license_finder 0.8.0 → 0.8.1

data/CHANGELOG.rdoc

@@ -0,0 +1,98 @@
+=== 0.8.1 / 2013-04-14
+
+* Features
+
+  * Add spinner to show that the binary is actually doing something.
+  * JRuby version of the gem.
+  * Official ruby 2.0 support.
+  * CLI interface for moving dependencies.* files to `doc/`.
+
+* Bugfixes
+
+  * Fix ruby 1.9.2 support.
+
+=== 0.8.0 / 2013-04-03
+
+* Features
+
+  * Add spinner to show that the binary is actually doing something.
+  * Add action items to dependencies.html.
+  * Add generation timestamp to dependencies.html.
+  * Default location for dependencies.* files is now `doc/`.
+  * Temporarily remove non-bundler (e.g. JavaScript) dependencies. This will
+    be readded in a more sustainable way soon.
+  * Use sqlite, not YAML, for dependencies.
+  * Officially deprecate rake tasks.
+
+* Bugfixes
+
+  * Don't blow away manually set licenses when dependencies are rescanned.
+  * Ignore empty `readme_files` section in dependencies.yml.
+  * Clean up HTML generation for dependencies.html.
+  * Add an option to silence the binary's spinner so as not to fill up log
+    files.
+
+=== 0.7.2 / 2013-02-18
+
+* Features
+
+  * Dependency cleanup.
+
+=== 0.7.1 / 2013-02-18
+
+* Features
+
+  * Add variants to detectable licenses.
+  * Remove README files from data persistence.
+
+=== 0.7.0 / 2012-09-25
+
+* Features
+
+  * Dependencies can be approved via CLI.
+  * Dependencies licenses can be set via CLI.
+
+=== 0.6.0 / 2012-09-15
+
+* Features
+
+  * Create a dependencies.html containing a nicely formatted version of
+    dependencies.txt, with lots of extra information.
+  * All rake tasks, and the binary, run the init task automatically.
+  * Simplify dependencies.txt file since more detail can now go into
+    dependencies.html.
+  * Promote binary to be the default, take first steps to deprecate rake task.
+
+* Bugfixes
+
+  * Fix formatting of `rake license:action_items` output.
+
+=== 0.5.0 / 2012-09-12
+
+* Features
+
+  * `rake license:action_items` exits with a non-zero status if there are
+    non-approved dependencies.
+  * New binary, eventual replacement for rake tasks.
+  * Initial implementation of non-gem dependencies.
+  * Support BSD, New BSD, and Simplified BSD licenses.
+  * Improve ruby license detection.
+  * Add dependency's bundler group to dependencies.txt output.
+  * Add description and summary to dependencies.txt output.
+
+* Bugfixes
+
+  * Create `config/` director if it doesn't exist, don't blow up.
+  * Better support for non-US word spellings.
+
+=== 0.4.5 / 2012-09-09
+
+* Features
+
+  * Allow dependencies.* files to be written to a custom directory.
+  * Detect LGPL licenses
+  * Detect ISC licenses
+
+* Bugfixes
+
+  * Fix blow up if there's not `ignore_groups` setting in the config file.

data/bin/license_finder

@@ -28,6 +28,7 @@ end
 
 options = {}
 spinner = SpinnerStrategy::Spin
+skip = false
 
 OptionParser.new do |opts|
   opts.banner = "Usage: license_finder [options] [dependency]"
@@ -43,6 +44,16 @@ OptionParser.new do |opts|
   opts.on("-q", "--quiet") do
     spinner = SpinnerStrategy::Noop
   end
+
+  opts.on("-m", "--move") do
+    skip = true
+    `sed '$d' < config/license_finder.yml > tmp34567.txt`
+    `mv tmp34567.txt config/license_finder.yml`
+    `echo "dependencies_file_dir: './doc/'" >> config/license_finder.yml`
+    `mkdir doc`
+    `mv dependencies.* doc/`
+    puts "Congratulations, you have cleaned up your root directory!'"
+  end
 end.parse!
 
