license_finder 6.14.2 → 7.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +9 -0
- data/.rubocop.yml +12 -2
- data/CHANGELOG.md +35 -4
- data/Dockerfile +26 -5
- data/README.md +30 -27
- data/Rakefile +2 -2
- data/VERSION +1 -1
- data/ci/pipelines/release.yml.erb +1 -1
- data/ci/scripts/pushscript.sh +2 -3
- data/ci/scripts/run-tests.sh +4 -3
- data/ci/tasks/rubocop.yml +1 -1
- data/dlf +9 -5
- data/lib/license_finder/cli/approvals.rb +2 -2
- data/lib/license_finder/cli/base.rb +9 -5
- data/lib/license_finder/cli/dependencies.rb +4 -4
- data/lib/license_finder/cli/ignored_dependencies.rb +3 -3
- data/lib/license_finder/cli/ignored_groups.rb +3 -3
- data/lib/license_finder/cli/inherited_decisions.rb +5 -5
- data/lib/license_finder/cli/licenses.rb +2 -2
- data/lib/license_finder/cli/main.rb +17 -11
- data/lib/license_finder/cli/permitted_licenses.rb +3 -3
- data/lib/license_finder/cli/project_name.rb +4 -4
- data/lib/license_finder/cli/restricted_licenses.rb +3 -3
- data/lib/license_finder/configuration.rb +6 -3
- data/lib/license_finder/core.rb +2 -1
- data/lib/license_finder/decisions.rb +9 -5
- data/lib/license_finder/license/definitions.rb +22 -0
- data/lib/license_finder/license/text.rb +5 -3
- data/lib/license_finder/license.rb +8 -2
- data/lib/license_finder/logger.rb +1 -1
- data/lib/license_finder/package.rb +3 -11
- data/lib/license_finder/package_delta.rb +1 -1
- data/lib/license_finder/package_manager.rb +1 -0
- data/lib/license_finder/package_managers/cocoa_pods.rb +14 -9
- data/lib/license_finder/package_managers/conan.rb +2 -2
- data/lib/license_finder/package_managers/conda.rb +1 -1
- data/lib/license_finder/package_managers/glide.rb +7 -1
- data/lib/license_finder/package_managers/go_15vendorexperiment.rb +2 -2
- data/lib/license_finder/package_managers/go_dep.rb +1 -1
- data/lib/license_finder/package_managers/go_workspace.rb +1 -1
- data/lib/license_finder/package_managers/maven.rb +2 -6
- data/lib/license_finder/package_managers/nuget.rb +1 -1
- data/lib/license_finder/package_managers/pub.rb +86 -0
- data/lib/license_finder/package_managers/sbt.rb +1 -5
- data/lib/license_finder/package_managers/yarn.rb +48 -9
- data/lib/license_finder/package_utils/license_files.rb +2 -2
- data/lib/license_finder/packages/bower_package.rb +5 -2
- data/lib/license_finder/packages/erlangmk_package.rb +2 -4
- data/lib/license_finder/packages/npm_package.rb +1 -0
- data/lib/license_finder/packages/pubspec_package.rb +18 -0
- data/lib/license_finder/printer.rb +39 -0
- data/lib/license_finder/report.rb +2 -1
- data/lib/license_finder/reports/csv_report.rb +1 -1
- data/lib/license_finder/reports/erb_report.rb +7 -3
- data/lib/license_finder/reports/json_report.rb +2 -1
- data/lib/license_finder/reports/junit_report.rb +5 -1
- data/lib/license_finder/reports/xml_report.rb +5 -1
- data/lib/license_finder/scanner.rb +1 -1
- data/license_finder.gemspec +15 -13
- metadata +58 -26
|
@@ -7,6 +7,7 @@ require 'license_finder/package_delta'
|
|
|
7
7
|
require 'license_finder/license_aggregator'
|
|
8
8
|
require 'license_finder/project_finder'
|
|
9
9
|
require 'license_finder/logger'
|
|
10
|
+
require 'license_finder/printer'
|
|
10
11
|
|
|
11
12
|
module LicenseFinder
|
|
12
13
|
module CLI
|
|
@@ -90,6 +91,11 @@ module LicenseFinder
|
|
|
90
91
|
method_option :columns,
|
|
91
92
|
desc: "For text or CSV reports, which columns to print. Pick from: #{CsvReport::AVAILABLE_COLUMNS}",
|
|
92
93
|
type: :array
|
|
94
|
+
|
|
95
|
+
method_option :use_spdx_id,
|
|
96
|
+
type: :boolean,
|
|
97
|
+
desc: 'For reports, use the SPDX identifier instead of license name (useful to match license with other standard tools)',
|
|
98
|
+
default: false
|
|
93
99
|
end
|
|
94
100
|
|
|
95
101
|
desc 'project_roots', 'List project directories to be scanned'
|
|
@@ -102,7 +108,7 @@ module LicenseFinder
|
|
|
102
108
|
|
|
103
109
|
filtered_project_roots << project_path if aggregate_paths.include?(project_path) && !filtered_project_roots.include?(project_path)
|
|
104
110
|
|
|
105
|
-
say(filtered_project_roots)
|
|
111
|
+
printer.say(filtered_project_roots)
|
|
106
112
|
end
|
|
107
113
|
|
|
108
114
|
desc 'action_items', 'List unapproved dependencies (the default action for `license_finder`)'
