license_finder 3.0.4 → 3.1.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: df518f591c669fe1a648f5513797ba99701be14b
-  data.tar.gz: e19c932c315fe285f147adc7c99f5ab982be13f2
+  metadata.gz: 956d6a13cb2fb6bdcaa433ec77957db763a41d6b
+  data.tar.gz: 1f9a2da6f824d793b9dffb6a1e5903de465d8d13
 SHA512:
-  metadata.gz: 4ed3e1a000a8838c366b9773bcf7fffd508e7a61398e72173d2b38e1ea6538c944a13eb1d5bb176c61f994ce2bcf2b46e7a2c8507ee02c383d20d95f2e23040c
-  data.tar.gz: 0f575f901938b93b9acde6dd461a7ed57ed99224862ec0fb3e1f68f128ec4a9685836f64b9852522af6d96326a76681549a67cde1f736590edb67e17699513ba
+  metadata.gz: d2fb7013ff3482c23d1fba6c30aef68df057e1c61665f50907ed0f8e1151a0785430c4a233424d8c5d890f426e57234df435dec7c5e7ea70712eb21941271c17
+  data.tar.gz: 9805ab07f8d85a4b1d34d4a4e26b44c645e4477eef615b870692c9099233ecb072b9acc895917960ad2763c447825a059d7ee04e144a062e2231499b4006cc2a

data/.rubocop.yml

@@ -0,0 +1,56 @@
+#Layout Cops
+IndentHeredoc:
+  Enabled: false
+
+#Linting Cops
+AmbiguousRegexpLiteral:
+  Enabled: false
+
+# Metrics Cops
+AbcSize:
+  Max: 30
+BlockLength:
+  Enabled: false # TODO: enable and refactor long methods
+#  ExcludedMethods: ['describe', 'context', 'it', 'shared_examples']  # uncomment once enabled
+ClassLength:
+  Enabled: false
+CyclomaticComplexity:
+  Max: 10
+PerceivedComplexity:
+  Max: 10
+LineLength:
+  Max: 200
+MethodLength:
+  Enabled: false
+ModuleLength:
+  Enabled: false
+
+# Security Cops
+YAMLLoad:
+  Enabled: false
+
+#Style Cops
+DoubleNegation:
+  Enabled: false
+Documentation:
+  Enabled: false
+FileName:
+  Exclude:
+    - '**/Rakefile'
+    - '**/Gemfile'
+    - '**/Podfile'
+MethodMissing:
+  Enabled: false
+ModuleFunction:
+  Enabled: false
+
+AllCops:
+  Include:
+    - 'bin/license_finder'
+  Exclude:
+    - 'lib/license_finder/reports/**/*'
+    - 'features/fixtures/**/*'
+    - 'releases/**/*'
+    - 'ci/**/*'
+    - 'tmp/**/*'
+    - 'Gemfile'

data/CHANGELOG.md

@@ -1,4 +1,29 @@
-# [3.0.4] / 2017-09-11
+# [3.1.0] / 2017-11-10
+
+### Added
+
+* Added support for [Carthage](https://github.com/Carthage/Carthage) 
+* Added support for [gvt](https://github.com/FiloSottile/gvt)
+* Added support for [yarn](https://yarnpkg.com/en/)
+* Added support for [glide](https://github.com/Masterminds/glide)
+* Added support for [GoVendor](https://github.com/kardianos/govendor)
+* Added support for [Dep](https://github.com/golang/dep)
+* Added support for [Conan](https://conan.io/)
+* Added `--prepare` option
+  * `--prepare`/`-p` is an option which can now be passed to the `action_items` or `report` task of `license_finder`
+  * `prepare` will indicate to License Finder that it should attempt to prepare the project before running in a License scan.
+
+### Changed
+
+* Upgrade `Gradle` in Dockerfile
+* Clean up some CLI interaction and documentation
+
+### Fixed
+
+* `build-essential` was added back into the Dockerfile after accidentally being removed
+* Ignore leading prefixes such as 'The' when looking for licenses
+
+# [3.0.4] / 2017-09-14
 
 ### Added
 * Added concourse pipeline file for Docker image process (#335, #337)
@@ -461,7 +486,9 @@ Bugfixes:
   * Fix blow up if there's not `ignore_groups` setting in the config file.
 