 unless options.empty?
@@ -50,5 +61,5 @@ unless options.empty?
 end
 
 spinner.run {
-  LicenseFinder::CLI.execute! options
-}
+  LicenseFinder::CLI.execute!(options)
+} unless skip

data/features/approve_dependencies.feature

@@ -4,11 +4,7 @@ Feature: Approving non-whitelisted Dependencies
   I want to be able to manually approve dependencies that have licenses which fall outside of my whitelist
 
   Scenario: Approving a non-whitelisted dependency via the `license_finder` command
-    Given I have an app with license finder
-    And my app depends on a gem "gpl_gem" licensed with "GPL"
-    When I run "license_finder"
-    Then I should see "gpl_gem" in its output
-    When I run "license_finder -a gpl_gem"
-    When I run "license_finder"
-    Then I should not see "gpl_gem" in its output
-    Then I should see the "gpl_gem" in the html flagged as "approved"
+    Given I have an app with license finder that depends on a GPL licensed gem
+    When I approve that gem
+    Then I should not see that gem in the console output
+    And I should see that gem approved in dependencies.html

data/features/cli.feature

@@ -0,0 +1,26 @@
+Feature: License Finder command line executable
+  So that I can report and manage my application's dependencies and licenses to my business
+  As an application developer
+  I want a command-line interface
+
+  Scenario: Running without a configuration file
+    Given I have an app with license finder that has no config directory
+    When I run license_finder
+    Then it creates a config directory with the license_finder config
+
+  Scenario: Auditing an application with non-whitelisted licenses
+    Given I have an app with license finder that depends on a MIT licensed gem
+    When I run license_finder
+    Then it should exit with status code 1
+    And should list my MIT gem in the output
+
+  Scenario: Auditing an application with whitelisted licenses
+    Given I have an app with license finder that depends on a MIT licensed gem
+    When I whitelist MIT and 'other' licenses
+    Then it should exit with status code 0
+    And I should see all gems approved for use
+
+  Scenario: Keep manually set license dependencies
+    Given I have a project that depends on mime-types with a manual license type
+    When I run license_finder
+    Then the mime-types license remains set with my manual license type

data/features/html_report.feature

@@ -7,32 +7,17 @@ Feature: HTML Report
     Given I have an app with license finder
 
   Scenario: Dependency details listed in HTML report
-    Given my application depends on a gem "mit_licensed_gem" with:
-      | license | summary     | description | version | homepage                           | bundler_groups |
-      | MIT     | mit is cool | seriously   | 0.0.1   | http://mit_licensed_gem.github.com | test           |
-    When I run "license_finder"
-    And I should see the "mit_licensed_gem" in the html with the following details:
-      | license | summary     | description | name                    | bundler_groups |
-      | MIT     | mit is cool | seriously   | mit_licensed_gem v0.0.1 | test           |
-    And the text "MIT" should link to "http://opensource.org/licenses/mit-license"
-    And the text "mit_licensed_gem" should link to "http://mit_licensed_gem.github.com"
+    And my app depends on a gem with specific details
+    When I run license_finder
+    Then I should see my specific gem details listed in the html
 
   Scenario: Approval status of dependencies indicated in HTML report
-    Given my app depends on a gem "gpl_licensed_gem" licensed with "GPL"
-    And my app depends on a gem "mit_licensed_gem" licensed with "MIT"
-    And I whitelist the "MIT" license
-    When I run "license_finder"
-    Then I should see the "gpl_licensed_gem" in the html flagged as "unapproved"
-    And I should see the "mit_licensed_gem" in the html flagged as "approved"
+    And my app depends on MIT and GPL licensed gems
+    When I whitelist the MIT license
+    Then I should see the GPL gem unapproved in html
+    And the MIT gem approved in html
 