|
|
@@ -115,25 +121,25 @@ module LicenseFinder
|
|
|
115
121
|
restricted = finder.restricted
|
|
116
122
|
|
|
117
123
|
# Ensure to start output on a new line even with dot progress indicators.
|
|
118
|
-
say "\n"
|
|
124
|
+
printer.say "\n"
|
|
119
125
|
|
|
120
126
|
unless any_packages
|
|
121
|
-
say 'No dependencies recognized!', :red
|
|
127
|
+
printer.say 'No dependencies recognized!', :red
|
|
122
128
|
exit 0
|
|
123
129
|
end
|
|
124
130
|
|
|
125
131
|
if unapproved.empty?
|
|
126
|
-
say 'All dependencies are approved for use', :green
|
|
132
|
+
printer.say 'All dependencies are approved for use', :green
|
|
127
133
|
else
|
|
128
134
|
unless restricted.empty?
|
|
129
|
-
say 'Restricted dependencies:', :red
|
|
130
|
-
say report_of(restricted)
|
|
135
|
+
printer.say 'Restricted dependencies:', :red
|
|
136
|
+
printer.say report_of(restricted)
|
|
131
137
|
end
|
|
132
138
|
|
|
133
139
|
other_unapproved = unapproved - restricted
|
|
134
140
|
unless other_unapproved.empty?
|
|
135
|
-
say 'Dependencies that need approval:', :yellow
|
|
136
|
-
say report_of(other_unapproved)
|
|
141
|
+
printer.say 'Dependencies that need approval:', :yellow
|
|
142
|
+
printer.say report_of(other_unapproved)
|
|
137
143
|
end
|
|
138
144
|
|
|
139
145
|
exit 1
|
|
@@ -151,7 +157,7 @@ module LicenseFinder
|
|
|
151
157
|
def report
|
|
152
158
|
finder = LicenseAggregator.new(config, aggregate_paths)
|
|
153
159
|
report = report_of(finder.dependencies)
|
|
154
|
-
save? ? save_report(report, config.save_file) : say(report)
|
|
160
|
+
save? ? save_report(report, config.save_file) : printer.say(report)
|
|
155
161
|
end
|
|
156
162
|
|
|
157
163
|
desc 'version', 'Print the version of LicenseFinder'
|
|
@@ -166,7 +172,7 @@ module LicenseFinder
|
|
|
166
172
|
f1 = IO.read(file1)
|
|
167
173
|
f2 = IO.read(file2)
|
|
168
174
|
report = DiffReport.new(Diff.compare(f1, f2))
|
|
169
|
-
save? ? save_report(report, config.save_file) : say(report)
|
|
175
|
+
save? ? save_report(report, config.save_file) : printer.say(report)
|
|
170
176
|
end
|
|
171
177
|
|
|
172
178
|
subcommand 'dependencies', Dependencies, 'Add or remove dependencies that your package managers are not aware of'
|
|
@@ -210,7 +216,7 @@ module LicenseFinder
|
|
|
210
216
|
def report_of(content)
|
|
211
217
|
report = FORMATS[config.format] || FORMATS['text']
|
|
212
218
|
report = MergedReport if report == CsvReport && config.aggregate_paths
|
|
213
|
-
report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s, write_headers: config.write_headers)
|
|
219
|
+
report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s, write_headers: config.write_headers, use_spdx_id: config.use_spdx_id)
|
|
214
220
|
end
|
|
215
221
|
|
|
216
222
|
def save?
