license_finder 6.15.0 → 7.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (58) hide show
  1. checksums.yaml +4 -4
  2. data/.github/dependabot.yml +9 -0
  3. data/.rubocop.yml +12 -2
  4. data/CHANGELOG.md +18 -1
  5. data/Dockerfile +21 -2
  6. data/README.md +6 -6
  7. data/Rakefile +2 -2
  8. data/VERSION +1 -1
  9. data/ci/pipelines/release.yml.erb +1 -1
  10. data/ci/scripts/pushscript.sh +2 -3
  11. data/ci/scripts/run-tests.sh +4 -3
  12. data/ci/tasks/rubocop.yml +1 -1
  13. data/lib/license_finder/cli/approvals.rb +2 -2
  14. data/lib/license_finder/cli/base.rb +9 -5
  15. data/lib/license_finder/cli/dependencies.rb +4 -4
  16. data/lib/license_finder/cli/ignored_dependencies.rb +3 -3
  17. data/lib/license_finder/cli/ignored_groups.rb +3 -3
  18. data/lib/license_finder/cli/inherited_decisions.rb +5 -5
  19. data/lib/license_finder/cli/licenses.rb +2 -2
  20. data/lib/license_finder/cli/main.rb +17 -11
  21. data/lib/license_finder/cli/permitted_licenses.rb +3 -3
  22. data/lib/license_finder/cli/project_name.rb +4 -4
  23. data/lib/license_finder/cli/restricted_licenses.rb +3 -3
  24. data/lib/license_finder/configuration.rb +6 -3
  25. data/lib/license_finder/core.rb +2 -1
  26. data/lib/license_finder/decisions.rb +9 -5
  27. data/lib/license_finder/license/definitions.rb +22 -0
  28. data/lib/license_finder/license/text.rb +3 -3
  29. data/lib/license_finder/license.rb +8 -2
  30. data/lib/license_finder/logger.rb +1 -1
  31. data/lib/license_finder/package.rb +3 -11
  32. data/lib/license_finder/package_delta.rb +1 -1
  33. data/lib/license_finder/package_manager.rb +1 -0
  34. data/lib/license_finder/package_managers/cocoa_pods.rb +14 -9
  35. data/lib/license_finder/package_managers/conda.rb +1 -1
  36. data/lib/license_finder/package_managers/glide.rb +7 -1
  37. data/lib/license_finder/package_managers/go_15vendorexperiment.rb +2 -2
  38. data/lib/license_finder/package_managers/go_dep.rb +1 -1
  39. data/lib/license_finder/package_managers/go_workspace.rb +1 -1
  40. data/lib/license_finder/package_managers/nuget.rb +1 -1
  41. data/lib/license_finder/package_managers/pub.rb +86 -0
  42. data/lib/license_finder/package_managers/sbt.rb +1 -5
  43. data/lib/license_finder/package_managers/yarn.rb +2 -2
  44. data/lib/license_finder/package_utils/license_files.rb +2 -2
  45. data/lib/license_finder/packages/bower_package.rb +5 -2
  46. data/lib/license_finder/packages/erlangmk_package.rb +2 -4
  47. data/lib/license_finder/packages/npm_package.rb +1 -0
  48. data/lib/license_finder/packages/pubspec_package.rb +18 -0
  49. data/lib/license_finder/printer.rb +39 -0
  50. data/lib/license_finder/report.rb +2 -1
  51. data/lib/license_finder/reports/csv_report.rb +1 -1
  52. data/lib/license_finder/reports/erb_report.rb +7 -3
  53. data/lib/license_finder/reports/json_report.rb +2 -1
  54. data/lib/license_finder/reports/junit_report.rb +5 -1
  55. data/lib/license_finder/reports/xml_report.rb +5 -1
  56. data/lib/license_finder/scanner.rb +1 -1
  57. data/license_finder.gemspec +15 -13
  58. metadata +58 -26
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e0f3198afeab037eb2406cca40c96d108109195d56061b050d71885d034b2e3f
4
- data.tar.gz: ffd412a79598a92e58ae9283a3edc3ed69e18fabfda33bc3edafcc5045b51391
3
+ metadata.gz: e7009be357d27cb0bcadbff341eea7276b7a9012491f1ff2ebc7c2964d3d6305
4
+ data.tar.gz: d4a521addc00cf39c7203f667c41dcd9423a8fddb5e7584cf394de47ca249bfd
5
5
  SHA512:
6
- metadata.gz: 2ffa007a078fcc4f805c8d8b2ab5f0310d11977e3ab0c890dbf200cebca6a687bbde42a1159cb971897162882821f2663278ee2e7f24652f3ecb550b6f42894a
7
- data.tar.gz: e3a8f9809ab13005912da13899d1b9f6078d918afa83ad4f5a11766e00813df1539d42d2b0103807a81f362ac4b15c0bf6b3ad7a8a1d7984b43c826f788baf1b
6
+ metadata.gz: e4a29a2ec4bd2022a96382c9a650e536af8881803302a2c60cecb832e49512184e13df28dd666b53bec7c0c7ef3f8fff66df26c589224134d495f621aba71a64
7
+ data.tar.gz: 6c255bd53fe29179580a920724b0be2e733aa187381e272254fa7d18e682b0bfe1c0ecf80450b5101dfd857aec0428d0e20bb5813f2b476a2bf37572a4486b04
@@ -0,0 +1,9 @@
1
+ version: 2
2
+ updates:
3
+ - package-ecosystem: bundler
4
+ directory: "/"
5
+ schedule:
6
+ interval: daily
7
+ time: "20:00"
8
+ timezone: America/Los_Angeles
9
+ open-pull-requests-limit: 10
data/.rubocop.yml CHANGED
@@ -1,5 +1,5 @@
1
1
  AllCops:
2
- TargetRubyVersion: 2.3.3
2
+ TargetRubyVersion: 2.4.0
3
3
  Exclude:
4
4
  - 'lib/license_finder/reports/**/*'
5
5
  - 'features/fixtures/**/*'
@@ -40,9 +40,17 @@ ModuleLength:
40
40
  # Security Cops
41
41
  YAMLLoad:
42
42
  Enabled: false
43
+ Security/Open:
44
+ Enabled: false
43
45
 