   Scenario: Dependency summary
-    Given my app depends on a gem "gpl_licensed_gem" licensed with "GPL"
-    And my app depends on a gem "mit_licensed_gem" licensed with "MIT"
-    And I whitelist the following licenses: "MIT, other"
-    When I run "license_finder"
-    # rake, bundler, license_finder, my_app, gpl_licensed_gem, mit_licensed_gem
-    Then I should see "8 total" in the html
-    # gpl_licensed_gem
-    And I should see "1 unapproved" in the html
-    # gpl_licensed_gem
-    And I should see "1 GPL" in the html
+    And my app depends on MIT and GPL licensed gems
+    When I whitelist MIT and 'other' licenses
+    Then I should see only see GPL liceneses as unapproved in the html

data/features/ignore_bundle_groups.feature

@@ -4,8 +4,7 @@ Feature: Ignore Bundle Groups
   So that any gems I use in development, or for testing, are automatically approved for use
 
   Scenario:
-    Given I have an app with license finder
-    And my application depends on a gem "gpl_gem" licensed with "GPL" in the "test" bundler groups
-    And I whitelist the "test" bundler group
-    When I run "license_finder"
-    Then I should not see "gpl_gem" in its output
+    Given I have an app with license finder that depends on a GPL licensed gem in the test bundler group
+    And I ignore the test group
+    When I run license_finder
+    Then I should not see the GPL licensed gem in the output

data/features/rails_rake.feature

@@ -3,7 +3,7 @@ Feature: The rake task is automatically made available in Rails project
   As an application developer
   I want the license_finder rake task automatically loaded for me in a rails project
 
-  Scenario: The application is a Rails app
+  Scenario: The application is a Rails app #THIS FEATURE SHOULD BE REMOVED FOR 1.0.0 release
     Given I have a rails app with license finder
-    When I run "rake license_finder"
-    Then I should see "Dependencies that need approval:" in its output
+    When I run rake license_finder
+    Then I should see a normal output

data/features/set_license.feature

@@ -4,9 +4,6 @@ Feature: Set a dependency's license through a command line interface
   I want a command line interface to set licenses for specific dependencies
 
   Scenario: Setting a license for a dependency
-    Given I have an app with license finder
-    And my app depends on a gem "other_license_gem" licensed with "other"
-    When I run "license_finder"
-    When I run "license_finder -l MIT other_license_gem"
-    And I run license_finder again
-    Then I should see other_license_gem set to MIT license
+    Given I have an app with license finder that depends on an other licensed gem
+    When I set that gems license to MIT from the command line
+    Then I should see that other gems license set to MIT

data/features/step_definitions/approve_dependencies_steps.rb

@@ -0,0 +1,25 @@
+Given(/^I have an app with license finder that depends on a GPL licensed gem$/) do
+  @user = ::DSL::User.new
+  @user.create_nonrails_app
+  @user.add_dependency_to_app "gpl_gem", :license => "GPL"
+end
+
+When(/^I approve that gem$/) do
+  @output = @user.execute_command "license_finder"
+  @output.should include "gpl_gem"
+  @output = @user.execute_command "license_finder -a gpl_gem"
+  @output = @user.execute_command "license_finder -q"
+end
+
+Then(/^I should not see that gem in the console output$/) do
+  @output.should_not include "gpl_gem"
+end
+
+Then(/^I should see that gem approved in dependencies\.html$/) do
+  gem_name = "gpl_gem"
+  css_class = "approved"
+  html = File.read(@user.dependencies_html_path)
+  page = Capybara.string(html)
+  gpl_gem = page.find("##{gem_name}")
+  gpl_gem[:class].should == css_class
+end