|
|
@@ -8,7 +8,7 @@ module LicenseFinder
|
|
|
8
8
|
|
|
9
9
|
desc 'list', 'List all the permitted licenses'
|
|
10
10
|
def list
|
|
11
|
-
say 'Permitted Licenses:', :blue
|
|
11
|
+
printer.say 'Permitted Licenses:', :blue
|
|
12
12
|
say_each(decisions.permitted, &:name)
|
|
13
13
|
end
|
|
14
14
|
|
|
@@ -17,7 +17,7 @@ module LicenseFinder
|
|
|
17
17
|
def add(*licenses)
|
|
18
18
|
assert_some licenses
|
|
19
19
|
modifying { licenses.each { |l| decisions.permit(l, txn) } }
|
|
20
|
-
say "Added #{licenses.join(', ')} to the permitted licenses"
|
|
20
|
+
printer.say "Added #{licenses.join(', ')} to the permitted licenses"
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
auditable
|
|
@@ -25,7 +25,7 @@ module LicenseFinder
|
|
|
25
25
|
def remove(*licenses)
|
|
26
26
|
assert_some licenses
|
|
27
27
|
modifying { licenses.each { |l| decisions.unpermit(l, txn) } }
|
|
28
|
-
say "Removed #{licenses.join(', ')} from the license permitted licenses"
|
|
28
|
+
printer.say "Removed #{licenses.join(', ')} from the license permitted licenses"
|
|
29
29
|
end
|
|
30
30
|
end
|
|
31
31
|
end
|
|
@@ -8,8 +8,8 @@ module LicenseFinder
|
|
|
8
8
|
|
|
9
9
|
desc 'show', 'Show the project name'
|
|
10
10
|
def show
|
|
11
|
-
say 'Project Name:', :blue
|
|
12
|
-
say decisions.project_name
|
|
11
|
+
printer.say 'Project Name:', :blue
|
|
12
|
+
printer.say decisions.project_name
|
|
13
13
|
end
|
|
14
14
|
|
|
15
15
|
auditable
|
|
@@ -17,7 +17,7 @@ module LicenseFinder
|
|
|
17
17
|
def add(name)
|
|
18
18
|
modifying { decisions.name_project(name, txn) }
|
|
19
19
|
|
|
20
|
-
say "Set the project name to #{name}", :green
|
|
20
|
+
printer.say "Set the project name to #{name}", :green
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
auditable
|
|
@@ -25,7 +25,7 @@ module LicenseFinder
|
|
|
25
25
|
def remove
|
|
26
26
|
modifying { decisions.unname_project(txn) }
|
|
27
27
|
|
|
28
|
-
say 'Removed the project name'
|
|
28
|
+
printer.say 'Removed the project name'
|
|
29
29
|
end
|
|
30
30
|
end
|
|
31
31
|
end
|
|
@@ -8,7 +8,7 @@ module LicenseFinder
|
|
|
8
8
|
|
|
9
9
|
desc 'list', 'List all the restricted licenses'
|
|
10
10
|
def list
|
|
11
|
-
say 'Restricted Licenses:', :blue
|
|
11
|
+
printer.say 'Restricted Licenses:', :blue
|
|
12
12
|
say_each(decisions.restricted, &:name)
|
|
13
13
|
end
|
|
14
14
|
|
|
@@ -17,7 +17,7 @@ module LicenseFinder
|
|
|
17
17
|
def add(*licenses)
|
|
18
18
|
assert_some licenses
|
|
19
19
|
modifying { licenses.each { |l| decisions.restrict(l, txn) } }
|
|
20
|
-
say "Added #{licenses.join(', ')} to the restricted licenses"
|
|
20
|
+
printer.say "Added #{licenses.join(', ')} to the restricted licenses"
|
|
21
21
|
end
|
|
22
22
|
|
|
23
23
|
auditable
|
|
@@ -25,7 +25,7 @@ module LicenseFinder
|
|
|
25
25
|
def remove(*licenses)
|
|
26
26
|
assert_some licenses
|
|
27
27
|
modifying { licenses.each { |l| decisions.unrestrict(l, txn) } }
|
|
28
|
-
say "Removed #{licenses.join(', ')} from the restricted licenses"
|
|
28
|
+
printer.say "Removed #{licenses.join(', ')} from the restricted licenses"
|
|
29
29
|
end
|
|
30
30
|
end
|
|
31
31
|
end
|
|
@@ -145,6 +145,10 @@ module LicenseFinder
|
|
|
145
145
|
get(:columns)
|
|
146
146
|
end
|
|
147
147
|
|
|
148
|
+
def use_spdx_id
|
|
149
|
+
get(:use_spdx_id)
|
|
150
|
+
end
|
|
151
|
+
|
|
148
152
|
def sbt_include_groups
|
|
149
153
|
get(:sbt_include_groups)
|
|
150
154
|
end
|
|
@@ -153,13 +157,12 @@ module LicenseFinder
|
|
|
153
157
|
get(:composer_check_require_only)
|
|
154
158
|
end
|
|
155
159
|
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
attr_reader :strict_matching
|
|
160
|
+
attr_accessor :strict_matching
|
|
159
161
|
|
|
160
162
|
protected
|
|
161
163
|
|
|
162
164
|
attr_accessor :primary_config
|
|
165
|
+
|
|
163
166
|
def dup_with(other_hash)
|
|
164
167
|
dup.tap do |dup|
|
|
165
168
|
dup.primary_config.merge!(other_hash)
|
data/lib/license_finder/core.rb
CHANGED
|
@@ -31,6 +31,7 @@ module LicenseFinder
|
|
|
31
31
|
# rebar_deps_dir: "deps",
|
|
32
32
|
# }
|
|
33
33
|
def initialize(configuration)
|
|
34
|
+
@printer = Printer.new
|
|
34
35
|
@logger = Logger.new(configuration.logger_mode)
|
|
35
36
|
@config = configuration
|
|
36
37
|
@scanner = Scanner.new(options)