44
46
  #Style Cops
45
- Style/MethodMissingSuper:
47
+ Naming/VariableNumber:
48
+ Enabled: false
49
+ Lint/MixedRegexpCaptureTypes:
50
+ Enabled: false
51
+ Lint/MissingSuper:
52
+ Enabled: false
53
+ Style/OptionalBooleanParameter:
46
54
  Enabled: false
47
55
  Style/MissingRespondToMissing:
48
56
  Enabled: false
@@ -56,6 +64,8 @@ Style/HashTransformValues:
56
64
  Enabled: true
57
65
  Layout/MultilineMethodCallIndentation:
58
66
  Enabled: false
67
+ Lint/EmptyFile:
68
+ Enabled: false
59
69
  DoubleNegation:
60
70
  Enabled: false
61
71
  Documentation:
data/CHANGELOG.md CHANGED
@@ -1,5 +1,20 @@
1
+ # [7.0.0] / 2022-03-04
2
+
3
+ ### Added
4
+ * Ruby 3.x Support - [02497dfb](https://github.com/pivotal/LicenseFinder/commit/02497dfb60d458e51a43ef26568389b5fcf302af)
5
+
6
+ ### Changed
7
+ * Raise an error if the yarn licenses list command fails - [8f9ab6bd](https://github.com/pivotal/LicenseFinder/commit/8f9ab6bd681866aee888410672f3babab7aab383) - AJ Esler
8
+ * Updated code to support newest Thor gem - [b118772c](https://github.com/pivotal/LicenseFinder/commit/b118772c3f634dacc56795eebb7c3ba4c89ef639)
9
+
1
10
  # [6.15.0] / 2021-12-17
2
11
 
12
+ ### Added
13
+ * Add Yarn2 support [7f08790](https://github.com/pivotal/LicenseFinder/commit/7f08790ce1d7cd12ccd0aa9de114ca3366ab408c)
14
+
15
+ ###Changed
16
+ * Upgrade conan and use https://center.conan.io instead of conan.bintray.com [eea1292](https://github.com/pivotal/LicenseFinder/commit/eea1292bf2613f603a8a0ae42747857acf77e361)
17
+
3
18
  ### Fixed
4
19
  * Fix docker Conan and swift - [66031df9](https://github.com/pivotal/LicenseFinder/commit/66031df912c2e1e21aa794a4b897fc61c9ec6b02)
5
20
 
@@ -23,7 +38,7 @@ First two commit were supposed to show up in v6.14.0, but GPG bug prevented a co
23
38
  ### Security
24
39
  * Fix issue where commands could be injected running on Cocoapods projects. [b0a61a2d](https://github.com/pivotal/LicenseFinder/commit/b0a61a2d833921c714cc39cdda8ba80af3f33d04)
25
40
 
