RubyGems - license_finder - Versions diffs - 6.15.0 → 7.0.0 - Mend

license_finder 6.15.0 → 7.0.0

Files changed (58) hide show

checksums.yaml +4 -4
data/.github/dependabot.yml +9 -0
data/.rubocop.yml +12 -2
data/CHANGELOG.md +18 -1
data/Dockerfile +21 -2
data/README.md +6 -6
data/Rakefile +2 -2
data/VERSION +1 -1
data/ci/pipelines/release.yml.erb +1 -1
data/ci/scripts/pushscript.sh +2 -3
data/ci/scripts/run-tests.sh +4 -3
data/ci/tasks/rubocop.yml +1 -1
data/lib/license_finder/cli/approvals.rb +2 -2
data/lib/license_finder/cli/base.rb +9 -5
data/lib/license_finder/cli/dependencies.rb +4 -4
data/lib/license_finder/cli/ignored_dependencies.rb +3 -3
data/lib/license_finder/cli/ignored_groups.rb +3 -3
data/lib/license_finder/cli/inherited_decisions.rb +5 -5
data/lib/license_finder/cli/licenses.rb +2 -2
data/lib/license_finder/cli/main.rb +17 -11
data/lib/license_finder/cli/permitted_licenses.rb +3 -3
data/lib/license_finder/cli/project_name.rb +4 -4
data/lib/license_finder/cli/restricted_licenses.rb +3 -3
data/lib/license_finder/configuration.rb +6 -3
data/lib/license_finder/core.rb +2 -1
data/lib/license_finder/decisions.rb +9 -5
data/lib/license_finder/license/definitions.rb +22 -0
data/lib/license_finder/license/text.rb +3 -3
data/lib/license_finder/license.rb +8 -2
data/lib/license_finder/logger.rb +1 -1
data/lib/license_finder/package.rb +3 -11
data/lib/license_finder/package_delta.rb +1 -1
data/lib/license_finder/package_manager.rb +1 -0
data/lib/license_finder/package_managers/cocoa_pods.rb +14 -9
data/lib/license_finder/package_managers/conda.rb +1 -1
data/lib/license_finder/package_managers/glide.rb +7 -1
data/lib/license_finder/package_managers/go_15vendorexperiment.rb +2 -2
data/lib/license_finder/package_managers/go_dep.rb +1 -1
data/lib/license_finder/package_managers/go_workspace.rb +1 -1
data/lib/license_finder/package_managers/nuget.rb +1 -1
data/lib/license_finder/package_managers/pub.rb +86 -0
data/lib/license_finder/package_managers/sbt.rb +1 -5
data/lib/license_finder/package_managers/yarn.rb +2 -2
data/lib/license_finder/package_utils/license_files.rb +2 -2
data/lib/license_finder/packages/bower_package.rb +5 -2
data/lib/license_finder/packages/erlangmk_package.rb +2 -4
data/lib/license_finder/packages/npm_package.rb +1 -0
data/lib/license_finder/packages/pubspec_package.rb +18 -0
data/lib/license_finder/printer.rb +39 -0
data/lib/license_finder/report.rb +2 -1
data/lib/license_finder/reports/csv_report.rb +1 -1
data/lib/license_finder/reports/erb_report.rb +7 -3
data/lib/license_finder/reports/json_report.rb +2 -1
data/lib/license_finder/reports/junit_report.rb +5 -1
data/lib/license_finder/reports/xml_report.rb +5 -1
data/lib/license_finder/scanner.rb +1 -1
data/license_finder.gemspec +15 -13
metadata +58 -26

data/lib/license_finder/core.rb CHANGED Viewed

@@ -31,6 +31,7 @@ module LicenseFinder
     #   rebar_deps_dir: "deps",
     # }
     def initialize(configuration)
+      @printer = Printer.new
       @logger = Logger.new(configuration.logger_mode)
       @config = configuration
       @scanner = Scanner.new(options)
@@ -68,7 +69,7 @@ module LicenseFinder
     private
-    attr_reader :logger
+    attr_reader :logger, :printer
     # The core of the system. The saved decisions are applied to the current
     # packages.

