license_finder 0.6.0 → 0.7.0

data/.gitignore

@@ -5,3 +5,7 @@ Gemfile.lock
 .rvmrc
 .idea/*
 tmp/
+dependencies.yml
+dependencies.txt
+dependencies.html
+config/

data/Gemfile

@@ -1,4 +1,3 @@
 source "http://rubygems.org"
 
-# Specify your gem's dependencies in license_finder.gemspec
 gemspec

data/bin/license_finder

@@ -1,4 +1,24 @@
 #!/usr/bin/env ruby
 
 require 'license_finder'
-LicenseFinder::CLI.check_for_action_items
+require 'optparse'
+
+options = {}
+
+OptionParser.new do |opts|
+  opts.banner = "Usage: license_finder [options] [dependency]"
+
+  opts.on("-a", "--approve", "Approve a gem by name.") do |gem_name|
+    options[:approve] = true
+  end
+
+  opts.on("-l", "--license [LICENSE]", "Update a gem's license.") do |license|
+    options[:license] = license
+  end
+end.parse!
+
+unless options.empty?
+  options[:dependency] = ARGV.last
+end
+
+LicenseFinder::CLI.execute! options

data/features/approve_dependencies.feature

@@ -3,6 +3,16 @@ Feature: Approving non-whitelisted Dependencies
   As an application developer using license finder
   I want to be able to manually approve dependencies that have licenses which fall outside of my whitelist
 
+  Scenario: Approving a non-whitelisted dependency via the `license_finder` command
+    Given I have an app with license finder
+    And my app depends on a gem "gpl_gem" licensed with "GPL"
+    When I run "license_finder"
+    Then I should see "gpl_gem" in its output
+    When I run "license_finder -a gpl_gem"
+    When I run "license_finder"
+    Then I should not see "gpl_gem" in its output
+    Then I should see the "gpl_gem" in the html flagged as "approved"
+
   Scenario: Manually approving a non-whitelisted dependency
     Given I have an app with license finder
     And my app depends on a gem "gpl_gem" licensed with "GPL"

data/features/license_finder.feature

@@ -20,6 +20,14 @@ Feature: License Finder command line executable
       dependencies_file_dir: './'
       """
 
+  Scenario: Running with an empty dependencies.yml
+    Given I have an app with license finder
+    And my app depends on a gem "mit_licensed_gem" licensed with "MIT"
+    And I have a truncated dependencies.yml file
+    When I run "license_finder"
+    Then it should exit with status code 1
+    And I should see "mit_licensed_gem" in its output
+
   Scenario: Auditing an application with non-whitelisted licenses
     Given I have an app with license finder
     And my app depends on a gem "mit_licensed_gem" licensed with "MIT"
@@ -30,7 +38,9 @@ Feature: License Finder command line executable
   Scenario: Auditing an application with whitelisted licenses
     Given I have an app with license finder
     And my app depends on a gem "mit_licensed_gem" licensed with "MIT"
-    And I whitelist the following licenses: "MIT, other"
     When I run "license_finder"
-    Then it should exit with status code 0
-    And I should see "All gems are approved for use" in its output
+    Then I should see "mit_licensed_gem" in its output
+    When I whitelist the following licenses: "MIT, other"
+    And I run "license_finder"
+    Then I should see "All gems are approved for use" in its output
+    And it should exit with status code 0

data/features/license_finder_rake_task.feature

@@ -1,7 +1,7 @@
-Feature: License Finder command line executable
-  So that I can report and manage my application's dependencies and licenses to my business
+Feature: License Finder rake task
+  So that I can break my build suite if someone adds a dependency to the application with a non-whitelisted license
   As an application developer
-  I want a command-line interface
+  I want a rake task that exit's with a non-zero exit status if there are any action items
 