26
- Thanks to Joern SchneeweiszStaff Security Engineer, Security Research | GitLab for raising the issue
41
+ Thanks to Joern Schneeweisz Staff Security Engineer, Security Research | GitLab for raising the issue
27
42
 
28
43
 
29
44
  # [6.13.0] / 2021-04-27
@@ -985,3 +1000,5 @@ Bugfixes:
985
1000
  [6.14.1]: https://github.com/pivotal/LicenseFinder/compare/v6.13.0...v6.14.1
986
1001
  [6.14.2]: https://github.com/pivotal/LicenseFinder/compare/v6.14.1...v6.14.2
987
1002
  [6.15.0]: https://github.com/pivotal/LicenseFinder/compare/v6.14.2...v6.15.0
1003
+ [7.0.0]: https://github.com/pivotal/LicenseFinder/compare/v6.15.0...v7.0.0
1004
+ [7.0.0]: https://github.com/pivotal/LicenseFinder/compare/v6.15.0...v7.0.0
data/Dockerfile CHANGED
@@ -9,7 +9,7 @@ ENV GO_LANG_VERSION 1.14.3
9
9
  ENV MAVEN_VERSION 3.6.0
10
10
  ENV SBT_VERSION 1.3.3
11
11
  ENV GRADLE_VERSION 5.6.4
12
- ENV RUBY_VERSION 2.7.1
12
+ ENV RUBY_VERSION 3.1.1
13
13
  ENV MIX_VERSION 1.0
14
14
  ENV COMPOSER_ALLOW_SUPERUSER 1
15
15
 
@@ -206,6 +206,25 @@ RUN apt-get -q install -y \
206
206
  pkg-config \
207
207
  && rm -r /var/lib/apt/lists/*
208
208
 
209
+ #install flutter
210
+ ENV FLUTTER_HOME=/root/flutter
211
+ RUN curl -o flutter_linux_2.8.1-stable.tar.xz https://storage.googleapis.com/flutter_infra_release/releases/stable/linux/flutter_linux_2.8.1-stable.tar.xz \
212
+ && tar xf flutter_linux_2.8.1-stable.tar.xz \
213
+ && mv flutter ${FLUTTER_HOME} \
214
+ && rm flutter_linux_2.8.1-stable.tar.xz
215
+
216
+ ENV PATH=$PATH:${FLUTTER_HOME}/bin:${FLUTTER_HOME}/bin/cache/dart-sdk/bin
217
+ RUN flutter doctor -v \
218
+ && flutter update-packages \
219
+ && flutter precache
220
+ # Accepting all licences
221
+ RUN yes | flutter doctor --android-licenses -v
222
+ # Creating Flutter sample projects to put binaries in cache fore each template type
223
+ RUN flutter create --template=app ${TEMP}/app_sample \
224
+ && flutter create --template=package ${TEMP}/package_sample \
225
+ && flutter create --template=plugin ${TEMP}/plugin_sample
226
+
227
+
209
228
  # pub 4096R/ED3D1561 2019-03-22 [SC] [expires: 2023-03-23]
210
229
  # Key fingerprint = A62A E125 BBBF BB96 A6E0 42EC 925C C1CC ED3D 1561
211
230
  # uid Swift 5.x Release Signing Key <swift-infrastructure@swift.org
@@ -242,7 +261,7 @@ RUN set -e; \
242
261
 
243
262
  # install license_finder
244
263
  COPY . /LicenseFinder
245
- RUN bash -lc "cd /LicenseFinder && bundle config set no-cache 'true' && bundle install -j4 && rake install"
264
+ RUN bash -lc "cd /LicenseFinder && bundle config set no-cache 'true' && bundle install -j4 && bundle pristine && rake install"
246
265
 
247
266
  WORKDIR /
248
267
 
data/README.md CHANGED
@@ -3,12 +3,11 @@
3
3
  [![Code Climate](https://codeclimate.com/github/pivotal/LicenseFinder.png)](https://codeclimate.com/github/pivotal/LicenseFinder)
4
4
 
