license_finder 5.0.3 → 5.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.gitignore +3 -0
- data/CHANGELOG.md +8 -2
- data/Dockerfile +13 -1
- data/README.md +17 -1
- data/ci/pipelines/pipeline.yml.erb +1 -1
- data/ci/pipelines/release.yml +36 -0
- data/ci/scripts/run-tests.sh +9 -1
- data/lib/license_finder/cli/base.rb +2 -1
- data/lib/license_finder/cli/main.rb +1 -0
- data/lib/license_finder/configuration.rb +4 -0
- data/lib/license_finder/core.rb +3 -2
- data/lib/license_finder/package.rb +1 -0
- data/lib/license_finder/package_manager.rb +1 -0
- data/lib/license_finder/package_managers/govendor.rb +34 -5
- data/lib/license_finder/package_managers/gvt.rb +24 -3
- data/lib/license_finder/package_managers/nuget.rb +2 -1
- data/lib/license_finder/package_managers/pip.rb +12 -0
- data/lib/license_finder/package_managers/sbt.rb +46 -0
- data/lib/license_finder/package_utils/sbt_dependency_finder.rb +13 -0
- data/lib/license_finder/packages/sbt_package.rb +20 -0
- data/lib/license_finder/scanner.rb +1 -1
- data/lib/license_finder/shared_helpers/common_path.rb +25 -0
- data/lib/license_finder/version.rb +1 -1
- data/license_finder.gemspec +5 -8
- metadata +47 -29
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0f61e3d2e9a0285c561c1192e95d0b91e3a46472960bf70e03bc454f0d66d65f
|
|
4
|
+
data.tar.gz: 2e09b02961abd261e2998a53d5e67122ffe6dec115976ec4bda85d917ea24841
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: cb8e2141ca54fe804bcd94417444b75786042c08c8ecd63d58d23612b12d112fd22a635a6410c207c9ff945f1c86f1fe66de07dd26fe36dd9a0fde5d3d088325
|
|
7
|
+
data.tar.gz: 8e232fde4fafe4ea8162c8cab8664339ef2e2fbd666484b95ff1fc273b5904ec9ecafe7b3e1f3f05eed23c1eabcb770cc167c00983a87bd74575612efa9e0d75
|
data/.gitignore
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,4 +1,9 @@
|
|
|
1
|
-
# [5.0.
|
|
1
|
+
# [5.0.3] / 2018-02-13
|
|
2
|
+
|
|
3
|
+
### Changed
|
|
4
|
+
* Add the -vendor-only flag to dep-ensure calls - [e305bd1](https://github.com/pivotal/LicenseFinder/commit/e305bd1d5b2d9653f828c3940b59a12903904699)
|
|
5
|
+
|
|
6
|
+
# [5.0.2] / 2018-02-06
|
|
2
7
|
|
|
3
8
|
### Fixed
|
|
4
9
|
* Add conditional production flag to npm - [533f9b8](https://github.com/pivotal/LicenseFinder/commit/533f9b8fda250655f3613444da49fdce60215237)
|
|
@@ -546,4 +551,5 @@ Bugfixes:
|
|
|
546
551
|
[3.0.1]: https://github.com/pivotal/LicenseFinder/compare/v3.0.0...v3.0.1
|
|
547
552
|
[3.0.0]: https://github.com/pivotal/LicenseFinder/compare/v2.1.2...v3.0.0
|
|
548
553
|
[5.0.0]: https://github.com/pivotal/LicenseFinder/compare/v4.0.2...v5.0.0
|
|
549
|
-
[5.0.