data/lib/license_finder/decisions.rb CHANGED Viewed

@@ -194,9 +194,10 @@ module LicenseFinder
     def inherit_from(filepath_info)
       decisions =
-        if filepath_info.is_a?(Hash)
+        case filepath_info
+        when Hash
           resolve_inheritance(filepath_info)
-        elsif filepath_info =~ %r{^https?://}
+        when %r{^https?://}
           open_uri(filepath_info).read
         else
           Pathname(filepath_info).read
@@ -247,9 +248,7 @@ module LicenseFinder
       # ruby < 2.5.0 URI.open is private
       if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.5.0')
-        # rubocop:disable Security/Open
         open(uri, header)
-        # rubocop:enable Security/Open
       else
         URI.open(uri, header)
       end
@@ -280,7 +279,12 @@ module LicenseFinder
     def self.restore(persisted, result = new)
       return result unless persisted
-      actions = YAML.load(persisted)
+      # From https://makandracards.com/makandra/465149-ruby-the-yaml-safe_load-method-hides-some-pitfalls
+      actions = if Gem::Version.new(Psych::VERSION) >= Gem::Version.new('3.1.0.pre1')
+                  YAML.safe_load(persisted, permitted_classes: [Symbol, Time], aliases: true)
+                else
+                  YAML.safe_load(persisted, [Symbol, Time], [], true)
+                end
       list_of_actions = (actions || []).map(&:first)