   Scenario: Running without a configuration file
     Given I have an app with rake and license finder

data/features/set_license.feature

@@ -0,0 +1,14 @@
+Feature: Set a dependency's license through a command line interface
+  So that my dependencies all have the correct licenses
+  As an application developer
+  I want a command line interface to set licenses for specific dependencies
+
+  Scenario: Setting a license for a dependency
+    Given I have an app with license finder
+    And my app depends on a gem "other_license_gem" licensed with "other"
+    When I run "license_finder"
+    When I run "license_finder -l MIT other_license_gem"
+    Then I should see the following settings for "other_license_gem":
+      """
+        license: "MIT"
+      """

data/features/step_definitions/steps.rb

@@ -296,3 +296,8 @@ When /^the text "([^"]*)" should link to "([^"]*)"$/ do |text, link|
   html = Capybara.string File.read(@user.dependencies_html_path)
   html.find(:xpath, "//a[@href='#{link}']").text.should == text
 end
+When /^I have a truncated dependencies.yml file$/ do
+  File.open(@user.dependencies_file_path, 'w+') do |f|
+    f.puts ""
+  end
+end

data/lib/license_finder.rb

@@ -1,20 +1,31 @@
 require 'pathname'
 require 'yaml'
+require 'erb'
 
 module LicenseFinder
   ROOT_PATH = Pathname.new(__FILE__).dirname
 
+  DEPENDENCY_ATTRIBUTES = [
+    "name", "source", "version", "license", "license_url", "approved", "notes",
+    "license_files", "readme_files", "bundler_groups", "summary",
+    "description", "homepage", "children", "parents"
+  ]
+
   autoload :Bundle, 'license_finder/bundle'
   autoload :BundledGem, 'license_finder/bundled_gem'
   autoload :CLI, 'license_finder/cli'
   autoload :Configuration, 'license_finder/configuration'
+  autoload :Persistence, 'license_finder/persistence/yaml'
   autoload :Dependency, 'license_finder/dependency'
-  autoload :DependencyList, 'license_finder/dependency_list'
   autoload :License, 'license_finder/license'
   autoload :LicenseUrl, 'license_finder/license_url'
   autoload :PossibleLicenseFile, 'license_finder/possible_license_file'
+  autoload :DependencyReport, 'license_finder/dependency_report'
+  autoload :HtmlReport, 'license_finder/html_report'
+  autoload :TextReport, 'license_finder/text_report'
   autoload :Reporter, 'license_finder/reporter'
-  autoload :Viewable, 'license_finder/viewable'
+  autoload :BundleSyncer, 'license_finder/bundle_syncer'
+  autoload :SourceSyncer, 'license_finder/source_syncer'
 
   def self.config
     @config ||= Configuration.new

data/lib/license_finder/bundle.rb

@@ -1,17 +1,39 @@
 module LicenseFinder
   class Bundle
+    def initialize(bundler_definition=nil)
+      @definition = bundler_definition || Bundler::Definition.build(gemfile_path, lockfile_path, nil)
+    end
+
     def gems
-      definition.specs_for(included_groups).map do |spec|
+      return @gems if @gems
+
+      @gems ||= definition.specs_for(included_groups).map do |spec|
         dependency = dependencies.detect { |dep| dep.name == spec.name }
 
         BundledGem.new(spec, dependency)
       end
+
+      setup_parent_child_relationships
+
+      @gems
     end
 
     private
+    attr_reader :definition
 
-    def definition
-      @definition ||= Bundler::Definition.build(gemfile_path, lockfile_path, nil)
+    def setup_parent_child_relationships
+      dependency_index = {}
+
+      gems.each do |dep|
+        dependency_index[dep.dependency_name] = dep
+      end
+
+      gems.each do |dep|
+        dep.children.each do |child_dep|
+          license_finder_dependency = dependency_index[child_dep]
+          license_finder_dependency.parents << dep.dependency_name if license_finder_dependency
+        end
+      end
     end
 
     def dependencies

data/lib/license_finder/bundle_syncer.rb

@@ -0,0 +1,12 @@
+module LicenseFinder
+  module BundleSyncer
+    extend self
+
+    def sync!
+      source_dependencies = Bundle.new.gems.map(&:to_dependency)
+      target_dependencies = Dependency.all.select {|d| d.source == "bundle" }
+      SourceSyncer.new(source_dependencies, target_dependencies).sync!
+    end
+  end
+end
+

data/lib/license_finder/bundled_gem.rb

@@ -3,6 +3,8 @@ module LicenseFinder
     LICENSE_FILE_NAMES = %w(LICENSE License Licence COPYING README Readme ReadMe)
     README_FILE_NAMES = %w(README Readme ReadMe)
 