5
5
  Build status
6
- * Ruby 2.3.8 [![Ruby 2.3.8 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.3.8/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
7
6
  * Ruby 2.4.9 [![Ruby 2.4.9 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.4.9/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
8
7
  * Ruby 2.5.7 [![Ruby 2.5.7 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.5.7/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
9
- * Ruby 2.6.5 [![Ruby 2.6.5 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.6.5/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
10
- * Ruby 2.7.1 [![Ruby 2.7.1 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.7.1/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
11
- * JRuby 9.2.9.0 [![JRuby 9.2.9.0 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-jruby-9.2.9.0/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
8
+ * Ruby 2.6.9 [![Ruby 2.6.9 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.6.9/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
9
+ * Ruby 2.7.5 [![Ruby 2.7.5 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-2.7.5/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
10
+ * Ruby 3.1.1 [![Ruby 3.1.1 build status](https://norsk.cf-app.com/api/v1/teams/main/pipelines/LicenseFinder/jobs/ruby-3.1.1/badge)](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
12
11
 
13
12
 
14
13
  LicenseFinder works with your package managers to find dependencies,
@@ -55,10 +54,11 @@ and give you an actionable exception report.
55
54
  * Go Modules (via `go mod`)
56
55
  * PHP (via `composer`)
57
56
  * Python (via Conda [Conda 4.8.3, Python 3.7, Bash; requires an `environment.yml` or `environment.yaml`])
57
+ * Flutter (via `flutter pub, requires pubspec.yaml & .pub cache locaton through ENV variable`)
58
58
 
59
59
  ## Installation
60
60
 
61
- License Finder requires Ruby 2.3.3 or greater to run. If you have an older
61
+ License Finder requires Ruby 2.4.0 or greater to run. If you have an older
62
62
  version of Ruby installed, you can update via Homebrew:
63
63
 