|
|
@@ -68,7 +69,7 @@ module LicenseFinder
|
|
|
68
69
|
|
|
69
70
|
private
|
|
70
71
|
|
|
71
|
-
attr_reader :logger
|
|
72
|
+
attr_reader :logger, :printer
|
|
72
73
|
|
|
73
74
|
# The core of the system. The saved decisions are applied to the current
|
|
74
75
|
# packages.
|
|
@@ -194,9 +194,10 @@ module LicenseFinder
|
|
|
194
194
|
|
|
195
195
|
def inherit_from(filepath_info)
|
|
196
196
|
decisions =
|
|
197
|
-
|
|
197
|
+
case filepath_info
|
|
198
|
+
when Hash
|
|
198
199
|
resolve_inheritance(filepath_info)
|
|
199
|
-
|
|
200
|
+
when %r{^https?://}
|
|
200
201
|
open_uri(filepath_info).read
|
|
201
202
|
else
|
|
202
203
|
Pathname(filepath_info).read
|
|
@@ -247,9 +248,7 @@ module LicenseFinder
|
|
|
247
248
|
|
|
248
249
|
# ruby < 2.5.0 URI.open is private
|
|
249
250
|
if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.5.0')
|
|
250
|
-
# rubocop:disable Security/Open
|
|
251
251
|
open(uri, header)
|
|
252
|
-
# rubocop:enable Security/Open
|
|
253
252
|
else
|
|
254
253
|
URI.open(uri, header)
|
|
255
254
|
end
|
|
@@ -280,7 +279,12 @@ module LicenseFinder
|
|
|
280
279
|
def self.restore(persisted, result = new)
|
|
281
280
|
return result unless persisted
|
|
282
281
|
|
|
283
|
-
|
|
282
|
+
# From https://makandracards.com/makandra/465149-ruby-the-yaml-safe_load-method-hides-some-pitfalls
|
|
283
|
+
actions = if Gem::Version.new(Psych::VERSION) >= Gem::Version.new('3.1.0.pre1')
|
|
284
|
+
YAML.safe_load(persisted, permitted_classes: [Symbol, Time], aliases: true)
|
|
285
|
+
else
|
|
286
|
+
YAML.safe_load(persisted, [Symbol, Time], [], true)
|
|
287
|
+
end
|
|
284
288
|
|
|
285
289
|
list_of_actions = (actions || []).map(&:first)
|
|
286
290
|
|
|
@@ -46,6 +46,7 @@ module LicenseFinder
|
|
|
46
46
|
License.new(
|
|
47
47
|
short_name: 'Apache1_1',
|
|
48
48
|
pretty_name: 'Apache 1.1',
|
|
49
|
+
spdx_id: 'Apache-1.1',
|
|
49
50
|
other_names: [
|
|
50
51
|
'Apache-1.1',
|
|
51
52
|
'The Apache Software License, Version 1.1'
|
|
@@ -58,6 +59,7 @@ module LicenseFinder
|
|
|
58
59
|
License.new(
|
|
59
60
|
short_name: 'Apache2',
|
|
60
61
|
pretty_name: 'Apache 2.0',
|
|
62
|
+
spdx_id: 'Apache-2.0',
|
|
61
63
|
other_names: [
|
|
62
64
|
'Apache-2.0',
|
|
63
65
|
'Apache Software License',
|
|
@@ -79,6 +81,7 @@ module LicenseFinder
|
|
|
79
81
|
def bsd
|
|
80
82
|
License.new(
|
|
81
83
|
short_name: 'BSD',
|
|
84
|
+
spdx_id: 'BSD-4-Clause',
|
|
82
85
|
other_names: ['BSD4', 'bsd-old', '4-clause BSD', 'BSD-4-Clause', 'BSD 4-Clause', 'BSD License'],
|
|
83
86
|
url: 'http://en.wikipedia.org/wiki/BSD_licenses#4-clause_license_.28original_.22BSD_License.22.29'
|
|
84
87
|
)
|
|
@@ -87,6 +90,7 @@ module LicenseFinder
|
|
|
87
90
|
def cc01
|
|
88
91
|
License.new(
|
|
89
92
|
short_name: 'CC01',
|
|
93
|
+
spdx_id: 'CC0-1.0',
|
|
90
94
|
pretty_name: 'CC0 1.0 Universal',
|
|
91
95
|
other_names: ['CC0 1.0'],
|
|
92
96
|
url: 'http://creativecommons.org/publicdomain/zero/1.0'
|
|
@@ -96,6 +100,7 @@ module LicenseFinder
|
|
|
96
100
|
def cddl1
|
|
97
101
|
License.new(
|
|
98
102
|
short_name: 'CDDL1',
|
|
103
