, license)
         modifying { decisions.license(name, license, txn) }
-        say "The #{name} dependency has been marked as using #{license} license!", :green
+        printer.say "The #{name} dependency has been marked as using #{license} license!", :green
       end
       auditable
@@ -19,7 +19,7 @@ module LicenseFinder
       def remove(dep, lic)
         modifying { decisions.unlicense(dep, lic, txn) }
-        say "The dependency #{dep} no longer has a manual license"
+        printer.say "The dependency #{dep} no longer has a manual license"
       end
     end
   end

data/lib/license_finder/cli/main.rb CHANGED Viewed

@@ -7,6 +7,7 @@ require 'license_finder/package_delta'
 require 'license_finder/license_aggregator'
 require 'license_finder/project_finder'
 require 'license_finder/logger'
+require 'license_finder/printer'
 module LicenseFinder
   module CLI
@@ -90,6 +91,11 @@ module LicenseFinder
         method_option :columns,
                       desc: "For text or CSV reports, which columns to print. Pick from: #{CsvReport::AVAILABLE_COLUMNS}",
                       type: :array
+        method_option :use_spdx_id,
+                      type: :boolean,
+                      desc: 'For reports, use the SPDX identifier instead of license name (useful to match license with other standard tools)',
+                      default: false
       end
       desc 'project_roots', 'List project directories to be scanned'
@@ -102,7 +108,7 @@ module LicenseFinder
         filtered_project_roots << project_path if aggregate_paths.include?(project_path) && !filtered_project_roots.include?(project_path)
-        say(filtered_project_roots)
+        printer.say(filtered_project_roots)
       end
       desc 'action_items', 'List unapproved dependencies (the default action for `license_finder`)'
@@ -115,25 +121,25 @@ module LicenseFinder
         restricted = finder.restricted
         # Ensure to start output on a new line even with dot progress indicators.
-        say "\n"
+        printer.say "\n"
         unless any_packages
-          say 'No dependencies recognized!', :red
+          printer.say 'No dependencies recognized!', :red
           exit 0
         end
         if unapproved.empty?
-          say 'All dependencies are approved for use', :green
+          printer.say 'All dependencies are approved for use', :green
         else
           unless restricted.empty?
-            say 'Restricted dependencies:', :red
-            say report_of(restricted)
+            printer.say 'Restricted dependencies:', :red
+            printer.say report_of(restricted)
           end
           other_unapproved = unapproved - restricted
           unless other_unapproved.empty?
-            say 'Dependencies that need approval:', :yellow
-            say report_of(other_unapproved)
+            printer.say 'Dependencies that need approval:', :yellow
+            printer.say report_of(other_unapproved)
           end
           exit 1
@@ -151,7 +157,7 @@ module LicenseFinder
       def report
         finder = LicenseAggregator.new(config, aggregate_paths)
         report = report_of(finder.dependencies)
-        save? ? save_report(report, config.save_file) : say(report)
+        save? ? save_report(report, config.save_file) : printer.say(report)
       end
       desc 'version', 'Print the version of LicenseFinder'
@@ -166,7 +172,7 @@ module LicenseFinder
         f1 = IO.read(file1)
         f2 = IO.read(file2)
         report = DiffReport.new(Diff.compare(f1, f2))
-        save? ? save_report(report, config.save_file) : say(report)
+        save? ? save_report(report, config.save_file) : printer.say(report)
       end
       subcommand 'dependencies', Dependencies, 'Add or remove dependencies that your package managers are not aware of'
@@ -210,7 +216,7 @@ module LicenseFinder
       def report_of(content)
         report = FORMATS[config.format] || FORMATS['text']
         report = MergedReport if report == CsvReport && config.aggregate_paths
-        report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s, write_headers: config.write_headers)
+        report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s, write_headers: config.write_headers, use_spdx_id: config.use_spdx_id)
       end
       def save?