|
|
554
|
+
[5.0.2]: https://github.com/pivotal/LicenseFinder/compare/v5.0.0...v5.0.2
|
|
555
|
+
[5.0.3]: https://github.com/pivotal/LicenseFinder/compare/v5.0.2...v5.0.3
|
data/Dockerfile
CHANGED
|
@@ -45,6 +45,18 @@ RUN curl -O http://www-us.apache.org/dist/maven/maven-3/3.5.2/binaries/apache-ma
|
|
|
45
45
|
mv apache-maven-3.5.2 /usr/local/lib/maven && \
|
|
46
46
|
ln -s /usr/local/lib/maven/bin/mvn /usr/local/bin/mvn
|
|
47
47
|
|
|
48
|
+
# install sbt
|
|
49
|
+
ENV SBT_VERSION 1.1.1
|
|
50
|
+
RUN mkdir -p /usr/local/share/sbt-launcher-packaging && \
|
|
51
|
+
curl --progress \
|
|
52
|
+
--retry 3 \
|
|
53
|
+
--retry-delay 15 \
|
|
54
|
+
--location "https://github.com/sbt/sbt/releases/download/v${SBT_VERSION}/sbt-${SBT_VERSION}.tgz" \
|
|
55
|
+
--output "/tmp/sbt-${SBT_VERSION}.tgz" && \
|
|
56
|
+
tar -xzf "/tmp/sbt-${SBT_VERSION}.tgz" -C /usr/local/share/sbt-launcher-packaging --strip-components=1 && \
|
|
57
|
+
ln -s /usr/local/share/sbt-launcher-packaging/bin/sbt /usr/local/bin/sbt && \
|
|
58
|
+
rm -f "/tmp/sbt-${SBT_VERSION}.tgz"
|
|
59
|
+
|
|
48
60
|
# install gradle
|
|
49
61
|
WORKDIR /tmp
|
|
50
62
|
RUN curl -L -o gradle.zip http://services.gradle.org/distributions/gradle-4.2-bin.zip && \
|
|
@@ -78,7 +90,7 @@ ENV LC_ALL=en_US.UTF-8
|
|
|
78
90
|
|
|
79
91
|
#install rvm
|
|
80
92
|
RUN curl -sSL https://rvm.io/mpapis.asc | gpg --import && \
|
|
81
|
-
curl -sSL https://get.rvm.io | sudo bash -s stable --ruby=2.
|
|
93
|
+
curl -sSL https://get.rvm.io | sudo bash -s stable --ruby=2.5.1
|
|
82
94
|
ENV PATH=/usr/local/rvm/bin:$PATH
|
|
83
95
|
|
|
84
96
|
#install mix
|
data/README.md
CHANGED
|
@@ -6,7 +6,8 @@ Build status
|
|
|
6
6
|
* Ruby 2.1.5 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
7
7
|
* Ruby 2.2.0 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
8
8
|
* Ruby 2.3.0 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
9
|
-
* Ruby 2.4.
|
|
9
|
+
* Ruby 2.4.4 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
10
|
+
* Ruby 2.5.1 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
10
11
|
* JRuby 9.0.4.0 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
11
12
|
|
|
12
13
|
|
|
@@ -48,6 +49,7 @@ report.
|
|
|
48
49
|
* Golang (via `gvt`, `glide`,`dep`, and `govendor`)
|
|
49
50
|
* JavaScript (via `yarn`)
|
|
50
51
|
* C++/C (via `conan`)
|
|
52
|
+
* Scala (via `sbt`)
|
|
51
53
|
|
|
52
54
|
## Installation
|
|
53
55
|
|
|
@@ -171,6 +173,7 @@ languages, as long as that language has a package definition in the project dire
|
|
|
171
173
|
* `Gopkg.lock` file (for `dep`)
|
|
172
174
|
* `yarn.lock` file (for `yarn`)
|
|
173
175
|
* `conanfile.txt` file (for `conan`)
|
|
176
|
+
* `build.sbt` file (for `sbt`)
|
|
174
177
|
|
|
175
178
|
|
|
176
179
|
### Continuous Integration
|
|
@@ -409,6 +412,19 @@ Ensure that `conan install` does not generate an error.
