license_finder 6.5.0 → 6.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/README.md +22 -0
- data/VERSION +1 -1
- data/lib/license_finder/license/definitions.rb +23 -1
- data/lib/license_finder/license/templates/0BSD.txt +10 -0
- data/lib/license_finder/logger.rb +2 -0
- data/lib/license_finder/package_manager.rb +6 -2
- data/lib/license_finder/package_managers/dotnet.rb +2 -1
- data/lib/license_finder/package_managers/nuget.rb +22 -0
- data/lib/license_finder/package_managers/pipenv.rb +1 -1
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 00a090f4a84431d9c17451f6d1ee035e45a9cb79964e3b54eeb6f76f8b852cff
|
|
4
|
+
data.tar.gz: c9b1590ea442e18751cc06de3b6a2219345e179bf29339312663d0391cccb323
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fbb1eddec4981aac19f48cfd0c525d5f56ac5ec1a5cd4c234a3a4c2b9609efd6fb747f9c9b345397ec0b2328623b8a5f2da9aedab0a7cc8c7cafc4ade34c4511
|
|
7
|
+
data.tar.gz: 75104bce30468c753473bef4895b9a6df493bc144eea8599f25c7c0ba9b8e97997407fe822bef1ee109d00227ff9946493e0c791326bf8a8759aa28e56959ed7
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
# [6.6.0] / 2020-06-22
|
|
2
|
+
|
|
1
3
|
# [6.5.0] / 2020-06-01
|
|
2
4
|
|
|
3
5
|
### Added
|
|
@@ -874,3 +876,4 @@ Bugfixes:
|
|
|
874
876
|
[6.3.0]: https://github.com/pivotal/LicenseFinder/compare/v6.2.0...v6.3.0
|
|
875
877
|
[6.4.0]: https://github.com/pivotal/LicenseFinder/compare/v6.3.0...v6.4.0
|
|
876
878
|
[6.5.0]: https://github.com/pivotal/LicenseFinder/compare/v6.4.0...v6.5.0
|
|
879
|
+
[6.6.0]: https://github.com/pivotal/LicenseFinder/compare/v6.5.0...v6.6.0
|
data/README.md
CHANGED
|
@@ -379,6 +379,26 @@ items, even if someone attempts to manually approve or permit it. However,
|
|
|
379
379
|
if a dependency has even one license that is not restricted, it can still be
|
|
380
380
|
manually approved or permitted.
|
|
381
381
|
|
|
382
|
+
## Decision inheritance
|
|
383
|
+
|
|
384
|
+
Add or remove decision files you want to inherit from - see `license_finder inherited_decisions help` for more information.
|
|
385
|
+
|
|
386
|
+
This allows you to have a centralized decision file for approved/restricted licenses. If you have multiple projects it's way easier to have one single place where you approved or restricted licenses defined.
|
|
387
|
+
|
|
388
|
+
Add one or more decision files to the inherited decisions
|
|
389
|
+
```bash
|
|
390
|
+
license_finder inherited_decisions add DECISION_FILE
|
|
391
|
+
```
|
|
392
|
+
|
|
393
|
+
Remove one or more decision files from the inherited decisions
|
|
394
|
+
```bash
|
|
395
|
+
license_finder inherited_decisions remove DECISION_FILE
|
|
396
|
+
```
|
|
397
|
+
|
|
398
|
+
List all the inherited decision files
|
|
399
|
+
```bash
|
|
400
|
+
license_finder inherited_decisions list
|
|
401
|
+
```
|
|
382
402
|
|
|
383
403
|
## Configuration
|
|
384
404
|
|
|
@@ -467,6 +487,8 @@ licenseConfigurations := Set("compile", "provided")
|
|
|
467
487
|
|
|
468
488
|
## Upgrading
|
|
469
489
|
|
|
490
|
+
To upgrade to `license_finder` version >= 6.0, you have to replace the terminology `whitelist` with `permit` and `blacklist` with `restrict` in your `dependency_decisions.yml`. See [Changelog](https://github.com/pivotal/LicenseFinder/blob/master/CHANGELOG.md#600--2020-01-22) for more details.
|
|
491
|
+
|
|
470
492
|
To upgrade from `license_finder` version 1.2 to 2.0, see
|
|
471
493
|
[`license_finder_upgrade`](https://github.com/mainej/license_finder_upgrade).
|
|
472
494
|
To upgrade to 2.0 from a version lower than 1.2, first upgrade to 1.2, and run
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
6.
|
|
1
|
+
6.6.0
|
|
@@ -25,7 +25,8 @@ module LicenseFinder
|
|
|
25
25
|
python,
|
|
26
26
|
ruby,
|
|
27
27
|
simplifiedbsd,
|
|
28
|
-
wtfpl
|
|
28
|
+
wtfpl,
|
|
29
|
+
zerobsd
|
|
29
30
|
]
|
|
30
31
|
end
|
|
31
32
|
|
|
@@ -302,6 +303,27 @@ module LicenseFinder
|
|
|
302
303
|
url: 'http://www.wtfpl.net/'
|
|
303
304
|
)
|
|
304
305
|
end
|
|
306
|
+
|
|
307
|
+
def zerobsd
|
|
308
|
+
matcher = AnyMatcher.new(
|
|
309
|
+
Matcher.from_template(Template.named('0BSD'))
|
|
310
|
+
)
|
|
311
|
+
|
|
312
|
+
License.new(
|
|
313
|
+
short_name: '0BSD',
|
|
314
|
+
pretty_name: 'BSD Zero Clause License',
|
|
315
|
+
other_names: [
|
|
316
|
+
'0-Clause BSD',
|
|
317
|
+
'Zero-Clause BSD',
|
|
318
|
+
'BSD-0-Clause',
|
|
319
|
+
'BSD-Zero-Clause',
|
|
320
|
+
'BSD 0-Clause',
|
|
321
|
+
'BSD Zero-Clause'
|
|
322
|
+
],
|
|
323
|
+
url: 'https://opensource.org/licenses/0BSD',
|
|
324
|
+
matcher: matcher
|
|
325
|
+
)
|
|
326
|
+
end
|
|
305
327
|
end
|
|
306
328
|
end
|
|
307
329
|
end
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
Permission to use, copy, modify, and/or distribute this software for any
|
|
2
|
+
purpose with or without fee is hereby granted.