data/features/step_definitions/cli_steps.rb

@@ -0,0 +1,45 @@
+Given(/^I have an app with license finder that has no config directory$/) do
+  @user = ::DSL::User.new
+  @user.create_nonrails_app
+  path = @user.app_path('config')
+  FileUtils.rm_rf(path)
+  File.should_not be_exists(path)
+end
+
+Given(/^I have an app with license finder that depends on a MIT licensed gem$/) do
+  @user = ::DSL::User.new
+  @user.create_nonrails_app
+  @user.add_dependency_to_app 'mit_gem', :license => 'MIT'
+end
+
+Given(/^I have a project that depends on mime\-types with a manual license type$/) do
+  @user = ::DSL::User.new
+  @user.create_rails_app
+  @user.add_gem_dependency('mime-types')
+  @user.bundle_app
+  @user.execute_command "license_finder -q"
+  @output = @user.execute_command "license_finder -l Ruby mime-types"
+  @output.should =~ /mime-types.*Ruby/
+end
+
+Then(/^it creates a config directory with the license_finder config$/) do
+  File.should be_exists(@user.app_path('config'))
+  text = "---\nwhitelist:\n#- MIT\n#- Apache 2.0\nignore_groups:\n#- test\n#- development\ndependencies_file_dir: './doc/'\n"
+  File.read(@user.app_path('config/license_finder.yml')).should == text.gsub(/^\s+/, "")
+end
+
+Then /^it should exit with status code (\d)$/ do |status|
+  $?.exitstatus.should == status.to_i
+end
+
+Then(/^should list my MIT gem in the output$/) do
+  @output.should include 'mit_gem'
+end
+
+Then(/^I should see all gems approved for use$/) do
+  @output.should include 'All gems are approved for use'
+end
+
+Then(/^the mime\-types license remains set with my manual license type$/) do
+  @output.should =~ /mime-types.*Ruby/
+end

data/features/step_definitions/html_report_steps.rb

@@ -0,0 +1,67 @@
+Given(/^I have an app with license finder$/) do
+  @user = ::DSL::User.new
+  @user.create_nonrails_app
+end
+
+Given(/^my app depends on a gem with specific details$/) do
+  @gem_name = "mit_licensed_gem"
+  @table = {
+    license:        "MIT",
+    summary:        "mit is cool",
+    description:    "seriously",
+    version:        "0.0.1",
+    homepage:       "http://mit_licensed_gem.github.com",
+    bundler_groups: "test"
+  }
+  @user.add_dependency_to_app(@gem_name,
+    :license        => @table[:license],
+    :summary        => @table[:summary],
+    :description    => @table[:description],
+    :version        => @table[:version],
+    :homepage       => @table[:homepage],
+    :bundler_groups => @table[:bundler_groups]
+  )
+end
+
+Given(/^my app depends on MIT and GPL licensed gems$/) do
+  @user.add_dependency_to_app 'gpl_licensed_gem', :license => "GPL"
+  @user.add_dependency_to_app 'mit_licensed_gem', :license => "MIT"
+end
+
+When(/^I whitelist the MIT license$/) do
+  @user.configure_license_finder_whitelist ["MIT"]
+  @user.execute_command "license_finder -q"
+end
+
+Then(/^I should see my specific gem details listed in the html$/) do
+  html = File.read(@user.dependencies_html_path)
+  page = Capybara.string(html)
+  section = page.find("##{@gem_name}")
+
+  @table.first.each do |property_name, property_value|
+    section.should have_content property_value
+  end
+end
+
+Then(/^I should see the GPL gem unapproved in html$/) do
+  is_html_status?('gpl_licensed_gem', 'unapproved')
+end
+
+Then(/^the MIT gem approved in html$/) do
+  is_html_status?('mit_licensed_gem', 'approved')
+end
+
+Then(/^I should see only see GPL liceneses as unapproved in the html$/) do
+  html = File.read(@user.dependencies_html_path)
+  page = Capybara.string(html)
+  page.should have_content '8 total'
+  page.should have_content '1 unapproved'
+  page.should have_content '1 GPL'
+end
+
+def is_html_status?(gem, approval)
+  html = File.read(@user.dependencies_html_path)
+  page = Capybara.string(html)
+  gpl_gem = page.find("##{gem}")
+  gpl_gem[:class].should == approval
+end

