license_finder 6.6.0 → 6.6.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 00a090f4a84431d9c17451f6d1ee035e45a9cb79964e3b54eeb6f76f8b852cff
-  data.tar.gz: c9b1590ea442e18751cc06de3b6a2219345e179bf29339312663d0391cccb323
+  metadata.gz: ee81cbd6066d49c1b93db3632b2d67f23e4fb902acb36c0de7c325d5de34646f
+  data.tar.gz: a419dca63dc18e5cc1729ae19121df28017454ecaade8988ed50461c796d5a17
 SHA512:
-  metadata.gz: fbb1eddec4981aac19f48cfd0c525d5f56ac5ec1a5cd4c234a3a4c2b9609efd6fb747f9c9b345397ec0b2328623b8a5f2da9aedab0a7cc8c7cafc4ade34c4511
-  data.tar.gz: 75104bce30468c753473bef4895b9a6df493bc144eea8599f25c7c0ba9b8e97997407fe822bef1ee109d00227ff9946493e0c791326bf8a8759aa28e56959ed7
+  metadata.gz: f4d1ddc619a4216629b35e902a17c59f04ea65de6cce867c9cbfcddfb95281d23879bb595b202d867e388dd5f6f6d5ac68f7fa813a111c27b122aaa353ca6d1a
+  data.tar.gz: 5ec2d9e6f798b53870cf6e7196be92d0a596d58d459de70b585f68f8d8e618d8a98a6b91ded3991ed42f4f9a1793496fc9d7db34966900570201eac77ddc1e6e

data/CHANGELOG.md

@@ -1,3 +1,10 @@
+# [6.6.1] / 2020-06-30
+
+### Changed
+* Handle multiple solution files for nuget [#173021333] - [040d9559](https://github.com/pivotal/LicenseFinder/commit/040d9559a4bda07490255cc34c1a7891081bc511) 
+* matches license names from pypi api call with known licenses to avoid returning misformatted licenses [#173421573] - [6b96d746](https://github.com/pivotal/LicenseFinder/commit/6b96d74600034abcacee6ed2b322aa3abfaa0992) - Jeff Jun
+* Update Nuget Package Manager prepare command - [6ac07066](https://github.com/pivotal/LicenseFinder/commit/6ac070668955bc034da1647658440ce5bb0d9bd2) - Jason Smith
+
 # [6.6.0] / 2020-06-22
 
 # [6.5.0] / 2020-06-01
@@ -877,3 +884,4 @@ Bugfixes:
 [6.4.0]: https://github.com/pivotal/LicenseFinder/compare/v6.3.0...v6.4.0
 [6.5.0]: https://github.com/pivotal/LicenseFinder/compare/v6.4.0...v6.5.0
 [6.6.0]: https://github.com/pivotal/LicenseFinder/compare/v6.5.0...v6.6.0
+[6.6.1]: https://github.com/pivotal/LicenseFinder/compare/v6.6.0...v6.6.1

data/VERSION

@@ -1 +1 @@
-6.6.0
+6.6.1

data/ci/pipelines/release.yml.erb

@@ -123,21 +123,31 @@ jobs:
 
 - name: bump-major
   plan:
-    - put: semver-version
+    - get: semver-version
       tags: ["private-worker"]
       params: {bump: major}
+    - put: semver-version
+      tags: ["private-worker"]
+      params: {file: semver-version/version}
+
 
 - name: bump-minor
   plan:
-    - put: semver-version
+    - get: semver-version
       tags: ["private-worker"]
       params: {bump: minor}
+    - put: semver-version
+      tags: ["private-worker"]
+      params: {file: semver-version/version}
 
 - name: bump-patch
   plan:
-    - put: semver-version
+    - get: semver-version
       tags: ["private-worker"]
       params: {bump: patch}
+    - put: semver-version
+      tags: ["private-worker"]
+      params: {file: semver-version/version}
 
 - name: release
   disable_manual_trigger: true

data/lib/license_finder/cli/inherited_decisions.rb

@@ -20,6 +20,15 @@ module LicenseFinder
         say "Added #{decision_files.join(', ')} to the inherited decisions"
       end
 