|
|
3
|
+
|
|
4
|
+
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
|
|
5
|
+
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
|
|
6
|
+
AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
|
|
7
|
+
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
|
|
8
|
+
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
|
|
9
|
+
OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
|
|
10
|
+
PERFORMANCE OF THIS SOFTWARE.
|
|
@@ -119,8 +119,12 @@ module LicenseFinder
|
|
|
119
119
|
attr_reader :logger, :project_path
|
|
120
120
|
|
|
121
121
|
def log_errors(stderr)
|
|
122
|
-
|
|
123
|
-
|
|
122
|
+
log_errors_with_cmd(prepare_command, stderr)
|
|
123
|
+
end
|
|
124
|
+
|
|
125
|
+
def log_errors_with_cmd(prep_cmd, stderr)
|
|
126
|
+
logger.info prep_cmd, 'did not succeed.', color: :red
|
|
127
|
+
logger.info prep_cmd, stderr, color: :red
|
|
124
128
|
log_to_file stderr
|
|
125
129
|
end
|
|
126
130
|
|
|
@@ -63,7 +63,8 @@ module LicenseFinder
|
|
|
63
63
|
.uniq { |d| [d.name, d.version] }
|
|
64
64
|
|
|
65
65
|
package_metadatas.map do |d|
|
|
66
|
-
|
|
66
|
+
path = Dir.glob("#{Dir.home}/.nuget/packages/#{d.name.downcase}/#{d.version}").first
|
|
67
|
+
NugetPackage.new(d.name, d.version, spec_licenses: d.read_license_urls, install_path: path)
|
|
67
68
|
end
|
|
68
69
|
end
|
|
69
70
|
|
|
@@ -89,6 +89,28 @@ module LicenseFinder
|
|
|
89
89
|
"mono #{nuget_binary}"
|
|
90
90
|
end
|
|
91
91
|
|
|
92
|
+
def prepare
|
|
93
|
+
cmd = prepare_command
|
|
94
|
+
stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(cmd) }
|
|
95
|
+
return if status.success?
|
|
96
|
+
|
|
97
|
+
log_errors stderr
|
|
98
|
+
|
|
99
|
+
if stderr.include?('-PackagesDirectory')
|
|
100
|
+
logger.info cmd, 'trying fallback prepare command', color: :magenta
|
|
101
|
+
|
|
102
|
+
cmd = "#{cmd} -PackagesDirectory ."
|
|
103
|
+
stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(cmd) }
|
|
104
|
+
return if status.success?
|
|
105
|
+
|
|
106
|
+
log_errors_with_cmd(cmd, stderr)
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
error_message = "Prepare command '#{cmd}' failed\n#{stderr}"
|
|
110
|
+
error_message += "\n#{stdout}\n" if !stdout.nil? && !stdout.empty?
|
|
111
|
+
raise error_message unless @prepare_no_fail
|
|
112
|
+
end
|
|
113
|
+
|
|
92
114
|
def prepare_command
|
|
93
115
|
"#{package_management_command} restore"
|
|
94
116
|
end
|
|
@@ -15,7 +15,7 @@ module LicenseFinder
|
|
|
15
15
|
begin
|
|
16
16
|
packages = {}
|
|
17
17
|
each_dependency(groups: allowed_groups) do |name, data, group|
|
|
18
|
-
version = canonicalize(data['version'])
|
|
18
|
+
version = canonicalize(data['version'] || 'unknown')
|
|
19
19
|
package = packages.fetch(key_for(name, version)) do |key|
|
|
20
20
|
packages[key] = build_package_for(name, version)
|
|
21
21
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: license_finder
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.
|
|
4
|
+
version: 6.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ryan Collins
|
|
@@ -27,7 +27,7 @@ authors:
|
|
|
27
27
|
autorequire:
|
|
28
28
|
bindir: bin
|
|
29
29
|
cert_chain: []
|
|
30
|
-
date: 2020-06-
|
|
30
|
+
date: 2020-06-22 00:00:00.000000000 Z
|
|
31
31
|
dependencies:
|
|
32
32
|
- !ruby/object:Gem::Dependency
|
|
33
33
|
name: bundler
|
|
@@ -379,6 +379,7 @@ files:
|
|
|
379
379
|
- lib/license_finder/license/matcher.rb
|
|
380
380
|
- lib/license_finder/license/none_matcher.rb
|
|
381
381
|
- lib/license_finder/license/template.rb
|
|
382
|
+
- lib/license_finder/license/templates/0BSD.txt
|
|
382
383
|
- lib/license_finder/license/templates/Apache1_1.txt
|
|
383
384
|
- lib/license_finder/license/templates/Apache2.txt
|
|
384
385
|
- lib/license_finder/license/templates/BSD.txt
|
|
@@ -501,7 +502,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
501
502
|
- !ruby/object:Gem::Version
|
|
502
503
|
version: '0'
|
|
503
504
|
requirements: []
|
|
504
|
-
rubygems_version: 3.1.
|
|
505
|
+
rubygems_version: 3.1.4
|
|
505
506
|
signing_key:
|
|
506
507
|
specification_version: 4
|
|
507
508
|
summary: Audit the OSS licenses of your application's dependencies.
|