data/features/step_definitions/ignore_bundle_groups_steps.rb

@@ -0,0 +1,13 @@
+Given(/^I have an app with license finder that depends on a GPL licensed gem in the test bundler group$/) do
+  @user = ::DSL::User.new
+  @user.create_nonrails_app
+  @user.add_dependency_to_app 'gpl_gem', :license => 'GPL', :bundler_groups => 'test'
+end
+
+And(/^I ignore the test group$/) do
+  @user.configure_license_finder_bundler_whitelist('test')
+end
+
+Then(/^I should not see the GPL licensed gem in the output$/) do
+  @output.should_not include 'gpl_gem'
+end

data/features/step_definitions/rails_rake_steps.rb

@@ -0,0 +1,12 @@
+Given /^I have a rails app(?:lication)? with license finder$/ do
+  @user = ::DSL::User.new
+  @user.create_rails_app
+end
+
+When(/^I run rake license_finder$/) do
+  @output = @user.execute_command "rake license_finder -q"
+end
+
+Then(/^I should see a normal output$/) do
+  @output.should include "Dependencies that need approval:"
+end

data/features/step_definitions/set_license_steps.rb

@@ -0,0 +1,16 @@
+Given(/^I have an app with license finder that depends on an other licensed gem$/) do
+  @user = ::DSL::User.new
+  @user.create_nonrails_app
+  @user.add_license_finder_to_rakefile
+  @user.add_dependency_to_app 'other_gem', :license => 'other'
+end
+
+When(/^I set that gems license to MIT from the command line$/) do
+  @output = @user.execute_command 'license_finder -q'
+  @output = @user.execute_command 'license_finder -lq MIT other_gem'
+  @output = @user.execute_command 'license_finder -q'
+end
+
+Then(/^I should see that other gems license set to MIT$/) do
+  @output.should include 'other_gem'
+end