data/lib/license_finder/license/definitions.rb CHANGED Viewed

@@ -46,6 +46,7 @@ module LicenseFinder
         License.new(
           short_name: 'Apache1_1',
           pretty_name: 'Apache 1.1',
+          spdx_id: 'Apache-1.1',
           other_names: [
             'Apache-1.1',
             'The Apache Software License, Version 1.1'
@@ -58,6 +59,7 @@ module LicenseFinder
         License.new(
           short_name: 'Apache2',
           pretty_name: 'Apache 2.0',
+          spdx_id: 'Apache-2.0',
           other_names: [
             'Apache-2.0',
             'Apache Software License',
@@ -79,6 +81,7 @@ module LicenseFinder
       def bsd
         License.new(
           short_name: 'BSD',
+          spdx_id: 'BSD-4-Clause',
           other_names: ['BSD4', 'bsd-old', '4-clause BSD', 'BSD-4-Clause', 'BSD 4-Clause', 'BSD License'],
           url: 'http://en.wikipedia.org/wiki/BSD_licenses#4-clause_license_.28original_.22BSD_License.22.29'
         )
@@ -87,6 +90,7 @@ module LicenseFinder
       def cc01
         License.new(
           short_name: 'CC01',
+          spdx_id: 'CC0-1.0',
           pretty_name: 'CC0 1.0 Universal',
           other_names: ['CC0 1.0'],
           url: 'http://creativecommons.org/publicdomain/zero/1.0'
@@ -96,6 +100,7 @@ module LicenseFinder
       def cddl1
         License.new(
           short_name: 'CDDL1',
+          spdx_id: 'CDDL-1.0',
           pretty_name: 'Common Development and Distribution License 1.0',
           other_names: [
             'CDDL-1.0',
@@ -109,6 +114,7 @@ module LicenseFinder
       def eclipse1
         License.new(
           short_name: 'EPL1',
+          spdx_id: 'EPL-1.0',
           pretty_name: 'Eclipse Public License 1.0',
           other_names: [
             'EPL-1.0',
@@ -122,6 +128,7 @@ module LicenseFinder
       def gplv2
         License.new(
           short_name: 'GPLv2',
+          spdx_id: 'GPL-2.0-only',
           other_names: ['GPL V2', 'gpl-v2', 'GNU GENERAL PUBLIC LICENSE Version 2'],
           url: 'http://www.gnu.org/licenses/gpl-2.0.txt'
         )
@@ -130,6 +137,7 @@ module LicenseFinder
       def gplv3
         License.new(
           short_name: 'GPLv3',
+          spdx_id: 'GPL-3.0-only',
           other_names: ['GPL V3', 'gpl-v3', 'GNU GENERAL PUBLIC LICENSE Version 3'],
           url: 'http://www.gnu.org/licenses/gpl-3.0.txt'
         )
@@ -138,6 +146,7 @@ module LicenseFinder
       def isc
         License.new(
           short_name: 'ISC',
+          spdx_id: 'ISC',
           url: 'http://en.wikipedia.org/wiki/ISC_license'
         )
       end
@@ -145,6 +154,7 @@ module LicenseFinder
       def lgpl
         License.new(
           short_name: 'LGPL',
+          spdx_id: 'LGPL-3.0-only',
           other_names: ['LGPL-3', 'LGPLv3', 'LGPL-3.0'],
           url: 'http://www.gnu.org/licenses/lgpl.txt'
         )
@@ -153,6 +163,7 @@ module LicenseFinder
       def lgpl2_1
         License.new(
           short_name: 'LGPL2_1',
+          spdx_id: 'LGPL-2.1-only',
           pretty_name: 'GNU Lesser General Public License version 2.1',
           other_names: [
             'LGPL-2.1-only',
@@ -178,6 +189,7 @@ module LicenseFinder
         License.new(
           short_name: 'MIT',
+          spdx_id: 'MIT',
           other_names: ['Expat', 'MIT license', 'MIT License', 'The MIT License (MIT)'],
           url: 'http://opensource.org/licenses/mit-license',
           matcher: matcher
@@ -197,6 +209,7 @@ module LicenseFinder
         License.new(
           short_name: 'MPL1_1',
+          spdx_id: 'MPL-1.1',
           pretty_name: 'Mozilla Public License 1.1',
           other_names: [
             'MPL-1.1',
@@ -218,6 +231,7 @@ module LicenseFinder
         License.new(
           short_name: 'MPL2',
+          spdx_id: 'MPL-2.0',
           pretty_name: 'Mozilla Public License 2.0',
           other_names: [
             'MPL-2.0',
@@ -243,6 +257,7 @@ module LicenseFinder
         License.new(
           short_name: 'NewBSD',
+          spdx_id: 'BSD-3-Clause',
           pretty_name: 'New BSD',
           other_names: [
             'Modified BSD',
@@ -266,6 +281,7 @@ module LicenseFinder
       def ofl
         License.new(
           short_name: 'OFL',
+          spdx_id: 'OFL-1.1',
           pretty_name: 'SIL OPEN FONT LICENSE Version 1.1',
           other_names: [
             'OPEN FONT LICENSE Version 1.1'
@@ -277,6 +293,7 @@ module LicenseFinder
       def python
         License.new(
           short_name: 'Python',
+          spdx_id: 'PSF-2.0',
           pretty_name: 'Python Software Foundation License',
           other_names: [
             'PSF',
@@ -297,6 +314,7 @@ module LicenseFinder
         License.new(
           short_name: 'Ruby',
+          spdx_id: 'Ruby',
           pretty_name: 'ruby',
           url: url,
           matcher: matcher
@@ -306,6 +324,7 @@ module LicenseFinder
       def simplifiedbsd
         License.new(
           short_name: 'SimplifiedBSD',
+          spdx_id: 'BSD-2-Clause',
           pretty_name: 'Simplified BSD',
           other_names: [
             'FreeBSD',
@@ -321,6 +340,7 @@ module LicenseFinder
       def wtfpl
         License.new(
           short_name: 'WTFPL',
+          spdx_id: 'WTFPL',
           pretty_name: 'WTFPL',
           other_names: [
             'WTFPL V2',
@@ -337,6 +357,7 @@ module LicenseFinder
         License.new(
           short_name: '0BSD',
+          spdx_id: '0BSD',
           pretty_name: 'BSD Zero Clause License',
           other_names: [
             '0-Clause BSD',
@@ -354,6 +375,7 @@ module LicenseFinder
       def zlib
         License.new(
           short_name: 'Zlib',
+          spdx_id: 'Zlib',
           pretty_name: 'zlib/libpng license',
           other_names: [
             'zlib License'