|
|
|
409
412
|
., license* -> ./licenses @ folder=True, ignore_case=True
|
|
410
413
|
```
|
|
411
414
|
|
|
415
|
+
### SBT Projects
|
|
416
|
+
|
|
417
|
+
`license_finder` supports SBT. You need to have installed the sbt-license-report in your project:
|
|
418
|
+
[https://github.com/sbt/sbt-license-report](https://github.com/sbt/sbt-license-report)
|
|
419
|
+
|
|
420
|
+
By default, `license_finder` will report on SBT's "compile" and "test" dependencies. If
|
|
421
|
+
you want to generate a report for some other dependency configuration, you can specify
|
|
422
|
+
it in your projects's `build.sbt`
|
|
423
|
+
|
|
424
|
+
```
|
|
425
|
+
licenseConfigurations := Set("compile", "provided")
|
|
426
|
+
```
|
|
427
|
+
|
|
412
428
|
## Requirements
|
|
413
429
|
|
|
414
430
|
`license_finder` requires ruby >= 1.9, or jruby.
|
data/ci/pipelines/release.yml
CHANGED
|
@@ -76,3 +76,39 @@ jobs:
|
|
|
76
76
|
name: version/tag.txt
|
|
77
77
|
tag: version/tag.txt
|
|
78
78
|
body: version/changelog.txt
|
|
79
|
+
|
|
80
|
+
- name: manual-release
|
|
81
|
+
plan:
|
|
82
|
+
- get: lf-git
|
|
83
|
+
- get: lf-image
|
|
84
|
+
params:
|
|
85
|
+
save: true
|
|
86
|
+
- get: lf-release
|
|
87
|
+
- task: update-changelog
|
|
88
|
+
image: lf-image
|
|
89
|
+
params:
|
|
90
|
+
GIT_USERNAME: ((GithubApiUser))
|
|
91
|
+
GIT_EMAIL: ((GithubApiEmail))
|
|
92
|
+
file: lf-git/ci/tasks/update-changelog.yml
|
|
93
|
+
- put: lf-image
|
|
94
|
+
params:
|
|
95
|
+
build: lf-git
|
|
96
|
+
tag: version/version.txt
|
|
97
|
+
tag_as_latest: true
|
|
98
|
+
- task: build-and-push-gem
|
|
99
|
+
image: lf-image
|
|
100
|
+
params:
|
|
101
|
+
GIT_USERNAME: ((GithubApiUser))
|
|
102
|
+
GIT_EMAIL: ((GithubApiEmail))
|
|
103
|
+
GIT_PRIVATE_KEY: ((CfOslBotPrivateKey))
|
|
104
|
+
GEM_API_KEY: ((LicenseFinderGemApiKey))
|
|
105
|
+
file: lf-git/ci/tasks/build-and-push-gem.yml
|
|
106
|
+
- put: lf-git
|
|
107
|
+
params:
|
|
108
|
+
repository: lf-git-changed
|
|
109
|
+
tag: version/tag.txt
|
|
110
|
+
- put: lf-release
|
|
111
|
+
params:
|
|
112
|
+
name: version/tag.txt
|
|
113
|
+
tag: version/tag.txt
|
|
114
|
+
body: version/changelog.txt
|
data/ci/scripts/run-tests.sh
CHANGED
|
@@ -14,9 +14,17 @@ bundle install
|
|
|
14
14
|
if [ "$RUBY_VERSION_UNDER_TEST" == "jruby-9.0.4.0" ]
|
|
15
15
|
then
|
|
16
16
|
bundle update rack
|
|
17
|
+
apt-get -y install software-properties-common
|
|
18
|
+
add-apt-repository -y ppa:webupd8team/java
|
|
19
|
+
apt-get update
|
|
20
|
+
echo "oracle-java8-installer shared/accepted-oracle-license-v1-1 select true" | sudo debconf-set-selections
|
|
21
|
+
apt -y install oracle-java8-set-default
|
|
17
22
|
fi
|
|
18
|
-
|
|
23
|
+
|
|
19
24
|
|
|
20
25
|
bundle exec rake install
|
|
21
26
|
bundle exec rake spec
|
|
22
27
|
bundle exec rake features
|
|
28
|
+
|
|
29
|
+
|
|
30
|
+
|
|
@@ -29,6 +29,7 @@ module LicenseFinder
|
|
|
29
29
|
class_option :rebar_deps_dir, desc: "Path to rebar dependencies directory. Only meaningful if used with a Erlang/rebar project. Defaults to 'deps'."