 
-[Unreleased]: https://github.com/pivotal/LicenseFinder/compare/v3.0.2...HEAD
+[Unreleased]: https://github.com/pivotal/LicenseFinder/compare/v3.0.4...HEAD
+[3.1.0]: https://github.com/pivotal/LicenseFinder/compare/v3.0.4...v3.1.0
+[3.0.4]: https://github.com/pivotal/LicenseFinder/compare/v3.0.2...v3.0.4
 [3.0.2]: https://github.com/pivotal/LicenseFinder/compare/v3.0.1...v3.0.2
 [3.0.1]: https://github.com/pivotal/LicenseFinder/compare/v3.0.0...v3.0.1
 [3.0.0]: https://github.com/pivotal/LicenseFinder/compare/v2.1.2...v3.0.0

data/CONTRIBUTING.md

@@ -59,14 +59,18 @@ If you come up with something useful, consider posting it to the Google Group
 
 To successfully run the test suite, you will need the following installed:
 - NPM (requires Node)
+- Yarn (requires Node)
 - Bower (requires Node and NPM)
 - Maven (requires Java)
 - Gradle (requires Java)
 - Pip (requires python)
 - Rebar (requires erlang)
-- GoDep, GoWorkspace, and GoVendor (requires golang)
+- GoDep, GoWorkspace, govendor, Glide, Dep, and Gvt (requires golang)
 - CocoaPods (requires ruby)
 - Bundler (requires ruby)
+- Carthage (requires homebrew)
+- Mix (requires Elixir)
+- Conan
 
 The [LicenseFinder docker image](https://hub.docker.com/r/licensefinder/license_finder/) already contains these dependencies.
 

data/Dockerfile

@@ -1,10 +1,16 @@
 FROM ubuntu:trusty
-RUN apt-get update && apt-get install -y curl git-core wget unzip
+RUN apt-get update && apt-get install -y curl git-core build-essential wget unzip
 
 # nodejs seems to be required for the one of the gems
 RUN curl -sL https://deb.nodesource.com/setup_8.x | bash - && \
     apt-get -y install nodejs
 
+# install yarn
+RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add - && \
+  echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list && \
+  apt-get update && \
+  apt-get install yarn
+
 # install bower
 RUN npm install -g bower && \
     echo '{ "allow_root": true }' > /root/.bowerrc
@@ -34,17 +40,17 @@ RUN apt-get install -y python-pip && \
     pip install --upgrade pip
 
 # install maven
-RUN curl -O http://www-us.apache.org/dist/maven/maven-3/3.5.0/binaries/apache-maven-3.5.0-bin.tar.gz && \
-    tar -xf apache-maven-3.5.0-bin.tar.gz; rm -rf apache-maven-3.5.0-bin.tar.gz && \
-    mv apache-maven-3.5.0 /usr/local/lib/maven && \
+RUN curl -O http://www-us.apache.org/dist/maven/maven-3/3.5.2/binaries/apache-maven-3.5.2-bin.tar.gz && \
+    tar -xf apache-maven-3.5.2-bin.tar.gz; rm -rf apache-maven-3.5.2-bin.tar.gz && \
+    mv apache-maven-3.5.2 /usr/local/lib/maven && \
     ln -s /usr/local/lib/maven/bin/mvn /usr/local/bin/mvn
 
 # install gradle
 WORKDIR /tmp
-RUN curl -L -o gradle.zip http://services.gradle.org/distributions/gradle-2.9-bin.zip && \
+RUN curl -L -o gradle.zip http://services.gradle.org/distributions/gradle-4.2-bin.zip && \
     unzip -q gradle.zip && \
     rm gradle.zip && \
-    mv gradle-2.9 /root/gradle
+    mv gradle-4.2 /root/gradle
 ENV PATH=/root/gradle/bin:$PATH
 