data/lib/license_finder/license/text.rb CHANGED Viewed

@@ -11,11 +11,11 @@ module LicenseFinder
       SPECIAL_DOUBLE_QUOTES = /[“”„«»]/.freeze
       ALPHABET_ORDERED_LIST = /\\\([a-z]\\\)\\\s/.freeze
       ALPHABET_ORDERED_LIST_OPTIONAL = '(\([a-z]\)\s)?'
-      LIST_BULLETS = /(\d{1,2}\\\.|\\\*|\\\-)\\\s/.freeze
+      LIST_BULLETS = /(\d{1,2}\\\.|\\\*|\\-)\\\s/.freeze
       LIST_BULLETS_OPTIONAL = '(\d{1,2}.|\*|\-)?\s*'
       NEWLINE_CHARACTER = /\n+/.freeze
-      QUOTE_COMMENT_CHARACTER = /^\s*\>+/.freeze
-      ESCAPED_QUOTES = /\\\"/.freeze
+      QUOTE_COMMENT_CHARACTER = /^\s*>+/.freeze
+      ESCAPED_QUOTES = /\\"/.freeze
       def self.normalize_punctuation(text)
         text.dup.force_encoding('UTF-8')

data/lib/license_finder/license.rb CHANGED Viewed

@@ -40,6 +40,7 @@ module LicenseFinder
     def initialize(settings)
       @short_name  = settings.fetch(:short_name)
       @pretty_name = settings.fetch(:pretty_name, short_name)
+      @spdx_id     = settings.fetch(:spdx_id, '')
       @other_names = settings.fetch(:other_names, [])
       @url         = settings.fetch(:url)
       @matcher     = settings.fetch(:matcher) { Matcher.from_template(Template.named(short_name)) }
@@ -51,6 +52,10 @@ module LicenseFinder
       pretty_name
     end
+    def standard_id
+      spdx_id
+    end
     def stripped_name(name)
       name.sub(/^The /i, '')
     end
@@ -77,13 +82,13 @@ module LicenseFinder
     private
-    attr_reader :short_name, :pretty_name, :other_names
-    attr_reader :matcher
+    attr_reader :short_name, :pretty_name, :other_names, :spdx_id, :matcher
     def names
       ([short_name, pretty_name] + other_names).uniq
     end
   end
   class AndLicense < License
     def self.operator
       ' AND '
@@ -93,6 +98,7 @@ module LicenseFinder
       @short_name = name
       @pretty_name = name
       @url = nil
+      @spdx_id = nil
       @matcher = NoneMatcher.new
       # removes heading and trailing parentesis and splits
       name = name[1..-2] if name.start_with?('(')

data/lib/license_finder/logger.rb CHANGED Viewed

@@ -11,7 +11,7 @@ module LicenseFinder
     attr_reader :mode
     def initialize(mode = nil)
-      @system_logger = ::Logger.new(STDOUT)
+      @system_logger = ::Logger.new($stdout)
       @system_logger.formatter = proc do |_, _, _, msg|
         "#{msg}\n"
       end

data/lib/license_finder/package.rb CHANGED Viewed

@@ -18,7 +18,7 @@ module LicenseFinder
   #   the constructor options
   # - otherwise, override #licenses_from_spec or #license_files
   class Package
-    attr_reader :logger
+    attr_reader :logger, :name, :version, :authors, :summary, :description, :children, :parents, :groups, :manual_approval, :license_names_from_spec, :install_path
     def self.license_names_from_standard_spec(spec)
       licenses = spec['licenses'] || [spec['license']].compact
@@ -64,10 +64,6 @@ module LicenseFinder
     attr_accessor :homepage, :package_url
-    attr_reader :name, :version, :authors,
-                :summary, :description,
-                :children, :parents, :groups
     ## APPROVAL
     def approved_manually!(approval)
@@ -101,8 +97,6 @@ module LicenseFinder
       @restricted
     end
-    attr_reader :manual_approval
     ## EQUALITY
     def <=>(other)
@@ -120,10 +114,7 @@ module LicenseFinder
       [name, version].hash
     end
-    ## LICENSING
-    attr_reader :license_names_from_spec # stubbed in tests, otherwise private
-    attr_reader :install_path # checked in tests, otherwise private
+    ## LICENSING # stubbed in tests, otherwise private # checked in tests, otherwise private
     def licenses
       @licenses ||= activations.map(&:license).sort_by(&:name).to_set
@@ -200,3 +191,4 @@ require 'license_finder/packages/sbt_package'
 require 'license_finder/packages/cargo_package'
 require 'license_finder/packages/composer_package'
 require 'license_finder/packages/conda_package'
+require 'license_finder/packages/pubspec_package'