+    attr_reader :parents
+
     def initialize(spec, bundler_dependency = nil)
       @spec = spec
       @bundler_dependency = bundler_dependency
@@ -12,6 +14,10 @@ module LicenseFinder
       "#{dependency_name} #{dependency_version}"
     end
 
+    def parents
+      @parents ||= []
+    end
+
     def dependency_name
       @spec.name
     end
@@ -20,6 +26,10 @@ module LicenseFinder
       @spec.version.to_s
     end
 
+    def children
+      @children ||= @spec.dependencies.collect(&:name)
+    end
+
     def to_dependency
       @dependency ||= LicenseFinder::Dependency.new(
         'name' => @spec.name,
@@ -32,7 +42,8 @@ module LicenseFinder
         'summary' => @spec.summary,
         'description' => @spec.description,
         'homepage' => @spec.homepage,
-        'children' => @spec.dependencies
+        'children' => children,
+        'parents'  => parents
       )
     end
 

data/lib/license_finder/cli.rb

@@ -3,15 +3,54 @@ module LicenseFinder
     extend self
 
     def check_for_action_items
-      found = LicenseFinder::Reporter.new.action_items
+      create_default_configuration
+      BundleSyncer.sync!
+      generate_reports
 
-      if found.size == 0
+      unapproved = Dependency.unapproved
+
+      if unapproved.count == 0
         puts "All gems are approved for use"
       else
         puts "Dependencies that need approval:"
-        puts found
+        puts TextReport.new(unapproved)
         exit 1
       end
     end
+
+    def execute!(options={})
+      create_default_configuration
+
+      if options.empty?
+        check_for_action_items
+      else
+        dependency = Dependency.find_by_name(options[:dependency])
+
+        if options[:approve]
+          dependency.approve!
+          puts "The #{dependency.name} has been approved!\n\n"
+        elsif options[:license]
+          dependency.update_attributes :license => options[:license]
+          puts "The #{dependency.name} has been marked as using #{options[:license]} license!\n\n"
+        end
+
+        generate_reports
+      end
+    end
+
+    private
+    def generate_reports
+      LicenseFinder::Reporter.write_reports
+    end
+
+    def create_default_configuration
+      unless File.exists?(LicenseFinder.config.config_file_path)
+        FileUtils.mkdir_p(File.join('.', 'config'))
+        FileUtils.cp(
+          File.join(File.dirname(__FILE__), '..', '..', 'files', 'license_finder.yml'),
+          LicenseFinder.config.config_file_path
+        )
+      end
+    end
   end
 end

data/lib/license_finder/configuration.rb

@@ -1,34 +1,4 @@
 module LicenseFinder
-  class Configuration
-    attr_reader :whitelist, :ignore_groups, :dependencies_dir
-
-    def initialize
-      config = {}
-
-      if File.exists?(config_file_path)
-        yaml = File.open(config_file_path).readlines.join
-        config = YAML.load(yaml)
-      end
-
-      @whitelist = config['whitelist'] || []
-      @ignore_groups = (config["ignore_groups"] || []).map(&:to_sym)
-      @dependencies_dir = config['dependencies_file_dir'] || '.'
-    end
-
-    def config_file_path
-      File.join('.', 'config', 'license_finder.yml')
-    end
-
-    def dependencies_yaml
-      File.join(dependencies_dir, "dependencies.yml")
-    end
-
-    def dependencies_text
-      File.join(dependencies_dir, "dependencies.txt")
-    end
-
-    def dependencies_html
-      File.join(dependencies_dir, "dependencies.html")
-    end
+  class Configuration < LicenseFinder::Persistence::Configuration
   end
 end

data/lib/license_finder/dependency.rb

@@ -1,37 +1,33 @@
-# encoding: UTF-8
-require "erb"
-
 module LicenseFinder
-  class Dependency
-    include Viewable
+  class Dependency < LicenseFinder::Persistence::Dependency
+    def approved
+      return super if super
+      self.approved = config.whitelist.include?(license)
+    end
 