|
|
30
30
|
class_option :mix_command, desc: "Command to use when fetching packages through Mix. Only meaningful if used with a Mix project (i.e., Elixir or Erlang). Defaults to 'mix'."
|
|
31
31
|
class_option :mix_deps_dir, desc: "Path to Mix dependencies directory. Only meaningful if used with a Mix project (i.e., Elixir or Erlang). Defaults to 'deps'."
|
|
32
|
+
class_option :sbt_include_groups, desc: 'Whether dependency name should include group id. Only meaningful if used with a Scala/sbt project. Defaults to false.'
|
|
32
33
|
|
|
33
34
|
# Method options which are shared between report and action_item
|
|
34
35
|
def self.format_option
|
data/lib/license_finder/core.rb
CHANGED
|
@@ -82,7 +82,7 @@ module LicenseFinder
|
|
|
82
82
|
end
|
|
83
83
|
|
|
84
84
|
def clear_logs
|
|
85
|
-
FileUtils.
|
|
85
|
+
FileUtils.rmtree config.log_directory, secure: true if File.directory? config.log_directory
|
|
86
86
|
end
|
|
87
87
|
|
|
88
88
|
def options
|
|
@@ -102,7 +102,8 @@ module LicenseFinder
|
|
|
102
102
|
mix_command: config.mix_command,
|
|
103
103
|
mix_deps_dir: config.mix_deps_dir,
|
|
104
104
|
prepare: config.prepare,
|
|
105
|
-
prepare_no_fail: config.prepare_no_fail
|
|
105
|
+
prepare_no_fail: config.prepare_no_fail,
|
|
106
|
+
sbt_include_groups: config.sbt_include_groups
|
|
106
107
|
}
|
|
107
108
|
end
|
|
108
109
|
end
|
|
@@ -143,5 +143,6 @@ require 'license_finder/package_managers/rebar'
|
|
|
143
143
|
require 'license_finder/package_managers/nuget'
|
|
144
144
|
require 'license_finder/package_managers/dep'
|
|
145
145
|
require 'license_finder/package_managers/conan'
|
|
146
|
+
require 'license_finder/package_managers/sbt'
|
|
146
147
|
|
|
147
148
|
require 'license_finder/package'
|
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
require 'license_finder/shared_helpers/common_path'
|
|
2
|
+
require 'json'
|
|
3
|
+
|
|
1
4
|
module LicenseFinder
|
|
2
5
|
class Govendor < PackageManager
|
|
3
6
|
def possible_package_paths
|
|
@@ -6,13 +9,12 @@ module LicenseFinder
|
|
|
6
9
|
|
|
7
10
|
def current_packages
|
|
8
11
|
file = File.read(detected_package_path)
|
|
9
|
-
|
|
10
|
-
packages = json['package']
|
|
12
|
+
packages = packages_from_json(file)
|
|
11
13
|
packages.map do |package|
|
|
12
14
|
GoPackage.from_dependency({
|
|
13
|
-
'ImportPath' => package[
|
|
14
|
-
'InstallPath' => project_path.join('vendor', package[
|
|
15
|
-
'Rev' => package[
|
|
15
|
+
'ImportPath' => package[:path],
|
|
16
|
+
'InstallPath' => project_path.join('vendor', package[:path]),
|
|
17
|
+
'Rev' => package[:sha]
|
|
16
18
|
}, nil, true)
|
|
17
19
|
end
|
|
18
20
|
end
|
|
@@ -28,5 +30,32 @@ module LicenseFinder
|
|
|
28
30
|
def self.prepare_command
|
|
29
31
|
'govendor sync'
|
|
30
32
|
end
|
|
33
|
+
|
|
34
|
+
private
|
|
35
|
+
|
|
36
|
+
def packages_from_json(json_string)
|
|
37
|
+
data = JSON.parse(json_string)
|
|
38
|
+
packages = data['package']
|
|
39
|
+
|
|
40
|
+
packages_by_sha = {}
|
|
41
|
+
|
|
42
|
+
packages.each do |package|
|
|
43
|
+
package_path = package['path']
|
|
44
|
+
package_revision = package['revision']
|
|
45
|
+
if packages_by_sha[package_revision].nil?