data/lib/license_finder/package_delta.rb CHANGED Viewed

@@ -29,7 +29,7 @@ module LicenseFinder
     end
     def merged_package?
-      pick_package.class == MergedPackage
+      pick_package.instance_of?(MergedPackage)
     end
     def method_missing(_method_name)

data/lib/license_finder/package_manager.rb CHANGED Viewed

@@ -177,5 +177,6 @@ require 'license_finder/package_managers/sbt'
 require 'license_finder/package_managers/cargo'
 require 'license_finder/package_managers/composer'
 require 'license_finder/package_managers/conda'
+require 'license_finder/package_managers/pub'
 require 'license_finder/package'

data/lib/license_finder/package_managers/cocoa_pods.rb CHANGED Viewed

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 require 'json'
+require 'open3'
 module LicenseFinder
   class CocoaPods < PackageManager
@@ -42,20 +43,24 @@ module LicenseFinder
     end
     def acknowledgements_path
-      search_paths = ['Pods/Pods-acknowledgements.plist',
-                      'Pods/Target Support Files/Pods/Pods-acknowledgements.plist',
-                      'Pods/Target Support Files/Pods-*/Pods-*-acknowledgements.plist']
-      result = Dir[*search_paths.map { |path| File.join(project_path, path) }].first
-      raise "Found a Podfile but no Pods directory in #{project_path}. Try running pod install before running license_finder." if result.nil?
+      if !ENV['ACKNOWLEDGEMENTS_PATH'].nil?
+        result = Dir[*ENV['ACKNOWLEDGEMENTS_PATH']].first
+      else
+        search_paths = ['Pods/Pods-acknowledgements.plist',
+                        'Pods/Target Support Files/Pods/Pods-acknowledgements.plist',
+                        'Pods/Target Support Files/Pods-*/Pods-*-acknowledgements.plist']
+        result = Dir[*search_paths.map { |path| File.join(project_path, path) }].first
+        raise "Found a Podfile but no Pods directory in #{project_path}. Try running pod install before running license_finder." if result.nil?
+      end
       result
     end
     def read_plist(pathname)
-      transformed_pathname = pathname.gsub!(%r{[^0-9A-Za-z. \-'/]}, '')
-      transformed_pathname = pathname if transformed_pathname.nil?
-      JSON.parse(`plutil -convert json -o - '#{transformed_pathname}'`)
+      out, err, status = Open3.capture3('plutil', '-convert', 'json', '-o', '-', pathname)
+      raise "#{out}\n\n#{err}" unless status.success?
+      JSON.parse(out)
     end
   end
 end

data/lib/license_finder/package_managers/conda.rb CHANGED Viewed

@@ -90,7 +90,7 @@ module LicenseFinder
       if status.success?
         conda_list = []
         stdout.each_line do |line|
-          next if line =~ /^\s*#/
+          next if /^\s*#/.match?(line)
           name, version, build, channel = line.split
           conda_list << {

data/lib/license_finder/package_managers/glide.rb CHANGED Viewed

@@ -9,7 +9,13 @@ module LicenseFinder
     def current_packages
       detected_path = detected_package_path
-      YAML.load_file(detected_path).fetch('imports').map do |package_hash|
+      imports = if Gem::Version.new(Psych::VERSION) >= Gem::Version.new('3.1.0.pre1')
+                  YAML.safe_load(File.read(detected_path), permitted_classes: [Symbol, Time], aliases: true).fetch('imports')
+                else
+                  YAML.safe_load(File.read(detected_path), [Symbol, Time], [], true).fetch('imports')
+                end
+      imports.map do |package_hash|
         import_path = package_hash.fetch('name')
         license_path = project_path.join('vendor', import_path)