+      auditable
+      desc 'add_with_auth URL AUTH_TYPE TOKEN_OR_ENV', 'Add a remote decision file that needs authentication'
+      def add_with_auth(*params)
+        url, auth_type, token_or_env = params
+        auth_info = { 'url' => url, 'authorization' => "#{auth_type} #{token_or_env}" }
+        modifying { decisions.add_decision [:inherit_from, auth_info] }
+        say "Added #{url} to the inherited decisions"
+      end
+
       auditable
       desc 'remove DECISION_FILE...', 'Remove one or more decision files from the inherited decisions'
       def remove(*decision_files)
@@ -27,6 +36,15 @@ module LicenseFinder
         modifying { decision_files.each { |filepath| decisions.remove_inheritance(filepath) } }
         say "Removed #{decision_files.join(', ')} from the inherited decisions"
       end
+
+      auditable
+      desc 'remove_with_auth URL AUTH_TYPE TOKEN_OR_ENV', 'Add a remote decision file that needs authentication'
+      def remove_with_auth(*params)
+        url, auth_type, token_or_env = params
+        auth_info = { 'url' => url, 'authorization' => "#{auth_type} #{token_or_env}" }
+        modifying { decisions.remove_inheritance(auth_info) }
+        say "Removed #{url} from the inherited decisions"
+      end
     end
   end
 end

data/lib/license_finder/decisions.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require 'open-uri'
+require 'license_finder/license'
 
 module LicenseFinder
   class Decisions
@@ -39,6 +40,9 @@ module LicenseFinder
     end
 
     def permitted?(lic)
+      return lic.sub_licenses.any? { |sub_lic| @permitted.include?(sub_lic) } if lic.is_a?(OrLicense)
+      return lic.sub_licenses.all? { |sub_lic| @permitted.include?(sub_lic) } if lic.is_a?(AndLicense)
+
       @permitted.include?(lic)
     end
 
@@ -183,16 +187,18 @@ module LicenseFinder
       self
     end
 
-    def inherit_from(filepath)
+    def inherit_from(filepath_info)
       decisions =
-        if filepath =~ %r{^https?://}
-          open_uri(filepath).read
+        if filepath_info.is_a?(Hash)
+          open_uri(filepath_info['url'], filepath_info['authorization']).read
+        elsif filepath_info =~ %r{^https?://}
+          open_uri(filepath_info).read
         else
-          Pathname(filepath).read
+          Pathname(filepath_info).read
         end
 
-      add_decision [:inherit_from, filepath]
-      @inherited_decisions << filepath
+      add_decision [:inherit_from, filepath_info]
+      @inherited_decisions << filepath_info
       restore_inheritance(decisions)
     end
 
@@ -213,17 +219,31 @@ module LicenseFinder
       self
     end
 
-    def open_uri(uri)
+    def open_uri(uri, auth = nil)
+      header = {}
+      auth_header = resolve_authorization(auth)
+      header['Authorization'] = auth_header if auth_header
+
       # ruby < 2.5.0 URI.open is private
       if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.5.0')
         # rubocop:disable Security/Open
-        open(uri)
+        open(uri, header)
         # rubocop:enable Security/Open
       else
-        URI.open(uri)
+        URI.open(uri, header)
       end
     end
 
+    def resolve_authorization(auth)
+      return unless auth
+
+      token_env = auth.match(/\$(\S.*)/)
+      return auth unless token_env
+
+      token = ENV[token_env[1]]
+      auth.sub(token_env[0], token)
+    end
+
     #########
     # PERSIST
     #########

data/lib/license_finder/license.rb

@@ -19,6 +19,9 @@ module LicenseFinder
 
       def find_by_name(name)
         name ||= 'unknown'
+        return OrLicense.new(name) if name.include?(OrLicense.operator)
+        return AndLicense.new(name) if name.include?(AndLicense.operator)
+
         all.detect { |l| l.matches_name? l.stripped_name(name) } || Definitions.build_unrecognized(name)
       end
 