|
|
46
|
+
packages_by_sha[package_revision] = [package_path]
|
|
47
|
+
else
|
|
48
|
+
packages_by_sha[package_revision] << package_path
|
|
49
|
+
end
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
result = []
|
|
53
|
+
packages_by_sha.each do |sha, paths|
|
|
54
|
+
common_paths = CommonPathHelper.shortest_common_paths(paths)
|
|
55
|
+
common_paths.each { |cp| result << { sha: sha, path: cp } }
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
result
|
|
59
|
+
end
|
|
31
60
|
end
|
|
32
61
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
require 'license_finder/shared_helpers/common_path'
|
|
1
2
|
module LicenseFinder
|
|
2
3
|
class Gvt < PackageManager
|
|
3
4
|
def possible_package_paths
|
|
@@ -47,12 +48,32 @@ module LicenseFinder
|
|
|
47
48
|
|
|
48
49
|
def packages_from_output(output, path)
|
|
49
50
|
package_lines = output.split("\n")
|
|
50
|
-
|
|
51
|
-
|
|
51
|
+
packages_by_sha = {}
|
|
52
|
+
package_lines.each do |p|
|
|
53
|
+
package_path, sha, repo = p.split
|
|
54
|
+
if packages_by_sha[sha].nil?
|
|
55
|
+
packages_by_sha[sha] = {}
|
|
56
|
+
packages_by_sha[sha]['paths'] = [package_path]
|
|
57
|
+
packages_by_sha[sha]['repo'] = repo
|
|
58
|
+
else
|
|
59
|
+
packages_by_sha[sha]['paths'] << package_path
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
result = []
|
|
64
|
+
packages_by_sha.each do |sha, info|
|
|
65
|
+
paths = CommonPathHelper.shortest_common_paths(info['paths'])
|
|
66
|
+
|
|
67
|
+
paths.each { |p| result << [sha, p, info['repo']] }
|
|
68
|
+
end
|
|
69
|
+
|
|
70
|
+
result.map do |package_info|
|
|
71
|
+
sha, import_path, repo = package_info
|
|
72
|
+
|
|
52
73
|
GoPackage.from_dependency({
|
|
53
74
|
'ImportPath' => import_path,
|
|
54
75
|
'InstallPath' => path.join(import_path),
|
|
55
|
-
'Rev' =>
|
|
76
|
+
'Rev' => sha,
|
|
56
77
|
'Homepage' => repo
|
|
57
78
|
}, nil, true)
|
|
58
79
|
end
|
|
@@ -25,7 +25,8 @@ module LicenseFinder
|
|
|
25
25
|
def possible_package_paths
|
|
26
26
|
path = project_path.join('vendor/*.nupkg')
|
|
27
27
|
nuget_dir = Dir[path].map { |pkg| File.dirname(pkg) }.uniq
|
|
28
|
-
|
|
28
|
+
|
|
29
|
+
possible_paths = [project_path.join('packages.config'), project_path.join('.nuget')]
|
|
29
30
|
possible_paths.unshift(Pathname(nuget_dir.first)) unless nuget_dir.empty?
|
|
30
31
|
possible_paths
|
|
31
32
|
end
|
|
@@ -25,6 +25,18 @@ module LicenseFinder
|
|
|
25
25
|
'pip'
|
|
26
26
|
end
|
|
27
27
|
|
|
28
|
+
def self.prepare_command
|
|
29
|
+
'pip install'
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def prepare
|
|
33
|
+
prep_cmd = "#{Pip.prepare_command} -r #{@requirements_path}"
|
|
34
|
+
_stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(prep_cmd) }
|
|
35
|
+
return if status.success?
|
|
36
|
+
log_errors stderr
|
|
37
|
+
raise "Prepare command '#{prep_cmd}' failed" unless @prepare_no_fail
|
|
38
|
+
end
|
|
39
|
+
|
|
28
40
|
def possible_package_paths
|
|
29
41
|
if project_path.nil?