|
+
spdx_id: 'CDDL-1.0',
|
|
99
104
|
pretty_name: 'Common Development and Distribution License 1.0',
|
|
100
105
|
other_names: [
|
|
101
106
|
'CDDL-1.0',
|
|
@@ -109,6 +114,7 @@ module LicenseFinder
|
|
|
109
114
|
def eclipse1
|
|
110
115
|
License.new(
|
|
111
116
|
short_name: 'EPL1',
|
|
117
|
+
spdx_id: 'EPL-1.0',
|
|
112
118
|
pretty_name: 'Eclipse Public License 1.0',
|
|
113
119
|
other_names: [
|
|
114
120
|
'EPL-1.0',
|
|
@@ -122,6 +128,7 @@ module LicenseFinder
|
|
|
122
128
|
def gplv2
|
|
123
129
|
License.new(
|
|
124
130
|
short_name: 'GPLv2',
|
|
131
|
+
spdx_id: 'GPL-2.0-only',
|
|
125
132
|
other_names: ['GPL V2', 'gpl-v2', 'GNU GENERAL PUBLIC LICENSE Version 2'],
|
|
126
133
|
url: 'http://www.gnu.org/licenses/gpl-2.0.txt'
|
|
127
134
|
)
|
|
@@ -130,6 +137,7 @@ module LicenseFinder
|
|
|
130
137
|
def gplv3
|
|
131
138
|
License.new(
|
|
132
139
|
short_name: 'GPLv3',
|
|
140
|
+
spdx_id: 'GPL-3.0-only',
|
|
133
141
|
other_names: ['GPL V3', 'gpl-v3', 'GNU GENERAL PUBLIC LICENSE Version 3'],
|
|
134
142
|
url: 'http://www.gnu.org/licenses/gpl-3.0.txt'
|
|
135
143
|
)
|
|
@@ -138,6 +146,7 @@ module LicenseFinder
|
|
|
138
146
|
def isc
|
|
139
147
|
License.new(
|
|
140
148
|
short_name: 'ISC',
|
|
149
|
+
spdx_id: 'ISC',
|
|
141
150
|
url: 'http://en.wikipedia.org/wiki/ISC_license'
|
|
142
151
|
)
|
|
143
152
|
end
|
|
@@ -145,6 +154,7 @@ module LicenseFinder
|
|
|
145
154
|
def lgpl
|
|
146
155
|
License.new(
|
|
147
156
|
short_name: 'LGPL',
|
|
157
|
+
spdx_id: 'LGPL-3.0-only',
|
|
148
158
|
other_names: ['LGPL-3', 'LGPLv3', 'LGPL-3.0'],
|
|
149
159
|
url: 'http://www.gnu.org/licenses/lgpl.txt'
|
|
150
160
|
)
|
|
@@ -153,6 +163,7 @@ module LicenseFinder
|
|
|
153
163
|
def lgpl2_1
|
|
154
164
|
License.new(
|
|
155
165
|
short_name: 'LGPL2_1',
|
|
166
|
+
spdx_id: 'LGPL-2.1-only',
|
|
156
167
|
pretty_name: 'GNU Lesser General Public License version 2.1',
|
|
157
168
|
other_names: [
|
|
158
169
|
'LGPL-2.1-only',
|
|
@@ -178,6 +189,7 @@ module LicenseFinder
|
|
|
178
189
|
|
|
179
190
|
License.new(
|
|
180
191
|
short_name: 'MIT',
|
|
192
|
+
spdx_id: 'MIT',
|
|
181
193
|
other_names: ['Expat', 'MIT license', 'MIT License', 'The MIT License (MIT)'],
|
|
182
194
|
url: 'http://opensource.org/licenses/mit-license',
|
|
183
195
|
matcher: matcher
|
|
@@ -197,6 +209,7 @@ module LicenseFinder
|
|
|
197
209
|
|
|
198
210
|
License.new(
|
|
199
211
|
short_name: 'MPL1_1',
|
|
212
|
+
spdx_id: 'MPL-1.1',
|
|
200
213
|
pretty_name: 'Mozilla Public License 1.1',
|
|
201
214
|
other_names: [
|
|
202
215
|
'MPL-1.1',
|
|
@@ -218,6 +231,7 @@ module LicenseFinder
|
|
|
218
231
|
|
|
219
232
|
License.new(
|
|
220
233
|
short_name: 'MPL2',
|
|
234
|
+
spdx_id: 'MPL-2.0',
|
|
221
235
|
pretty_name: 'Mozilla Public License 2.0',
|
|
222
236
|
other_names: [
|
|
223
237
|
'MPL-2.0',
|
|
@@ -243,6 +257,7 @@ module LicenseFinder
|
|
|
243
257
|
|
|
244
258
|
License.new(
|
|
245
259
|
short_name: 'NewBSD',
|
|
260
|
+
spdx_id: 'BSD-3-Clause',
|
|
246
261
|
pretty_name: 'New BSD',
|
|
247
262
|
other_names: [
|
|
248
263
|
'Modified BSD',