 #install go
@@ -57,7 +63,12 @@ ENV PATH=$PATH:/go/bin
 ENV GOROOT=/go
 ENV GOPATH=/gopath
 ENV PATH=$PATH:$GOPATH/bin
-RUN mkdir /gopath && go get github.com/tools/godep
+RUN mkdir /gopath && \
+  go get github.com/tools/godep && \
+  go get github.com/FiloSottile/gvt && \
+  go get github.com/Masterminds/glide && \
+  go get github.com/kardianos/govendor && \
+  go get github.com/golang/dep/cmd/dep
 
 # Fix the locale
 RUN locale-gen en_US.UTF-8
@@ -66,14 +77,26 @@ ENV LANGUAGE=en_US:en
 ENV LC_ALL=en_US.UTF-8
 
 #install rvm
-RUN gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 && \
+RUN gpg --keyserver hkp://pgp.mit.edu --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3 && \
     curl -sSL https://raw.githubusercontent.com/wayneeseguin/rvm/stable/binscripts/rvm-installer | sudo bash -s stable --ruby=2.4.1
 ENV PATH=/usr/local/rvm/bin:$PATH
 
+#install mix
+RUN wget https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb && \
+    sudo dpkg -i erlang-solutions_1.0_all.deb && \
+    sudo apt-get update && \
+    sudo apt-get install -y esl-erlang && \
+    sudo apt-get install -y elixir
+
 # install bundler
-RUN bash -lc "rvm install 2.4.1 --default && gem install bundler"
+RUN bash -lc "gem update --system && gem install bundler"
+
+# install conan
+RUN apt-get install -y python-dev && \
+	pip install conan
 
 # install license_finder
-RUN bash -lc "git clone https://github.com/pivotal/LicenseFinder /LicenseFinder && cd /LicenseFinder && bundle install -j4 && rake install"
+COPY . /LicenseFinder
+RUN bash -lc "cd /LicenseFinder && bundle install -j4 && rake install"
 
 WORKDIR /

data/Gemfile

@@ -1,3 +1,3 @@
-source "https://rubygems.org"
-
+source 'https://rubygems.org'
 gemspec
+gem 'toml', '0.1.2'

data/README.md

@@ -37,12 +37,17 @@ report.
 | Go workspace (via a `.envrc` file) | Go lang |    1.8.3 |
 | Go submodules | Go lang | 1.8.3 |
 | Java         | maven           | 3.5.0   |
-| Java         | gradle          | 2.9     |
+| Java         | gradle          | 4.2     |
 
 ### Experimental project types
 
 * Erlang (via `rebar`)
+* Objective-C, Swift (via Carthage or CocoaPods \[0.39 and below. See [CocoaPods Specs Repo Sharding](http://blog.cocoapods.org/Sharding/)\])
 * Objective-C (+ CocoaPods 0.39 and below. See [CocoaPods Specs Repo Sharding](http://blog.cocoapods.org/Sharding/))
+* Elixir (via `mix`)
+* Golang (via `gvt`, `glide`,`dep`, and `govendor`)
+* JavaScript (via `yarn`)
+* C++/C (via `conan`)
 
 ## Installation
 
@@ -151,8 +156,16 @@ languages, as long as that language has a package definition in the project dire
 * `settings.gradle` that specifies `rootProject.buildFileName` (for `gradle`)
 * `bower.json` (for `bower`)
 * `Podfile` (for CocoaPods)
+* `Cartfile` (for Carthage)
 * `rebar.config` (for `rebar`)
+* `mix.exs` (for `mix`)
 * `packages/` directory (for `Nuget`)
+* `vendor/manifest` or `*/vendor/manifest` file (for `gvt`)
+* `glide.lock` file (for `glide`)
+* `vendor/vendor.json` file (for `govendor`)
+* `Gopkg.lock` file (for `dep`)
+* `yarn.lock` file (for `yarn`)
+* `conanfile.txt` file (for `conan`)
 
 
 ### Continuous Integration
@@ -336,11 +349,14 @@ If you have a gradle project, you can invoke gradle with a custom script by
 passing (for example) `--gradle_command gradlew` to `license_finder` or
 `license_finder report`.
 