data/features/step_definitions/shared_steps.rb

@@ -0,0 +1,203 @@
+require 'fileutils'
+require 'pathname'
+require 'bundler'
+require 'capybara'
+
+########## COMMON STEPS ##########
+
+When(/^I run license_finder$/) do
+  @output = @user.execute_command "license_finder -q"
+end
+
+When(/^I whitelist MIT and 'other' licenses$/) do
+  @user.configure_license_finder_whitelist ["MIT","other"]
+  @output = @user.execute_command "license_finder -q"
+end
+
+module DSL
+  class User
+    def create_nonrails_app
+      reset_projects!
+
+      `cd #{projects_path} && bundle gem #{app_name}`
+
+      add_gem_dependency('rake')
+      add_gem_dependency('license_finder', :path => root_path)
+
+      bundle_app
+    end
+
+    def create_rails_app
+      reset_projects!
+
+      `bundle exec rails new #{app_path} --skip-bundle`
+
+      add_gem_dependency('license_finder', :path => root_path)
+
+      bundle_app
+    end
+
+    def add_license_finder_to_rakefile
+      add_to_rakefile <<-RUBY
+        require 'bundler/setup'
+        require 'license_finder'
+        LicenseFinder.load_rake_tasks
+      RUBY
+    end
+
+    def update_gem(name, attrs)
+      file_contents = YAML.load(File.read(dependencies_file_path))
+
+      index = file_contents.index { |gem| gem['name'] == name }
+      file_contents[index].merge!(attrs)
+
+      File.open(dependencies_file_path, "w") do |f|
+        f.puts file_contents.to_yaml
+      end
+    end
+
+    def append_to_file(filename, text)
+      File.open(File.join(app_path, filename), "a") do |f|
+        f.puts text
+      end
+    end
+
+    def add_dependency_to_app(gem_name, options={})
+      license = options.fetch(:license)
+      summary = options.fetch(:summary, "")
+      description = options.fetch(:description, "")
+      bundler_groups = options.fetch(:bundler_groups, "").to_s.split(',').map(&:strip)
+      version = options[:version] || "0.0.0"
+      homepage = options[:homepage]
+
+      gem_dir = File.join(projects_path, gem_name)
+
+      FileUtils.mkdir(gem_dir)
+      File.open(File.join(gem_dir, "#{gem_name}.gemspec"), 'w') do |file|
+        file.write <<-GEMSPEC
+          Gem::Specification.new do |s|
+            s.name = "#{gem_name}"
+            s.version = "#{version}"
+            s.author = "Cucumber"
+            s.summary = "#{summary}"
+            s.license = "#{license}"
+            s.description = "#{description}"
+            s.homepage = "#{homepage}"
+          end
+        GEMSPEC
+      end
+
+      gem_options = {}
+      gem_options[:path] = File.join(projects_path, gem_name)
+      gem_options[:groups] = bundler_groups unless bundler_groups.empty?
+
+      add_gem_dependency(gem_name, gem_options)
+
+      bundle_app
+    end
+
+    def configure_license_finder_whitelist(whitelisted_licenses=[])
+      FileUtils.mkdir_p(config_path)
+      File.open(File.join(config_path, "license_finder.yml"), "w") do |f|
+        f.write({'whitelist' => whitelisted_licenses}.to_yaml)
+      end
+    end
+
+    def configure_license_finder_bundler_whitelist(whitelisted_groups=[])
+      whitelisted_groups = Array whitelisted_groups
+      FileUtils.mkdir_p(config_path)
+      File.open(File.join(config_path, "license_finder.yml"), "w") do |f|
+        f.write({'ignore_groups' => whitelisted_groups}.to_yaml)
+      end
+    end
+
+    def execute_command(command)
+      Bundler.with_clean_env do
+        @output = `cd #{app_path} && bundle exec #{command}`
+      end
+
+      @output
+    end
+
+    def app_path(sub_directory = nil)
+      path = app_path = Pathname.new(File.join(projects_path, app_name)).cleanpath.to_s
+
+      if sub_directory
+        path = Pathname.new(File.join(app_path, sub_directory)).cleanpath.to_s
+
+        raise "#{name} is outside of the app" unless path =~ %r{^#{app_path}/}
+      end
+
+      path
+    end
+
+    def config_path
+      File.join(app_path, 'config')
+    end
+
+    def doc_path
+      File.join(app_path, 'doc')
+    end
+
+    def dependencies_file_path
+      File.join(doc_path, 'dependencies.yml')
+    end
+
+    def dependencies_html_path
+      File.join(doc_path, 'dependencies.html')
+    end
+
+    def add_gem_dependency(name, options = {})
+      line = "gem #{name.inspect}"
+      line << ", " + options.inspect unless options.empty?
+
+      add_to_gemfile(line)
+    end
+
+    def bundle_app
+      Bundler.with_clean_env do
+        `bundle install --gemfile=#{File.join(app_path, "Gemfile")} --path=#{bundle_path}`
+      end
+    end
+
+    def modifying_dependencies_file
+      FileUtils.mkdir_p(File.dirname(dependencies_file_path))
+      File.open(dependencies_file_path, 'w+') { |f| yield f }
+    end
+
+    private
+
+    def add_to_gemfile(line)
+      `echo #{line.inspect} >> #{File.join(app_path, "Gemfile")}`
+    end
+
+    def add_to_rakefile(line)
+      `echo #{line.inspect} >> #{File.join(app_path, "Rakefile")}`
+    end
+
+    def app_name
+      "my_app"
+    end
+
+    def sandbox_path
+      File.join(root_path, "tmp")
+    end
+
+    def projects_path
+      File.join(sandbox_path, "projects")
+    end
+
+    def bundle_path
+      File.join(sandbox_path, "bundle")
+    end
+
+    def reset_projects!
+      `rm -rf #{projects_path}`
+      `mkdir -p #{projects_path}`
+    end
+
+    def root_path
+      Pathname.new(File.join(File.dirname(__FILE__), "..", "..")).realpath.to_s
+    end
+  end
+end