|
|
@@ -266,6 +281,7 @@ module LicenseFinder
|
|
|
266
281
|
def ofl
|
|
267
282
|
License.new(
|
|
268
283
|
short_name: 'OFL',
|
|
284
|
+
spdx_id: 'OFL-1.1',
|
|
269
285
|
pretty_name: 'SIL OPEN FONT LICENSE Version 1.1',
|
|
270
286
|
other_names: [
|
|
271
287
|
'OPEN FONT LICENSE Version 1.1'
|
|
@@ -277,6 +293,7 @@ module LicenseFinder
|
|
|
277
293
|
def python
|
|
278
294
|
License.new(
|
|
279
295
|
short_name: 'Python',
|
|
296
|
+
spdx_id: 'PSF-2.0',
|
|
280
297
|
pretty_name: 'Python Software Foundation License',
|
|
281
298
|
other_names: [
|
|
282
299
|
'PSF',
|
|
@@ -297,6 +314,7 @@ module LicenseFinder
|
|
|
297
314
|
|
|
298
315
|
License.new(
|
|
299
316
|
short_name: 'Ruby',
|
|
317
|
+
spdx_id: 'Ruby',
|
|
300
318
|
pretty_name: 'ruby',
|
|
301
319
|
url: url,
|
|
302
320
|
matcher: matcher
|
|
@@ -306,6 +324,7 @@ module LicenseFinder
|
|
|
306
324
|
def simplifiedbsd
|
|
307
325
|
License.new(
|
|
308
326
|
short_name: 'SimplifiedBSD',
|
|
327
|
+
spdx_id: 'BSD-2-Clause',
|
|
309
328
|
pretty_name: 'Simplified BSD',
|
|
310
329
|
other_names: [
|
|
311
330
|
'FreeBSD',
|
|
@@ -321,6 +340,7 @@ module LicenseFinder
|
|
|
321
340
|
def wtfpl
|
|
322
341
|
License.new(
|
|
323
342
|
short_name: 'WTFPL',
|
|
343
|
+
spdx_id: 'WTFPL',
|
|
324
344
|
pretty_name: 'WTFPL',
|
|
325
345
|
other_names: [
|
|
326
346
|
'WTFPL V2',
|
|
@@ -337,6 +357,7 @@ module LicenseFinder
|
|
|
337
357
|
|
|
338
358
|
License.new(
|
|
339
359
|
short_name: '0BSD',
|
|
360
|
+
spdx_id: '0BSD',
|
|
340
361
|
pretty_name: 'BSD Zero Clause License',
|
|
341
362
|
other_names: [
|
|
342
363
|
'0-Clause BSD',
|
|
@@ -354,6 +375,7 @@ module LicenseFinder
|
|
|
354
375
|
def zlib
|
|
355
376
|
License.new(
|
|
356
377
|
short_name: 'Zlib',
|
|
378
|
+
spdx_id: 'Zlib',
|
|
357
379
|
pretty_name: 'zlib/libpng license',
|
|
358
380
|
other_names: [
|
|
359
381
|
'zlib License'
|
|
@@ -5,16 +5,17 @@ module LicenseFinder
|
|
|
5
5
|
module Text
|
|
6
6
|
SPACES = /\s+/.freeze
|
|
7
7
|
QUOTES = /['`"]{1,2}/.freeze
|
|
8
|
+
YEAR_PLACEHOLDERS = /<year>/.freeze
|
|
8
9
|
PLACEHOLDERS = /<[^<>]+>/.freeze
|
|
9
10
|
SPECIAL_SINGLE_QUOTES = /[‘’]/.freeze
|
|
10
11
|
SPECIAL_DOUBLE_QUOTES = /[“”„«»]/.freeze
|
|
11
12
|
ALPHABET_ORDERED_LIST = /\\\([a-z]\\\)\\\s/.freeze
|
|
12
13
|
ALPHABET_ORDERED_LIST_OPTIONAL = '(\([a-z]\)\s)?'
|
|
13
|
-
LIST_BULLETS = /(\d{1,2}
|
|
14
|
+
LIST_BULLETS = /(\d{1,2}\\\.|\\\*|\\-)\\\s/.freeze
|
|
14
15
|
LIST_BULLETS_OPTIONAL = '(\d{1,2}.|\*|\-)?\s*'
|
|
15
16
|
NEWLINE_CHARACTER = /\n+/.freeze
|
|
16
|
-
QUOTE_COMMENT_CHARACTER = /^\s
|
|
17
|
-
ESCAPED_QUOTES =
|
|
17
|
+
QUOTE_COMMENT_CHARACTER = /^\s*>+/.freeze
|
|
18
|
+
ESCAPED_QUOTES = /\\"/.freeze
|
|
18
19
|
|
|
19
20
|
def self.normalize_punctuation(text)
|
|
20
21
|
text.dup.force_encoding('UTF-8')
|
|
@@ -32,6 +33,7 @@ module LicenseFinder
|
|
|
32
33
|
|
|
33
34
|
def self.compile_to_regex(text)
|
|
34
35
|
Regexp.new(Regexp.escape(normalize_punctuation(text))
|
|
36
|
+
.gsub(YEAR_PLACEHOLDERS, '(\S*)')
|
|
35
37
|
.gsub(PLACEHOLDERS, '(.*)')
|
|
36
38
|
.gsub(',', '(,)?')