-    attr_accessor :name, :version, :license, :approved, :license_url, :notes, :license_files,
-      :readme_files, :source, :bundler_groups, :homepage, :children, :parents
+    def license_files
+      super || (self.license_files = [])
+    end
+
+    def readme_files
+      super || (self.readme_files = [])
+    end
 
-    attr_reader :summary, :description
+    def bundler_groups
+      super || (self.bundler_groups = [])
+    end
 
-    def self.from_hash(attrs)
-      attrs['license_files'] = attrs['license_files'].map { |lf| lf['path'] } if attrs['license_files']
-      attrs['readme_files'] = attrs['readme_files'].map { |rf| rf['path'] } if attrs['readme_files']
+    def children
+      super || (self.children = [])
+    end
 
-      new(attrs)
+    def parents
+      super || (self.parents = [])
     end
 
-    def initialize(attributes = {})
-      @source = attributes['source']
-      @name = attributes['name']
-      @version = attributes['version']
-      @license = attributes['license']
-      @approved = attributes['approved'] || LicenseFinder.config.whitelist.include?(attributes['license'])
-      @notes = attributes['notes'] || ''
-      @license_files = attributes['license_files'] || []
-      @readme_files = attributes['readme_files'] || []
-      @bundler_groups = attributes['bundler_groups'] || []
-      @summary = attributes['summary']
-      @description = attributes['description']
-      @homepage = attributes['homepage']
-      @children = attributes.fetch('children', [])
-      @parents = attributes.fetch('parents', [])
+    def approve!
+      self.approved = true
+      save
     end
 
     def license_url
@@ -41,78 +37,18 @@ module LicenseFinder
     def merge(other)
       raise "Cannot merge dependencies with different names. Expected #{name}, was #{other.name}." unless other.name == name
 
-      merged = self.class.new(
-        'name' => name,
-        'version' => other.version,
-        'license_files' => other.license_files,
-        'readme_files' => other.readme_files,
-        'license_url' => other.license_url,
-        'notes' => notes,
-        'source' => other.source,
-        'summary' => other.summary,
-        'description' => other.description,
-        'bundler_groups' => other.bundler_groups,
-        'homepage' => other.homepage,
-        'children' => other.children,
-        'parents' => other.parents
-      )
+      new_attributes = other.attributes.merge("notes" => notes)
 
-      case other.license
-      when license, 'other'
-        merged.license = license
-        merged.approved = approved
+      if other.license == license || other.license == 'other'
+        new_attributes["approved"] = approved
+        new_attributes["license"]  = license
       else
-        merged.license = other.license
-        merged.approved = other.approved
-      end
-
-      merged
-    end
-
-    def as_yaml
-      attrs = {
-        'name' => name,
-        'version' => version,
-        'license' => license,
-        'approved' => approved,
-        'source' => source,
-        'license_url' => license_url,
-        'homepage' => homepage,
-        'notes' => notes,
-        'license_files' => nil,
-        'readme_files' => nil
-      }
-
-      unless license_files.empty?
-        attrs['license_files'] = license_files.map do |file|
-          {'path' => file}
-        end
+        new_attributes["approved"] = nil
       end
 
-      unless readme_files.empty?
-        attrs['readme_files'] = readme_files.map do |file|
-          {'path' => file}
-        end
-      end
-
-      attrs
-    end
-
-    def to_s
-      [name, version, license].join ", "
-    end
-
-    private
+      update_attributes new_attributes
 
-    def constantize(string)
-      names = string.split('::')
-      names.shift if names.empty? || names.first.empty?
-
-      constant = Object
-      names.each do |name|
-        constant = constant.const_defined?(name, false) ? constant.const_get(name) : constant.const_missing(name)
-      end
-      constant
+      self
     end
   end
 end