64
64
  ```sh
@@ -174,7 +174,7 @@ languages, as long as that language has a package definition in the project dire
174
174
  * `build.gradle` (for `gradle`)
175
175
  * `settings.gradle` that specifies `rootProject.buildFileName` (for `gradle`)
176
176
  * `bower.json` (for `bower`)
177
- * `Podfile` (for `pod`)
177
+ * `Podfile` (for `pod`) (set `ACKNOWLEDGEMENTS_PATH` variable if you want to target a particular `Pods-acknowledgements-<TARGET>.plist`. Can be useful in multi-target pods projects.)
178
178
  * `Cartfile` (for `carthage`)
179
179
  * `workspace-state.json` under build directory (provided as enviroment variable `SPM_DERIVED_DATA` for Xcode, or default `.build` for non-Xcode projects), (for `spm`)
180
180
  * `rebar.config` (for `rebar`)
data/Rakefile CHANGED
@@ -40,7 +40,7 @@ task :check_dependencies do
40
40
  LicenseFinder::Scanner::PACKAGE_MANAGERS.each do |package_manager|
41
41
  satisfied = false unless package_manager.new(project_path: Pathname.new('')).installed?(LicenseFinder::Logger.new(LicenseFinder::Logger::MODE_INFO))
42
42
  end
43
- STDOUT.flush
43
+ $stdout.flush
44
44
  exit 1 unless satisfied
45
45
  end
46
46
 
@@ -54,7 +54,7 @@ task :update_pipeline, [:slack_url, :slack_channel] do |_, args|
54
54
  puts 'Warning: You should provide slack channel and url to receive slack notifications on build failures'
55
55
  end
56
56
 
57
- ruby_versions = %w[2.7.1 2.6.5 2.5.7 2.4.9 2.3.8 jruby-9.2.14.0]
57
+ ruby_versions = %w[3.1.1 2.7.5 2.6.9 2.5.7 2.4.9]
58
58
 
59
59
  params = []
60
60
  params << "ruby_versions=#{ruby_versions.join(',')}"
data/VERSION CHANGED
@@ -1 +1 @@
1
- 6.15.0
1
+ 7.0.0
@@ -156,7 +156,7 @@ jobs:
156
156
  plan:
157
157
  - get: lf-git
158
158
  tags: ["private-worker"]
159
- passed: [<%= "#{ruby_versions.map{ |version| "ruby-#{version}" unless version == "jruby-9.2.14.0" }.compact.join(', ') }, rubocop" %>]
159
+ passed: [<%= "#{ruby_versions.map{ |version| "ruby-#{version}" unless version == "jruby-9.3.1.0" }.compact.join(', ') }, rubocop" %>]
160
160
  - get: semver-version
161
161
  tags: ["private-worker"]
162
162
  trigger: true
@@ -1,7 +1,6 @@
1
1
  #!/bin/bash
2
-
3
- echo -e "---\n:rubygems_api_key: $GEM_API_KEY" > ~/.gem/credentials
4
- chmod 0600 ~/.gem/credentials
2
+ echo -e "---\n:rubygems_api_key: $GEM_API_KEY" > ~/.local/share/gem/credentials
3
+ chmod 0600 ~/.local/share/gem/credentials
5
4
 
6
5
  build_version="$(cat semver-version/version)"
7
6
  cd lf-git
@@ -16,9 +16,10 @@ pushd "$PROJECT_ROOT"
16
16
  gem update --system
17
17
  gem install bundler
18
18
  bundle install
19
+ bundle pristine
19
20
 
20
- bundle exec rake install
21
- bundle exec rake spec
21
+ rake install
22
+ rake spec
22
23
 
23
- bundle exec rake features
24
+ rake features
24
25
  popd
data/ci/tasks/rubocop.yml CHANGED
@@ -4,7 +4,7 @@ image_resource:
4
4
  type: registry-image
5
5
  source:
6
6
  repository: ruby
7
- tag: 2.7.1
7
+ tag: 3.1.1
8
8
  username: ((LicenseFinderDocker.username))
9
9
  password: ((LicenseFinderDocker.password))
10
10
 
@@ -13,7 +13,7 @@ module LicenseFinder
13
13
  assert_some names
14
14
  modifying { names.each { |name| decisions.approve(name, txn) } }
15
15
 
16
- say "The #{names.join(', ')} dependency has been approved!", :green
16
+ printer.say "The #{names.join(', ')} dependency has been approved!", :green
17
17
  end
18
18
 
19
19
  auditable
@@ -21,7 +21,7 @@ module LicenseFinder
21
21
  def remove(dep)
22
22
  modifying { decisions.unapprove(dep, txn) }
23
23
 
24
- say "The dependency #{dep} no longer has a manual approval"
24
+ printer.say "The dependency #{dep} no longer has a manual approval"
25
25
  end
26
26
  end
27
27
  end
@@ -1,7 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  require 'thor'
4
-
5
4
  module LicenseFinder
6
5
  module CLI
7
6
  class Base < Thor
@@ -24,12 +23,16 @@ module LicenseFinder
24
23
  def config
25
24
  @config ||= Configuration.with_optional_saved_config(license_finder_config)
26
25
  end
26
+
27
+ def printer
28
+ @printer || Printer.new
29
+ end
27
30
  end
28
31
 
29
32
  private
30
33
 
31
34
  def fail(message)
32
- say(message) && exit(1)
35
+ printer.say(message) && exit(1)
33
36
  end
34
37
 
35
38
  def license_finder_config
@@ -61,7 +64,8 @@ module LicenseFinder
61
64
  :recursive,
62
65
  :sbt_include_groups,
63
66
  :conda_bash_setup_script,
64
- :composer_check_require_only
67
+ :composer_check_require_only,
68
+ :use_spdx_id
65
69
  ).merge(
66
70
  logger: logger_mode
67
71
  )
@@ -84,10 +88,10 @@ module LicenseFinder
84
88
  def say_each(coll)
85
89
  if coll.any?
86
90
  coll.each do |item|
87
- say(block_given? ? yield(item) : item)
91
+ printer.say(block_given? ? yield(item) : item)
88
92
  end
89
93
  else
90
- say '(none)'
94
+ printer.say '(none)'
91
95
  end
92
96
  end
93
97
 
@@ -20,9 +20,9 @@ module LicenseFinder
20
20
  decisions.approve(name, txn) if options[:approve]
21
21
  end
22
22
  if options[:approve]
23
- say "The #{name} dependency has been added and approved!", :green
23
+ printer.say "The #{name} dependency has been added and approved!", :green
24
24
  else
25
- say "The #{name} dependency has been added!", :green
25
+ printer.say "The #{name} dependency has been added!", :green
26
26
  end
27
27
  end
28
28
 
@@ -31,12 +31,12 @@ module LicenseFinder
31
31
  def remove(name)
32
32
  modifying { decisions.remove_package(name, txn) }
33
33
 
34
- say "The #{name} dependency has been removed.", :green
34
+ printer.say "The #{name} dependency has been removed.", :green
35
35
  end
36
36
 
37
37
  desc 'list', 'List manually added dependencies'
38
38
  def list
39
- say 'Manually Added Dependencies:', :blue
39
+ printer.say 'Manually Added Dependencies:', :blue
40
40
  say_each(decisions.packages, &:name)
41
41
  end
42
42
  end
@@ -8,7 +8,7 @@ module LicenseFinder
8
8
 
9
9
  desc 'list', 'List all the ignored dependencies'
10
10
  def list
11
- say 'Ignored Dependencies:', :blue
11
+ printer.say 'Ignored Dependencies:', :blue
12
12
  say_each(decisions.ignored)
13
13
  end
14
14
 
@@ -17,7 +17,7 @@ module LicenseFinder
17
17
  def add(dep)
18
18
  modifying { decisions.ignore(dep, txn) }
19
19
 
20
- say "Added #{dep} to the ignored dependencies"
20
+ printer.say "Added #{dep} to the ignored dependencies"
21
21
  end
22
22
 
23
23
  auditable
@@ -25,7 +25,7 @@ module LicenseFinder
25
25
  def remove(dep)
26
26
  modifying { decisions.heed(dep, txn) }
27
27
 
28
- say "Removed #{dep} from the ignored dependencies"
28
+ printer.say "Removed #{dep} from the ignored dependencies"
29
29
  end
30
30
  end
31
31
  end
@@ -8,7 +8,7 @@ module LicenseFinder
8
8
 
9
9
  desc 'list', 'List all the ignored groups'
10
10
  def list
11
- say 'Ignored Groups:', :blue
11
+ printer.say 'Ignored Groups:', :blue
12
12
  say_each(decisions.ignored_groups)
13
13
  end
14
14
 
@@ -17,7 +17,7 @@ module LicenseFinder
17
17
  def add(group)
18
18
  modifying { decisions.ignore_group(group, txn) }
19
19
 
20
- say "Added #{group} to the ignored groups"
20
+ printer.say "Added #{group} to the ignored groups"
21
21
  end
22
22
 
23
23
  auditable
@@ -25,7 +25,7 @@ module LicenseFinder
25
25
  def remove(group)
26
26
  modifying { decisions.heed_group(group, txn) }
27
27
 
28
- say "Removed #{group} from the ignored groups"
28
+ printer.say "Removed #{group} from the ignored groups"
29
29
  end
30
30
  end
31
31
  end
@@ -8,7 +8,7 @@ module LicenseFinder
8
8
 
9
9
  desc 'list', 'List all the inherited decision files'
10
10
  def list
11
- say 'Inherited Decision Files:', :blue
11
+ printer.say 'Inherited Decision Files:', :blue
12
12
  say_each(decisions.inherited_decisions)
13
13
  end
14
14
 
@@ -17,7 +17,7 @@ module LicenseFinder
17
17
  def add(*decision_files)
18
18
  assert_some decision_files
19
19
  modifying { decision_files.each { |filepath| decisions.inherit_from(filepath) } }
20
- say "Added #{decision_files.join(', ')} to the inherited decisions"
20
+ printer.say "Added #{decision_files.join(', ')} to the inherited decisions"
21
21
  end
22
22
 
23
23
  auditable
@@ -26,7 +26,7 @@ module LicenseFinder
26
26
  url, auth_type, token_or_env = params
27
27
  auth_info = { 'url' => url, 'authorization' => "#{auth_type} #{token_or_env}" }
28
28
  modifying { decisions.add_decision [:inherit_from, auth_info] }
29
- say "Added #{url} to the inherited decisions"
29
+ printer.say "Added #{url} to the inherited decisions"
30
30
  end
31
31
 
32
32
  auditable
@@ -34,7 +34,7 @@ module LicenseFinder