data/lib/license_finder/package_managers/go_15vendorexperiment.rb CHANGED Viewed

@@ -37,7 +37,7 @@ module LicenseFinder
         GoPackage.from_dependency({
                                     'ImportPath' => dep,
                                     'InstallPath' => detected_package_path.join(dep),
-                                    'Rev' => 'vendored-' + project_sha(detected_package_path.join(dep)),
+                                    'Rev' => "vendored-#{project_sha(detected_package_path.join(dep))}",
                                     'Homepage' => repo_name(dep)
                                   }, nil, true)
       end
@@ -70,7 +70,7 @@ module LicenseFinder
         deps = val.split("\n")
         Cmd.run('go list std').first.split("\n").each do |std|
           deps.delete_if do |dep|
-            dep =~ %r{(\/|^)#{std}(\/|$)}
+            dep =~ %r{(/|^)#{std}(/|$)}
           end
         end
         deps.map do |d|

data/lib/license_finder/package_managers/go_dep.rb CHANGED Viewed

@@ -38,7 +38,7 @@ module LicenseFinder
                             project_path.join(GODEP_VENDOR_PATH)
                           else
                             download_dependencies
-                            Pathname(ENV['GOPATH'] ? ENV['GOPATH'] + '/src' : ENV['HOME'] + '/go/src')
+                            Pathname(ENV['GOPATH'] ? "#{ENV['GOPATH']}/src" : "#{ENV['HOME']}/go/src")
                           end
     end

data/lib/license_finder/package_managers/go_workspace.rb CHANGED Viewed

@@ -94,7 +94,7 @@ module LicenseFinder
         deps = val.split("\n")
         Cmd.run('go list std').first.split("\n").each do |std|
           deps.delete_if do |dep|
-            dep =~ %r{(\/|^)#{std}(\/|$)}
+            dep =~ %r{(/|^)#{std}(/|$)}
           end
         end
         deps

data/lib/license_finder/package_managers/nuget.rb CHANGED Viewed

@@ -64,7 +64,7 @@ module LicenseFinder
       file = files.first
       Zip::File.open file do |zipfile|
-        content = zipfile.read(dep.name + '.nuspec')
+        content = zipfile.read("#{dep.name}.nuspec")
         Nuget.nuspec_license_urls(content)
       end
     end

data/lib/license_finder/package_managers/pub.rb ADDED Viewed

@@ -0,0 +1,86 @@
+# frozen_string_literal: true
+require 'json'
+require 'yaml'
+module LicenseFinder
+  class Pub < PackageManager
+    class PubError < RuntimeError; end
+    def current_packages
+      unless File.exist?('pubspec.lock')
+        raise PubError, "No checked-out Pub packages found.
+          Please install your dependencies first."
+      end
+      if ENV['PUB_CACHE'].nil? || ENV['PUB_CACHE'].eql?('')
+        raise PubError, 'While PUB_CACHE environment variable is empty, retrieving package licenses is impossible. Please set the PUB_CACHE env variable (default: ~/.pub)'
+      end
+      stdout, _stderr, _status = Cmd.run('flutter pub deps --json')
+      yaml_deps = JSON.parse(stdout)
+      yaml_deps['packages'].map do |dependency|
+        package_name = dependency['name']
+        subpath = "#{dependency['name']}-#{dependency['version']}"
+        package_version = dependency['version']
+        project_repo = dependency['source'] == 'git' ? Pathname("#{ENV['PUB_CACHE']}/git/#{dependency['name']}-*/") : Pathname("#{ENV['PUB_CACHE']}/hosted/pub.dartlang.org/#{subpath}")
+        homepage = read_repository_home(project_repo)
+        homepage = "https://pub.dev/packages/#{package_name}" if homepage.nil? || homepage.empty?
+        PubPackage.new(
+          package_name,
+          package_version,
+          license_text(project_repo),
+          logger: logger,
+          install_path: project_repo,
+          homepage: homepage
+        )
+      end
+    end
+    def possible_package_paths
+      [project_path.join('pubspec.lock')]
+    end
+    def package_management_command
+      'flutter'
+    end
+    def prepare_command
+      'flutter pub get'
+    end
+    def prepare
+      prep_cmd = "#{prepare_command} #{production_flag}"
+      _stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(prep_cmd) }
+      return if status.success?
+      log_errors stderr
+      raise "Prepare command '#{prep_cmd}' failed" unless @prepare_no_fail
+    end
+    private
+    def license_text(subpath)
+      license_path = license_pattern(subpath).find { |f| File.exist?(f) }
+      license_path.nil? ? nil : IO.read(license_path)
+    end
+    def license_pattern(subpath)
+      Dir.glob(subpath.join('LICENSE*'), File::FNM_CASEFOLD)
+    end
+    def production_flag
+      return '' if @ignored_groups.nil?
+      @ignored_groups.include?('devDependencies') ? '' : 'no-'
+    end
+    def read_repository_home(project_repo)
+      package_yaml = project_repo.join('pubspec.yaml')
+      YAML.load(IO.read(package_yaml))['repository'] if Dir.exist?(project_repo) && File.exist?(package_yaml)
+    end
+  end
+end