-
 Similarly you can invoke a custom rebar script with `--rebar_command rebar2`.
 If you store rebar dependencies in a custom directory (by setting `deps_dir` in
 `rebar.config`), set `--rebar_deps_dir`.
 
+You can also invoke a custom Mix script `remix` with `--mix_command remix` and
+set `--mix_deps_dir` to fetch Mix dependencies from a custom directory.
+
+
 ### Saving Configuration
 
 It may be difficult to remember to pass command line options to every command.
@@ -355,6 +371,8 @@ decisions_file: './some_path/decisions.yml'
 gradle_command: './gradlew'
 rebar_command: './rebarw'
 rebar_deps_dir: './rebar_deps'
+mix_command: './mixw'
+mix_deps_dir: './mix_deps'
 ```
 
 ### Gradle Projects
@@ -376,11 +394,15 @@ downloadLicenses {
 }
 ```
 
+### Conan rojects
 
-### Maven Projects
-
-`license_finder` supports Maven.
+`license_finder` supports Conan. You need to have the following lines in your conanfile.txt for `license_finder` to retrieve dependencies' licenses.
+Ensure that `conan install` does not generate an error. 
 
+``` 
+[imports]
+., license* -> ./licenses @ folder=True, ignore_case=True
+```
 
 ## Requirements
 

data/Rakefile

@@ -4,55 +4,50 @@ Bundler::GemHelper.install_tasks
 require './lib/license_finder/platform'
 require 'rspec/core/rake_task'
 
-desc "Run all specs in spec/"
+desc 'Run all specs in spec/'
 task :spec do
   RSpec::Core::RakeTask.new(:spec) do |t|
     t.fail_on_error = true
-    t.pattern = "./spec/**/*_spec.rb"
+    t.pattern = './spec/**/*_spec.rb'
     t.rspec_opts = %w[--color]
   end
 end
 
-desc "Only run cocoapods specs"
-RSpec::Core::RakeTask.new("spec:cocoapods") do |t|
+desc 'Only run cocoapods specs'
+RSpec::Core::RakeTask.new('spec:cocoapods') do |t|
   t.fail_on_error = true
-  t.pattern = "./spec/lib/license_finder/package_managers/cocoa_pods_*spec.rb"
+  t.pattern = './spec/lib/license_finder/package_managers/cocoa_pods_*spec.rb'
   t.rspec_opts = %w[--color]
 end
 
-desc "Run all specs in features/"
+desc 'Run all specs in features/'
 task :features do
   RSpec::Core::RakeTask.new(:features) do |t|
     t.fail_on_error = true
-    t.pattern = "./features/**/*_spec.rb"
+    t.pattern = './features/**/*_spec.rb'
     opts = %w[--color --format d]
     opts += LicenseFinder::Platform.darwin? ? [] : %w[--tag ~ios]
     t.rspec_opts = opts
   end
 end
 
-desc "Check for non-Ruby development dependencies."
+desc 'Check for non-Ruby development dependencies.'
 task :check_dependencies do
   require './lib/license_finder'
   satisfied = true
   LicenseFinder::PackageManager.package_managers.each do |package_manager|
-    satisfied = false unless package_manager.installed?(LicenseFinder::Logger.new(debug:true))
+    satisfied = false unless package_manager.installed?(LicenseFinder::Logger.new(debug: true))
   end
   STDOUT.flush
   exit 1 unless satisfied
 end
 
-desc "Configure ci pipeline"
-task :update_pipeline, [:slack_url, :slack_channel, :github_access_token] do |_, args|
-  access_token = args[:github_access_token]
+desc 'Configure ci pipeline'
+task :update_pipeline, [:slack_url, :slack_channel] do |_, args|
   slack_url = args[:slack_url]
   slack_channel = args[:slack_channel]
 