34
34
  def remove(*decision_files)
35
35
  assert_some decision_files
36
36
  modifying { decision_files.each { |filepath| decisions.remove_inheritance(filepath) } }
37
- say "Removed #{decision_files.join(', ')} from the inherited decisions"
37
+ printer.say "Removed #{decision_files.join(', ')} from the inherited decisions"
38
38
  end
39
39
 
40
40
  auditable
@@ -43,7 +43,7 @@ module LicenseFinder
43
43
  url, auth_type, token_or_env = params
44
44
  auth_info = { 'url' => url, 'authorization' => "#{auth_type} #{token_or_env}" }
45
45
  modifying { decisions.remove_inheritance(auth_info) }
46
- say "Removed #{url} from the inherited decisions"
46
+ printer.say "Removed #{url} from the inherited decisions"
47
47
  end
48
48
  end
49
49
  end
@@ -11,7 +11,7 @@ module LicenseFinder
11
11
  def add(name, license)
12
12
  modifying { decisions.license(name, license, txn) }
13
13
 
14
- say "The #{name} dependency has been marked as using #{license} license!", :green
14
+ printer.say "The #{name} dependency has been marked as using #{license} license!", :green
15
15
  end
16
16
 
17
17
  auditable
@@ -19,7 +19,7 @@ module LicenseFinder
19
19
  def remove(dep, lic)
20
20
  modifying { decisions.unlicense(dep, lic, txn) }
21
21
 
22
- say "The dependency #{dep} no longer has a manual license"
22
+ printer.say "The dependency #{dep} no longer has a manual license"
23
23
  end
24
24
  end
25
25
  end
@@ -7,6 +7,7 @@ require 'license_finder/package_delta'
7
7
  require 'license_finder/license_aggregator'
8
8
  require 'license_finder/project_finder'
9
9
  require 'license_finder/logger'
10
+ require 'license_finder/printer'
10
11
 
11
12
  module LicenseFinder
12
13
  module CLI
@@ -90,6 +91,11 @@ module LicenseFinder
90
91
  method_option :columns,
91
92
  desc: "For text or CSV reports, which columns to print. Pick from: #{CsvReport::AVAILABLE_COLUMNS}",
92
93
  type: :array
94
+
95
+ method_option :use_spdx_id,
96
+ type: :boolean,
97
+ desc: 'For reports, use the SPDX identifier instead of license name (useful to match license with other standard tools)',
98
+ default: false
93
99
  end
94
100
 
95
101
  desc 'project_roots', 'List project directories to be scanned'
@@ -102,7 +108,7 @@ module LicenseFinder
102
108
 
103
109
  filtered_project_roots << project_path if aggregate_paths.include?(project_path) && !filtered_project_roots.include?(project_path)
104
110
 
105
- say(filtered_project_roots)
111
+ printer.say(filtered_project_roots)
106
112
  end
107
113
 
108
114
  desc 'action_items', 'List unapproved dependencies (the default action for `license_finder`)'
@@ -115,25 +121,25 @@ module LicenseFinder
115
121
  restricted = finder.restricted
116
122
 
117
123
  # Ensure to start output on a new line even with dot progress indicators.
118
- say "\n"
124
+ printer.say "\n"
119
125
 
120
126
  unless any_packages
121
- say 'No dependencies recognized!', :red
127
+ printer.say 'No dependencies recognized!', :red
122
128
  exit 0
123
129
  end
124
130
 
125
131
  if unapproved.empty?
126
- say 'All dependencies are approved for use', :green
132
+ printer.say 'All dependencies are approved for use', :green
127
133
  else
128
134
  unless restricted.empty?
129
- say 'Restricted dependencies:', :red
130
- say report_of(restricted)
135
+ printer.say 'Restricted dependencies:', :red
136
+ printer.say report_of(restricted)
131
137
  end
132
138
 
133
139
  other_unapproved = unapproved - restricted
134
140
  unless other_unapproved.empty?
135
- say 'Dependencies that need approval:', :yellow
136
- say report_of(other_unapproved)
141
+ printer.say 'Dependencies that need approval:', :yellow
142
+ printer.say report_of(other_unapproved)
137
143
  end
138
144
 
139
145
  exit 1
@@ -151,7 +157,7 @@ module LicenseFinder
151
157
  def report
152
158
  finder = LicenseAggregator.new(config, aggregate_paths)
153
159
  report = report_of(finder.dependencies)
154
- save? ? save_report(report, config.save_file) : say(report)
160
+ save? ? save_report(report, config.save_file) : printer.say(report)
155
161
  end
156
162
 
157
163
  desc 'version', 'Print the version of LicenseFinder'
@@ -166,7 +172,7 @@ module LicenseFinder
166
172
  f1 = IO.read(file1)
167
173
  f2 = IO.read(file2)