@@ -61,6 +64,10 @@ module LicenseFinder
       name.hash
     end
 
+    def unrecognized_matcher?
+      matcher.is_a?(NoneMatcher)
+    end
+
     private
 
     attr_reader :short_name, :pretty_name, :other_names
@@ -70,4 +77,33 @@ module LicenseFinder
       ([short_name, pretty_name] + other_names).uniq
     end
   end
+  class AndLicense < License
+    def self.operator
+      ' AND '
+    end
+
+    def initialize(name, operator = AndLicense.operator)
+      @short_name = name
+      @pretty_name = name
+      @url = nil
+      @matcher = NoneMatcher.new
+      # removes heading and trailing parentesis and splits
+      names = name[1..-2].split(operator)
+      @sub_licenses = names.map do |sub_name|
+        License.find_by_name(sub_name)
+      end
+    end
+
+    attr_reader :sub_licenses
+  end
+
+  class OrLicense < AndLicense
+    def self.operator
+      ' OR '
+    end
+
+    def initialize(name)
+      super(name, OrLicense.operator)
+    end
+  end
 end

data/lib/license_finder/package_managers/nuget.rb

@@ -90,29 +90,42 @@ module LicenseFinder
     end
 
     def prepare
-      cmd = prepare_command
-      stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(cmd) }
-      return if status.success?
+      Dir.chdir(project_path) do
+        cmd = prepare_command
+        stdout, stderr, status = Cmd.run(cmd)
+        return if status.success?
 
-      log_errors stderr
+        log_errors stderr
 
-      if stderr.include?('-PackagesDirectory')
-        logger.info cmd, 'trying fallback prepare command', color: :magenta
+        if stderr.include?('-PackagesDirectory')
+          logger.info cmd, 'trying fallback prepare command', color: :magenta
 
-        cmd = "#{cmd} -PackagesDirectory ."
-        stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(cmd) }
-        return if status.success?
+          cmd = "#{cmd} -PackagesDirectory /#{Dir.home}/.nuget/packages"
+          stdout, stderr, status = Cmd.run(cmd)
+          return if status.success?
 
-        log_errors_with_cmd(cmd, stderr)
-      end
+          log_errors_with_cmd(cmd, stderr)
+        end
 
-      error_message = "Prepare command '#{cmd}' failed\n#{stderr}"
-      error_message += "\n#{stdout}\n" if !stdout.nil? && !stdout.empty?
-      raise error_message unless @prepare_no_fail
+        error_message = "Prepare command '#{cmd}' failed\n#{stderr}"
+        error_message += "\n#{stdout}\n" if !stdout.nil? && !stdout.empty?
+        raise error_message unless @prepare_no_fail
+      end
     end
 
     def prepare_command
-      "#{package_management_command} restore"
+      cmd = package_management_command
+      sln_files = Dir['*.sln']
+      cmds = []
+      if sln_files.count > 1
+        sln_files.each do |sln|
+          cmds << "#{cmd} restore #{sln}"
+        end
+      else
+        cmds << "#{cmd} restore"
+      end
+
+      cmds.join(' && ')
     end
 
     def installed?(logger = Core.default_logger)

data/lib/license_finder/packages/pip_package.rb

@@ -8,9 +8,16 @@ module LicenseFinder
     INVALID_LICENSES = ['', 'UNKNOWN'].to_set
 
     def self.license_names_from_spec(spec)
-      license = spec['license'].to_s.strip
+      license_names = spec['license'].to_s.strip.split(' or ')
+      has_unrecognized_license = false
 
-      return [license] unless INVALID_LICENSES.include?(license)
+      license_names.each do |license_name|
+        license = License.find_by_name(license_name.strip)
+
+        has_unrecognized_license ||= license.unrecognized_matcher?
+      end
+
+      return license_names if !license_names.empty? && !has_unrecognized_license
 
       spec
         .fetch('classifiers', [])

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: license_finder
 version: !ruby/object:Gem::Version
-  version: 6.6.0
+  version: 6.6.1
 platform: ruby
 authors:
 - Ryan Collins
@@ -27,7 +27,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-06-22 00:00:00.000000000 Z
+date: 2020-06-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler