RubyGems - license_finder - Versions diffs - 6.3.0 → 6.6.2 - Mend

license_finder 6.3.0 → 6.6.2

Files changed (53) hide show

checksums.yaml +4 -4
data/.rubocop.yml +6 -0
data/CHANGELOG.md +60 -0
data/Dockerfile +13 -11
data/README.md +28 -6
data/Rakefile +1 -1
data/VERSION +1 -1
data/ci/pipelines/release.yml.erb +14 -4
data/ci/tasks/rubocop.yml +1 -1
data/lib/license_finder/cli.rb +1 -0
data/lib/license_finder/cli/base.rb +1 -0
data/lib/license_finder/cli/inherited_decisions.rb +50 -0
data/lib/license_finder/cli/main.rb +3 -1
data/lib/license_finder/configuration.rb +5 -1
data/lib/license_finder/decision_applier.rb +8 -4
data/lib/license_finder/decisions.rb +99 -20
data/lib/license_finder/license.rb +37 -0
data/lib/license_finder/license/definitions.rb +26 -3
data/lib/license_finder/license/templates/0BSD.txt +10 -0
data/lib/license_finder/license/templates/SimplifiedBSD.txt +0 -4
data/lib/license_finder/license/text.rb +24 -2
data/lib/license_finder/logger.rb +2 -0
data/lib/license_finder/package.rb +2 -1
data/lib/license_finder/package_manager.rb +6 -2
data/lib/license_finder/package_managers/bundler.rb +1 -1
data/lib/license_finder/package_managers/dotnet.rb +2 -1
data/lib/license_finder/package_managers/go_15vendorexperiment.rb +1 -1
data/lib/license_finder/package_managers/go_modules.rb +35 -12
data/lib/license_finder/package_managers/mix.rb +1 -1
data/lib/license_finder/package_managers/nuget.rb +51 -4
data/lib/license_finder/package_managers/pipenv.rb +1 -1
data/lib/license_finder/package_managers/rebar.rb +29 -8
data/lib/license_finder/package_managers/yarn.rb +16 -2
data/lib/license_finder/package_utils/license_files.rb +2 -2
data/lib/license_finder/packages/bower_package.rb +7 -0
data/lib/license_finder/packages/bundler_package.rb +4 -0
data/lib/license_finder/packages/cargo_package.rb +4 -0
data/lib/license_finder/packages/cocoa_pods_package.rb +4 -0
data/lib/license_finder/packages/composer_package.rb +4 -0
data/lib/license_finder/packages/conan_package.rb +4 -0
data/lib/license_finder/packages/go_package.rb +4 -0
data/lib/license_finder/packages/gradle_package.rb +4 -0
data/lib/license_finder/packages/maven_package.rb +4 -0
data/lib/license_finder/packages/merged_package.rb +1 -1
data/lib/license_finder/packages/mix_package.rb +4 -0
data/lib/license_finder/packages/npm_package.rb +4 -0
data/lib/license_finder/packages/nuget_package.rb +4 -0
data/lib/license_finder/packages/pip_package.rb +13 -2
data/lib/license_finder/packages/rebar_package.rb +4 -0
data/lib/license_finder/packages/yarn_package.rb +4 -0
data/lib/license_finder/reports/csv_report.rb +7 -3
data/lib/license_finder/reports/json_report.rb +2 -0
metadata +5 -3

data/lib/license_finder/decisions.rb CHANGED

@@ -1,12 +1,15 @@
 # frozen_string_literal: true
+require 'open-uri'
+require 'license_finder/license'
 module LicenseFinder
   class Decisions
     ######
     # READ
     ######
-    attr_reader :packages, :permitted, :restricted, :ignored, :ignored_groups, :project_name
+    attr_reader :packages, :permitted, :restricted, :ignored, :ignored_groups, :project_name, :inherited_decisions
     def licenses_of(name)
       @licenses[name]
@@ -37,6 +40,9 @@ module LicenseFinder
     end
     def permitted?(lic)
+      return lic.sub_licenses.any? { |sub_lic| @permitted.include?(sub_lic) } if lic.is_a?(OrLicense)
+      return lic.sub_licenses.all? { |sub_lic| @permitted.include?(sub_lic) } if lic.is_a?(AndLicense)
       @permitted.include?(lic)
     end
@@ -72,40 +78,41 @@ module LicenseFinder
       @restricted = Set.new
       @ignored = Set.new
       @ignored_groups = Set.new
+      @inherited_decisions = Set.new
     end
     def add_package(name, version, txn = {})
-      @decisions << [:add_package, name, version, txn]
+      add_decision [:add_package, name, version, txn]
       @packages << ManualPackage.new(name, version)
       self
     end
     def remove_package(name, txn = {})
-      @decisions << [:remove_package, name, txn]
+      add_decision [:remove_package, name, txn]
       @packages.delete(ManualPackage.new(name))
       self
     end
     def license(name, lic, txn = {})
-      @decisions << [:license, name, lic, txn]
+      add_decision [:license, name, lic, txn]
       @licenses[name] << License.find_by_name(lic)
       self
     end
     def unlicense(name, lic, txn = {})
-      @decisions << [:unlicense, name, lic, txn]
+      add_decision [:unlicense, name, lic, txn]
       @licenses[name].delete(License.find_by_name(lic))
       self
     end
     def homepage(name, homepage, txn = {})
-      @decisions << [:homepage, name, homepage, txn]
+      add_decision [:homepage, name, homepage, txn]
       @homepages[name] = homepage
       self
     end
     def approve(name, txn = {})
-      @decisions << [:approve, name, txn]
+      add_decision [:approve, name, txn]
       versions = []
       versions = @approvals[name][:safe_versions] if @approvals.key?(name)
@@ -115,71 +122,144 @@ module LicenseFinder
     end
     def unapprove(name, txn = {})
-      @decisions << [:unapprove, name, txn]
+      add_decision [:unapprove, name, txn]
       @approvals.delete(name)
       self
     end
     def permit(lic, txn = {})
-      @decisions << [:permit, lic, txn]
+      add_decision [:permit, lic, txn]
       @permitted << License.find_by_name(lic)
       self
     end
     def unpermit(lic, txn = {})
-      @decisions << [:unpermit, lic, txn]
+      add_decision [:unpermit, lic, txn]
       @permitted.delete(License.find_by_name(lic))
       self
     end
     def restrict(lic, txn = {})
-      @decisions << [:restrict, lic, txn]
+      add_decision [:restrict, lic, txn]
       @restricted << License.find_by_name(lic)
       self
     end
     def unrestrict(lic, txn = {})
-      @decisions << [:unrestrict, lic, txn]
+      add_decision [:unrestrict, lic, txn]
       @restricted.delete(License.find_by_name(lic))
       self
     end
     def ignore(name, txn = {})
-      @decisions << [:ignore, name, txn]
+      add_decision [:ignore, name, txn]
       @ignored << name
       self
     end
     def heed(name, txn = {})
-      @decisions << [:heed, name, txn]
+      add_decision [:heed, name, txn]
       @ignored.delete(name)
       self
     end
     def ignore_group(name, txn = {})
-      @decisions << [:ignore_group, name, txn]
+      add_decision [:ignore_group, name, txn]
       @ignored_groups << name
       self
     end
     def heed_group(name, txn = {})
-      @decisions << [:heed_group, name, txn]
+      add_decision [:heed_group, name, txn]
       @ignored_groups.delete(name)
       self
     end
     def name_project(name, txn = {})
-      @decisions << [:name_project, name, txn]
+      add_decision [:name_project, name, txn]
       @project_name = name
       self
     end
     def unname_project(txn = {})
-      @decisions << [:unname_project, txn]
+      add_decision [:unname_project, txn]
       @project_name = nil
       self
     end
+    def inherit_from(filepath_info)
+      decisions =
+        if filepath_info.is_a?(Hash)
+          resolve_inheritance(filepath_info)
+        elsif filepath_info =~ %r{^https?://}
+          open_uri(filepath_info).read
+        else
+          Pathname(filepath_info).read
+        end
+      add_decision [:inherit_from, filepath_info]
+      @inherited_decisions << filepath_info
+      restore_inheritance(decisions)
+    end
+    def resolve_inheritance(filepath_info)
+      if (gem_name = filepath_info['gem'])
+        Pathname(gem_config_path(gem_name, filepath_info['path'])).read
+      else
+        open_uri(filepath_info['url'], filepath_info['authorization']).read
+      end
+    end
+    def gem_config_path(gem_name, relative_config_path)
+      spec = Gem::Specification.find_by_name(gem_name)
+      File.join(spec.gem_dir, relative_config_path)
+    rescue Gem::LoadError => e
+      raise Gem::LoadError,
+            "Unable to find gem #{gem_name}; is the gem installed? #{e}"
+    end
+    def remove_inheritance(filepath)
+      @decisions -= [[:inherit_from, filepath]]
+      @inherited_decisions.delete(filepath)
+      self
+    end
+    def add_decision(decision)
+      @decisions << decision unless @inherited
+    end
+    def restore_inheritance(decisions)
+      @inherited = true
+      self.class.restore(decisions, self)
+      @inherited = false
+      self
+    end
+    def open_uri(uri, auth = nil)
+      header = {}
+      auth_header = resolve_authorization(auth)
+      header['Authorization'] = auth_header if auth_header
+      # ruby < 2.5.0 URI.open is private
+      if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.5.0')
+        # rubocop:disable Security/Open
+        open(uri, header)
+        # rubocop:enable Security/Open
+      else
+        URI.open(uri, header)
+      end
+    end
+    def resolve_authorization(auth)
+      return unless auth
+      token_env = auth.match(/\$(\S.*)/)
+      return auth unless token_env
+      token = ENV[token_env[1]]
+      auth.sub(token_env[0], token)
+    end
     #########
     # PERSIST
     #########
@@ -192,8 +272,7 @@ module LicenseFinder
       write!(persist, file)
     end
-    def self.restore(persisted)
-      result = new
+    def self.restore(persisted, result = new)
       return result unless persisted
       actions = YAML.load(persisted)

data/lib/license_finder/license.rb CHANGED

@@ -19,6 +19,9 @@ module LicenseFinder
       def find_by_name(name)
         name ||= 'unknown'
+        return OrLicense.new(name) if name.include?(OrLicense.operator)
+        return AndLicense.new(name) if name.include?(AndLicense.operator)
         all.detect { |l| l.matches_name? l.stripped_name(name) } || Definitions.build_unrecognized(name)
       end
@@ -61,6 +64,10 @@ module LicenseFinder
       name.hash
     end
+    def unrecognized_matcher?
+      matcher.is_a?(NoneMatcher)
+    end
     private
     attr_reader :short_name, :pretty_name, :other_names
@@ -70,4 +77,34 @@ module LicenseFinder
       ([short_name, pretty_name] + other_names).uniq
     end
   end
+  class AndLicense < License
+    def self.operator
+      ' AND '
+    end
+    def initialize(name, operator = AndLicense.operator)
+      @short_name = name
+      @pretty_name = name
+      @url = nil
+      @matcher = NoneMatcher.new
+      # removes heading and trailing parentesis and splits
+      name = name[1..-2] if name.start_with?('(')
+      names = name.split(operator)
+      @sub_licenses = names.map do |sub_name|
+        License.find_by_name(sub_name)
+      end
+    end
+    attr_reader :sub_licenses
+  end
+  class OrLicense < AndLicense
+    def self.operator
+      ' OR '
+    end
+    def initialize(name)
+      super(name, OrLicense.operator)
+    end
+  end
 end

data/lib/license_finder/license/definitions.rb CHANGED

@@ -25,7 +25,8 @@ module LicenseFinder
           python,
           ruby,
           simplifiedbsd,
-          wtfpl
+          wtfpl,
+          zerobsd
         ]
       end
@@ -294,13 +295,35 @@ module LicenseFinder
       def wtfpl
         License.new(
           short_name: 'WTFPL',
-          pretty_name: 'Do What The Fuck You Want To Public License',
+          pretty_name: 'WTFPL',
           other_names: [
-            'WTFPL V2'
+            'WTFPL V2',
+            'Do What The Fuck You Want To Public License'
           ],
           url: 'http://www.wtfpl.net/'
         )
       end
+      def zerobsd
+        matcher = AnyMatcher.new(
+          Matcher.from_template(Template.named('0BSD'))
+        )
+        License.new(
+          short_name: '0BSD',
+          pretty_name: 'BSD Zero Clause License',
+          other_names: [
+            '0-Clause BSD',
+            'Zero-Clause BSD',
+            'BSD-0-Clause',
+            'BSD-Zero-Clause',
+            'BSD 0-Clause',
+            'BSD Zero-Clause'
+          ],
+          url: 'https://opensource.org/licenses/0BSD',
+          matcher: matcher
+        )
+      end
     end
   end
 end

data/lib/license_finder/license/templates/0BSD.txt ADDED

@@ -0,0 +1,10 @@
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted.
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
+AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+PERFORMANCE OF THIS SOFTWARE.

data/lib/license_finder/license/templates/SimplifiedBSD.txt CHANGED

@@ -17,7 +17,3 @@ LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
 ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-The views and conclusions contained in the software and documentation are those
-of the authors and should not be interpreted as representing official policies,
-either expressed or implied, of the FreeBSD Project.