-  unless access_token
-    puts 'Warning: You should provide a Github access token with repo:status permission if you want to avoid rate limiting'
-  end
-
-  if !(slack_url || slack_channel)
+  unless slack_url || slack_channel
     puts 'Warning: skipping slack notifications setup'
     puts 'Warning: You should provide slack channel and url to receive slack notifications on build failures'
   end
@@ -60,7 +55,6 @@ task :update_pipeline, [:slack_url, :slack_channel, :github_access_token] do |_,
   params = []
   params << "slack_url=#{slack_url}" if slack_url
   params << "slack_channel=#{slack_channel}" if slack_channel
-  params << "github_access_token=#{access_token}" if access_token
 
   vars = params.join(' ')
   cmd = "bash -c \"fly -t osl set-pipeline -n -p LicenseFinder --config <(erb #{vars} ci/pipelines/pipeline.yml.erb)\""
@@ -68,7 +62,7 @@ task :update_pipeline, [:slack_url, :slack_channel, :github_access_token] do |_,
   system(cmd)
 end
 
-task :spec     => :check_dependencies
-task :features => :check_dependencies
+task spec: :check_dependencies
+task features: :check_dependencies
 
-task :default => [:spec, :features]
+task default: %i[spec features]

data/ci/pipelines/pipeline.yml.erb

@@ -1,4 +1,5 @@
 <% setup_slack = defined?(slack_url) && defined?(slack_channel) %>
+<% ruby_versions = %w(2.4.1 2.3.0 2.2.0 2.1.5 jruby-9.0.4.0) %>
 
 resource_types:
 - name: pull-request
@@ -24,9 +25,8 @@ resources:
   source:
     repo: pivotal/LicenseFinder
     base: master
-    <% if defined?(github_access_token) %>
-    access_token: <%= github_access_token %>
-    <% end %>
+    access_token: ((GithubApiTokenLicenseFinder))
+
 <% if setup_slack %>
 - name: slack-alert
   type: slack-notification
@@ -35,13 +35,14 @@ resources:
 <% end %>
 
 jobs:
-<% %w(2.4.1 2.3.0 2.2.0 2.1.5 jruby-9.0.4.0).each do |ruby_version| %>
+<% ruby_versions.each do |ruby_version| %>
 - name: ruby-<%= ruby_version %>
   public: true
   plan:
   - get: LicenseFinder
     trigger: true
   - task: ruby-<%= ruby_version %>
+    privileged: true
     file: LicenseFinder/ci/tasks/build.yml
     params:
       RUBY_VERSION_UNDER_TEST: <%= ruby_version %>
@@ -55,14 +56,24 @@ jobs:
 <% end %>
 <% end %>
 
-<% %w(2.4.1 2.3.0 2.2.0 2.1.5 jruby-9.0.4.0).each do |ruby_version| %>
-- name: PR-ruby-<%= ruby_version %>
+<% if setup_slack %>
+  on_failure:
+    put: slack-alert
+    params:
+      channel: '<%= slack_channel %>'
+      icon_emoji: ':crying_cat_face:'
+      text: '<%= "License Finder build failed. Build: https://osl.ci.cf-app.com/teams/main/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME" %>'
+<% end %>
+
+<% ruby_versions.each do |ruby_version| %>
+- name: PR-ruby-<%= ruby_version %>-linux
   public: true
   plan:
   - get: pull-request
     trigger: true
     version: every
   - task: ruby-<%= ruby_version %>
+    privileged: true
     file: pull-request/ci/tasks/build.yml
     params:
       RUBY_VERSION_UNDER_TEST: <%= ruby_version %>
@@ -88,3 +99,26 @@ jobs:
       text: '<%= "License Finder build failed. Build: https://osl.ci.cf-app.com/teams/main/pipelines/$BUILD_PIPELINE_NAME/jobs/$BUILD_JOB_NAME/builds/$BUILD_NAME" %>'
 <% end %>
 <% end %>
+
+- name: PR-rubocop
+  public: true
+  plan:
+  - get: pull-request
+    trigger: true
+    version: every
+  - task: run-rubocop
+    privileged: true
+    file: pull-request/ci/tasks/rubocop.yml
+    input_mapping: { LicenseFinder: pull-request }
+    on_success:
+      put: pull-request
+      params:
+        path: pull-request
+        status: success
+        context: run-rubocop
+    on_failure:
+      put: pull-request
+      params:
+        path: pull-request
+        status: failure
+        context: run-rubocop