|
|
37
39
|
.gsub('HOLDER', '(HOLDER|OWNER)')
|
|
@@ -40,6 +40,7 @@ module LicenseFinder
|
|
|
40
40
|
def initialize(settings)
|
|
41
41
|
@short_name = settings.fetch(:short_name)
|
|
42
42
|
@pretty_name = settings.fetch(:pretty_name, short_name)
|
|
43
|
+
@spdx_id = settings.fetch(:spdx_id, '')
|
|
43
44
|
@other_names = settings.fetch(:other_names, [])
|
|
44
45
|
@url = settings.fetch(:url)
|
|
45
46
|
@matcher = settings.fetch(:matcher) { Matcher.from_template(Template.named(short_name)) }
|
|
@@ -51,6 +52,10 @@ module LicenseFinder
|
|
|
51
52
|
pretty_name
|
|
52
53
|
end
|
|
53
54
|
|
|
55
|
+
def standard_id
|
|
56
|
+
spdx_id
|
|
57
|
+
end
|
|
58
|
+
|
|
54
59
|
def stripped_name(name)
|
|
55
60
|
name.sub(/^The /i, '')
|
|
56
61
|
end
|
|
@@ -77,13 +82,13 @@ module LicenseFinder
|
|
|
77
82
|
|
|
78
83
|
private
|
|
79
84
|
|
|
80
|
-
attr_reader :short_name, :pretty_name, :other_names
|
|
81
|
-
attr_reader :matcher
|
|
85
|
+
attr_reader :short_name, :pretty_name, :other_names, :spdx_id, :matcher
|
|
82
86
|
|
|
83
87
|
def names
|
|
84
88
|
([short_name, pretty_name] + other_names).uniq
|
|
85
89
|
end
|
|
86
90
|
end
|
|
91
|
+
|
|
87
92
|
class AndLicense < License
|
|
88
93
|
def self.operator
|
|
89
94
|
' AND '
|
|
@@ -93,6 +98,7 @@ module LicenseFinder
|
|
|
93
98
|
@short_name = name
|
|
94
99
|
@pretty_name = name
|
|
95
100
|
@url = nil
|
|
101
|
+
@spdx_id = nil
|
|
96
102
|
@matcher = NoneMatcher.new
|
|
97
103
|
# removes heading and trailing parentesis and splits
|
|
98
104
|
name = name[1..-2] if name.start_with?('(')
|
|
@@ -18,7 +18,7 @@ module LicenseFinder
|
|
|
18
18
|
# the constructor options
|
|
19
19
|
# - otherwise, override #licenses_from_spec or #license_files
|
|
20
20
|
class Package
|
|
21
|
-
attr_reader :logger
|
|
21
|
+
attr_reader :logger, :name, :version, :authors, :summary, :description, :children, :parents, :groups, :manual_approval, :license_names_from_spec, :install_path
|
|
22
22
|
|
|
23
23
|
def self.license_names_from_standard_spec(spec)
|
|
24
24
|
licenses = spec['licenses'] || [spec['license']].compact
|
|
@@ -64,10 +64,6 @@ module LicenseFinder
|
|
|
64
64
|
|
|
65
65
|
attr_accessor :homepage, :package_url
|
|
66
66
|
|
|
67
|
-
attr_reader :name, :version, :authors,
|
|
68
|
-
:summary, :description,
|
|
69
|
-
:children, :parents, :groups
|
|
70
|
-
|
|
71
67
|
## APPROVAL
|
|
72
68
|
|
|
73
69
|
def approved_manually!(approval)
|
|
@@ -101,8 +97,6 @@ module LicenseFinder
|
|
|
101
97
|
@restricted
|
|
102
98
|
end
|
|
103
99
|
|
|
104
|
-
attr_reader :manual_approval
|
|
105
|
-
|
|
106
100
|
## EQUALITY
|
|
107
101
|
|
|
108
102
|
def <=>(other)
|
|
@@ -120,10 +114,7 @@ module LicenseFinder
|
|
|
120
114
|
[name, version].hash
|
|
121
115
|
end
|
|
122
116
|
|
|
123
|
-
## LICENSING
|
|
124
|
-
|
|
125
|
-
attr_reader :license_names_from_spec # stubbed in tests, otherwise private
|
|
126
|
-
attr_reader :install_path # checked in tests, otherwise private
|
|
117
|
+
## LICENSING # stubbed in tests, otherwise private # checked in tests, otherwise private
|
|
127
118
|
|
|
128
119
|
def licenses
|
|
129
120
|
@licenses ||= activations.map(&:license).sort_by(&:name).to_set
|
|
@@ -200,3 +191,4 @@ require 'license_finder/packages/sbt_package'
|
|
|
200
191
|
require 'license_finder/packages/cargo_package'
|
|
201
192
|
require 'license_finder/packages/composer_package'
|
|
202
193
|
require 'license_finder/packages/conda_package'
|
|
194
|
+
require 'license_finder/packages/pubspec_package'
|
|
@@ -177,5 +177,6 @@ require 'license_finder/package_managers/sbt'
|
|
|
177
177
|
require 'license_finder/package_managers/cargo'
|
|
178
178
|
require 'license_finder/package_managers/composer'
|
|
179
179
|
require 'license_finder/package_managers/conda'
|
|
180
|
+
require 'license_finder/package_managers/pub'
|
|
180
181
|
|
|
181
182
|
require 'license_finder/package'
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require 'json'
|
|
4
|
+
require 'open3'
|
|
4
5
|
|
|
5
6
|
module LicenseFinder
|
|
6
7
|
class CocoaPods < PackageManager
|
|
@@ -42,20 +43,24 @@ module LicenseFinder
|
|
|
42
43
|
end
|
|
43
44
|
|
|
44
45
|
def acknowledgements_path
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
46
|
+
if !ENV['ACKNOWLEDGEMENTS_PATH'].nil?