data/lib/license_finder/package_managers/sbt.rb CHANGED Viewed

@@ -17,11 +17,7 @@ module LicenseFinder
       dependencies = SbtDependencyFinder.new(project_path).dependencies
       packages = dependencies.flat_map do |text|
-        options = {
-          headers: true
-        }
-        contents = CSV.parse(text, options)
+        contents = CSV.parse(text, headers: true)
         contents.map do |row|
           group_id, name, version = row['Dependency'].split('#').map(&:strip)
           spec = {

data/lib/license_finder/package_managers/yarn.rb CHANGED Viewed

@@ -13,8 +13,8 @@ module LicenseFinder
       suffix = " --cwd #{project_path}" unless project_path.nil?
       cmd += suffix unless suffix.nil?
-      stdout, _stderr, status = Cmd.run(cmd)
-      return [] unless status.success?
+      stdout, stderr, status = Cmd.run(cmd)
+      raise "Command '#{cmd}' failed to execute: #{stderr}" unless status.success?
       packages = []
       incompatible_packages = []

data/lib/license_finder/package_utils/license_files.rb CHANGED Viewed

@@ -4,7 +4,7 @@ require 'license_finder/package_utils/possible_license_file'
 module LicenseFinder
   class LicenseFiles
-    CANDIDATE_FILE_NAMES = %w[License Licence COPYING README].freeze
+    CANDIDATE_FILE_NAMES = %w[LICENSE License license LICENCE Licence licence COPYING copying README readme].freeze
     CANDIDATE_PATH_WILDCARD = "*{#{CANDIDATE_FILE_NAMES.join(',')}}*"
     def self.find(install_path, options = {})
@@ -35,7 +35,7 @@ module LicenseFinder
     def candidate_files_and_dirs
       return [] if install_path.nil?
-      Pathname.glob(install_path.join('**', CANDIDATE_PATH_WILDCARD), File::FNM_CASEFOLD)
+      Pathname.glob(install_path.join('**', CANDIDATE_PATH_WILDCARD))
     end
   end
 end

data/lib/license_finder/packages/bower_package.rb CHANGED Viewed

@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 require 'open-uri'
 module LicenseFinder
   class BowerPackage < Package
     def initialize(bower_module, options = {})
@@ -35,7 +34,11 @@ module LicenseFinder
     end
     def package_url
-      meta = JSON.parse(open("https://registry.bower.io/packages/#{CGI.escape(name)}").read)
+      meta = if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.5.0')
+               JSON.parse(open("https://registry.bower.io/packages/#{CGI.escape(name)}").read)
+             else
+               JSON.parse(URI.open("https://registry.bower.io/packages/#{CGI.escape(name)}").read)
+             end
       meta['url']
     end
   end

data/lib/license_finder/packages/erlangmk_package.rb CHANGED Viewed

@@ -37,9 +37,7 @@ module LicenseFinder
     end
     def dep_version
-      @dep_version ||= begin
-        dep_version_unformatted.sub(version_prefix_re, '')
-      end
+      @dep_version ||= dep_version_unformatted.sub(version_prefix_re, '')
     end
     def dep_repo
@@ -88,7 +86,7 @@ module LicenseFinder
     def dep_version_valid?
       return false unless set?(dep_version_unformatted)
-      if dep_version =~ version_re
+      if dep_version&.match?(version_re)
         Gem::Version.correct?(dep_version)
       else
         dep_version =~ word_dot_re

data/lib/license_finder/packages/npm_package.rb CHANGED Viewed

@@ -156,6 +156,7 @@ module LicenseFinder
     class PackageJson
       attr_reader :groups
       DEPENDENCY_GROUPS = %w[dependencies devDependencies].freeze
       def initialize(path)