data/lib/license_finder/license/text.rb CHANGED

@@ -6,15 +6,37 @@ module LicenseFinder
       SPACES = /\s+/.freeze
       QUOTES = /['`"]{1,2}/.freeze
       PLACEHOLDERS = /<[^<>]+>/.freeze
+      SPECIAL_SINGLE_QUOTES = /[‘’]/.freeze
+      SPECIAL_DOUBLE_QUOTES = /[“”„«»]/.freeze
+      ALPHABET_ORDERED_LIST = /\\\([a-z]\\\)\\\s/.freeze
+      ALPHABET_ORDERED_LIST_OPTIONAL = '(\([a-z]\)\s)?'
+      LIST_BULLETS = /(\d{1,2}\\\.|\\\*)\\\s/.freeze
+      LIST_BULLETS_OPTIONAL = '(\d{1,2}.|\*)?\s*'
+      NEWLINE_CHARACTER = /\n+/.freeze
+      QUOTE_COMMENT_CHARACTER = /^\s*\>+/.freeze
+      ESCAPED_QUOTES = /\\\"/.freeze
       def self.normalize_punctuation(text)
-        text.gsub(SPACES, ' ')
+        text.dup.force_encoding('UTF-8')
+            .gsub(SPECIAL_DOUBLE_QUOTES, '"')
+            .gsub(SPECIAL_SINGLE_QUOTES, "'")
+            .gsub(QUOTE_COMMENT_CHARACTER, '')
+            .gsub(SPACES, ' ')
+            .gsub(NEWLINE_CHARACTER, ' ')
+            .gsub(ESCAPED_QUOTES, '"')
             .gsub(QUOTES, '"')
             .strip
+      rescue ArgumentError => _e
+        text
       end
       def self.compile_to_regex(text)
-        Regexp.new(Regexp.escape(text).gsub(PLACEHOLDERS, '(.*)'))
+        Regexp.new(Regexp.escape(normalize_punctuation(text))
+                       .gsub(PLACEHOLDERS, '(.*)')
+                       .gsub(',', '(,)?')
+                       .gsub('HOLDER', '(HOLDER|OWNER)')
+                       .gsub(ALPHABET_ORDERED_LIST, ALPHABET_ORDERED_LIST_OPTIONAL)
+                       .gsub(LIST_BULLETS, LIST_BULLETS_OPTIONAL))
       end
     end
   end

data/lib/license_finder/logger.rb CHANGED

@@ -36,6 +36,8 @@ module LicenseFinder
         "\e[31m#{string}\e[0m"
       when :green
         "\e[32m#{string}\e[0m"
+      when :magenta
+        "\e[35m#{string}\e[0m"
       else
         string
       end

data/lib/license_finder/package.rb CHANGED

@@ -43,6 +43,7 @@ module LicenseFinder
       @summary = options[:summary] || ''
       @description = options[:description] || ''
       @homepage = options[:homepage] || ''
+      @package_url = options[:package_url].to_s
       @children = options[:children] || []
       @parents = Set.new # will be figured out later by package manager
       @groups = options[:groups] || []
@@ -61,7 +62,7 @@ module LicenseFinder
     ## DESCRIPTION
-    attr_accessor :homepage
+    attr_accessor :homepage, :package_url
     attr_reader :name, :version, :authors,
                 :summary, :description,

data/lib/license_finder/package_manager.rb CHANGED

@@ -119,8 +119,12 @@ module LicenseFinder
     attr_reader :logger, :project_path
     def log_errors(stderr)
-      logger.info prepare_command, 'did not succeed.', color: :red
-      logger.info prepare_command, stderr, color: :red
+      log_errors_with_cmd(prepare_command, stderr)
+    end
+    def log_errors_with_cmd(prep_cmd, stderr)
+      logger.info prep_cmd, 'did not succeed.', color: :red
+      logger.info prep_cmd, stderr, color: :red
       log_to_file stderr
     end

data/lib/license_finder/package_managers/bundler.rb CHANGED

@@ -27,7 +27,7 @@ module LicenseFinder
     def prepare_command
       ignored_groups_argument = !ignored_groups.empty? ? "--without #{ignored_groups.to_a.join(' ')}" : ''
-      gem_path = SecureRandom.uuid
+      gem_path = "lf-bundler-gems-#{SecureRandom.uuid}"
       logger.info self.class, "Running bundle install for #{Dir.pwd} with path #{gem_path}", color: :blue
       "bundle install #{ignored_groups_argument} --path #{gem_path}".strip