|
|
47
|
+
result = Dir[*ENV['ACKNOWLEDGEMENTS_PATH']].first
|
|
48
|
+
else
|
|
49
|
+
search_paths = ['Pods/Pods-acknowledgements.plist',
|
|
50
|
+
'Pods/Target Support Files/Pods/Pods-acknowledgements.plist',
|
|
51
|
+
'Pods/Target Support Files/Pods-*/Pods-*-acknowledgements.plist']
|
|
51
52
|
|
|
53
|
+
result = Dir[*search_paths.map { |path| File.join(project_path, path) }].first
|
|
54
|
+
raise "Found a Podfile but no Pods directory in #{project_path}. Try running pod install before running license_finder." if result.nil?
|
|
55
|
+
end
|
|
52
56
|
result
|
|
53
57
|
end
|
|
54
58
|
|
|
55
59
|
def read_plist(pathname)
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
60
|
+
out, err, status = Open3.capture3('plutil', '-convert', 'json', '-o', '-', pathname)
|
|
61
|
+
raise "#{out}\n\n#{err}" unless status.success?
|
|
62
|
+
|
|
63
|
+
JSON.parse(out)
|
|
59
64
|
end
|
|
60
65
|
end
|
|
61
66
|
end
|
|
@@ -18,10 +18,10 @@ module LicenseFinder
|
|
|
18
18
|
|
|
19
19
|
deps = info_parser.parse(info_output)
|
|
20
20
|
deps.map do |dep|
|
|
21
|
-
name, version = dep['name'].split('
|
|
21
|
+
name, version = dep['name'].split('/')
|
|
22
22
|
url = dep['URL']
|
|
23
23
|
license_file_path = Dir.glob("#{project_path}/licenses/#{name}/**/LICENSE*").first
|
|
24
|
-
ConanPackage.new(name, version, File.open(license_file_path).read, url) unless name == '
|
|
24
|
+
ConanPackage.new(name, version, File.open(license_file_path).read, url) unless name == 'conanfile.txt'
|
|
25
25
|
end.compact
|
|
26
26
|
end
|
|
27
27
|
end
|
|
@@ -9,7 +9,13 @@ module LicenseFinder
|
|
|
9
9
|
def current_packages
|
|
10
10
|
detected_path = detected_package_path
|
|
11
11
|
|
|
12
|
-
|
|
12
|
+
imports = if Gem::Version.new(Psych::VERSION) >= Gem::Version.new('3.1.0.pre1')
|
|
13
|
+
YAML.safe_load(File.read(detected_path), permitted_classes: [Symbol, Time], aliases: true).fetch('imports')
|
|
14
|
+
else
|
|
15
|
+
YAML.safe_load(File.read(detected_path), [Symbol, Time], [], true).fetch('imports')
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
imports.map do |package_hash|
|
|
13
19
|
import_path = package_hash.fetch('name')
|
|
14
20
|
license_path = project_path.join('vendor', import_path)
|
|
15
21
|
|
|
@@ -37,7 +37,7 @@ module LicenseFinder
|
|
|
37
37
|
GoPackage.from_dependency({
|
|
38
38
|
'ImportPath' => dep,
|
|
39
39
|
'InstallPath' => detected_package_path.join(dep),
|
|
40
|
-
'Rev' =>
|
|
40
|
+
'Rev' => "vendored-#{project_sha(detected_package_path.join(dep))}",
|
|
41
41
|
'Homepage' => repo_name(dep)
|
|
42
42
|
}, nil, true)
|
|
43
43
|
end
|
|
@@ -70,7 +70,7 @@ module LicenseFinder
|
|
|
70
70
|
deps = val.split("\n")
|
|
71
71
|
Cmd.run('go list std').first.split("\n").each do |std|
|
|
72
72
|
deps.delete_if do |dep|
|
|
73
|
-
dep =~ %r{(
|
|
73
|
+
dep =~ %r{(/|^)#{std}(/|$)}
|
|
74
74
|
end
|
|
75
75
|
end
|
|
76
76
|
deps.map do |d|
|