168
174
  report = DiffReport.new(Diff.compare(f1, f2))
169
- save? ? save_report(report, config.save_file) : say(report)
175
+ save? ? save_report(report, config.save_file) : printer.say(report)
170
176
  end
171
177
 
172
178
  subcommand 'dependencies', Dependencies, 'Add or remove dependencies that your package managers are not aware of'
@@ -210,7 +216,7 @@ module LicenseFinder
210
216
  def report_of(content)
211
217
  report = FORMATS[config.format] || FORMATS['text']
212
218
  report = MergedReport if report == CsvReport && config.aggregate_paths
213
- report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s, write_headers: config.write_headers)
219
+ report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s, write_headers: config.write_headers, use_spdx_id: config.use_spdx_id)
214
220
  end
215
221
 
216
222
  def save?
@@ -8,7 +8,7 @@ module LicenseFinder
8
8
 
9
9
  desc 'list', 'List all the permitted licenses'
10
10
  def list
11
- say 'Permitted Licenses:', :blue
11
+ printer.say 'Permitted Licenses:', :blue
12
12
  say_each(decisions.permitted, &:name)
13
13
  end
14
14
 
@@ -17,7 +17,7 @@ module LicenseFinder
17
17
  def add(*licenses)
18
18
  assert_some licenses
19
19
  modifying { licenses.each { |l| decisions.permit(l, txn) } }
20
- say "Added #{licenses.join(', ')} to the permitted licenses"
20
+ printer.say "Added #{licenses.join(', ')} to the permitted licenses"
21
21
  end
22
22
 
23
23
  auditable
@@ -25,7 +25,7 @@ module LicenseFinder
25
25
  def remove(*licenses)
26
26
  assert_some licenses
27
27
  modifying { licenses.each { |l| decisions.unpermit(l, txn) } }
28
- say "Removed #{licenses.join(', ')} from the license permitted licenses"
28
+ printer.say "Removed #{licenses.join(', ')} from the license permitted licenses"
29
29
  end
30
30
  end
31
31
  end
@@ -8,8 +8,8 @@ module LicenseFinder
8
8
 
9
9
  desc 'show', 'Show the project name'
10
10
  def show
11
- say 'Project Name:', :blue
12
- say decisions.project_name
11
+ printer.say 'Project Name:', :blue
12
+ printer.say decisions.project_name
13
13
  end
14
14
 
15
15
  auditable
@@ -17,7 +17,7 @@ module LicenseFinder
17
17
  def add(name)
18
18
  modifying { decisions.name_project(name, txn) }
19
19
 
20
- say "Set the project name to #{name}", :green
20
+ printer.say "Set the project name to #{name}", :green
21
21
  end
22
22
 
23
23
  auditable
@@ -25,7 +25,7 @@ module LicenseFinder
25
25
  def remove
26
26
  modifying { decisions.unname_project(txn) }
27
27
 
28
- say 'Removed the project name'
28
+ printer.say 'Removed the project name'
29
29
  end
30
30
  end
31
31
  end
@@ -8,7 +8,7 @@ module LicenseFinder
8
8
 
9
9
  desc 'list', 'List all the restricted licenses'
10
10
  def list
11
- say 'Restricted Licenses:', :blue
11
+ printer.say 'Restricted Licenses:', :blue
12
12
  say_each(decisions.restricted, &:name)
13
13
  end
14
14
 
@@ -17,7 +17,7 @@ module LicenseFinder
17
17
  def add(*licenses)
18
18
  assert_some licenses
19
19
  modifying { licenses.each { |l| decisions.restrict(l, txn) } }
20
- say "Added #{licenses.join(', ')} to the restricted licenses"
20
+ printer.say "Added #{licenses.join(', ')} to the restricted licenses"
21
21
  end
22
22
 
23
23
  auditable
@@ -25,7 +25,7 @@ module LicenseFinder
25
25
  def remove(*licenses)
26
26
  assert_some licenses
27
27
  modifying { licenses.each { |l| decisions.unrestrict(l, txn) } }
28
- say "Removed #{licenses.join(', ')} from the restricted licenses"
28
+ printer.say "Removed #{licenses.join(', ')} from the restricted licenses"
29
29
  end
30
30
  end
31
31
  end
@@ -145,6 +145,10 @@ module LicenseFinder
145
145
  get(:columns)
146
146
  end
147
147
 
148
+ def use_spdx_id
149
+ get(:use_spdx_id)
150
+ end
151
+
148
152
  def sbt_include_groups
149
153
  get(:sbt_include_groups)
150
154
  end
@@ -153,13 +157,12 @@ module LicenseFinder
153
157
  get(:composer_check_require_only)
154
158
  end
155
159
 
156
- attr_writer :strict_matching
157
-
158
- attr_reader :strict_matching
160
+ attr_accessor :strict_matching
159
161
 
160
162
  protected
161
163
 
162
164
  attr_accessor :primary_config
165
+
163
166
  def dup_with(other_hash)
164
167
  dup.tap do |dup|
165
168
  dup.primary_config.merge!(other_hash)