|
|
30
42
|
[@requirements_path]
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
require 'csv'
|
|
2
|
+
require 'license_finder/package_utils/sbt_dependency_finder'
|
|
3
|
+
|
|
4
|
+
module LicenseFinder
|
|
5
|
+
class Sbt < PackageManager
|
|
6
|
+
def initialize(options = {})
|
|
7
|
+
super
|
|
8
|
+
@include_groups = options[:sbt_include_groups]
|
|
9
|
+
end
|
|
10
|
+
|
|
11
|
+
def current_packages
|
|
12
|
+
command = "#{package_management_command} dumpLicenseReport"
|
|
13
|
+
_stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(command) }
|
|
14
|
+
raise "Command '#{command}' failed to execute: #{stderr}" unless status.success?
|
|
15
|
+
|
|
16
|
+
dependencies = SbtDependencyFinder.new(project_path).dependencies
|
|
17
|
+
packages = dependencies.flat_map do |text|
|
|
18
|
+
options = {
|
|
19
|
+
headers: true
|
|
20
|
+
}
|
|
21
|
+
|
|
22
|
+
contents = CSV.parse(text, options)
|
|
23
|
+
contents.map do |row|
|
|
24
|
+
group_id, name, version = row['Dependency'].split('#').map(&:strip)
|
|
25
|
+
spec = {
|
|
26
|
+
'artifactId' => name,
|
|
27
|
+
'groupId' => group_id,
|
|
28
|
+
'version' => version,
|
|
29
|
+
'licenses' => [{ 'name' => row['License'] }]
|
|
30
|
+
}
|
|
31
|
+
SbtPackage.new(spec, logger: logger, include_groups: @include_groups)
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
packages.uniq
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
def package_management_command
|
|
39
|
+
'sbt'
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def possible_package_paths
|
|
43
|
+
[project_path.join('build.sbt')]
|
|
44
|
+
end
|
|
45
|
+
end
|
|
46
|
+
end
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
module LicenseFinder
|
|
2
|
+
class SbtDependencyFinder
|
|
3
|
+
def initialize(project_path)
|
|
4
|
+
@project_path = project_path
|
|
5
|
+
end
|
|
6
|
+
|
|
7
|
+
def dependencies
|
|
8
|
+
Pathname
|
|
9
|
+
.glob(@project_path.join('**', 'target', 'license-reports', '*.csv'))
|
|
10
|
+
.map(&:read)
|
|
11
|
+
end
|
|
12
|
+
end
|
|
13
|
+
end
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
module LicenseFinder
|
|
2
|
+
class SbtPackage < Package
|
|
3
|
+
def initialize(spec, options = {})
|
|
4
|
+
name = spec['artifactId']
|
|
5
|
+
name = "#{spec['groupId']}:#{name}" if options[:include_groups]
|
|
6
|
+
|
|
7
|
+
super(
|
|
8
|
+
name,
|
|
9
|
+
spec['version'],
|
|
10
|
+
options.merge(
|
|
11
|
+
spec_licenses: Array(spec['licenses']).map { |l| l['name'] }
|
|
12
|
+
)
|
|
13
|
+
)
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
def package_manager
|
|
17
|
+
'Sbt'
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
module LicenseFinder
|
|
2
2
|
class Scanner
|
|
3
3
|
PACKAGE_MANAGERS = [GoDep, GoWorkspace, Go15VendorExperiment, Glide, Gvt, Govendor, Dep, Bundler, NPM, Pip,
|
|
4
|
-
Yarn, Bower, Maven, Gradle, CocoaPods, Rebar, Nuget, Carthage, Mix, Conan].freeze
|
|
4
|
+
Yarn, Bower, Maven, Gradle, CocoaPods, Rebar, Nuget, Carthage, Mix, Conan, Sbt].freeze
|
|
5
5
|
|
|
6
6
|
def initialize(config = { project_path: Pathname.new('') })
|
|
7
7
|
@config = config
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
module CommonPathHelper
|
|
2
|
+
def self.shortest_common_paths(paths)
|
|
3
|
+
[].tap do |common_paths|
|
|
4
|
+
# organize by matching root paths
|
|
5
|
+
paths_with_roots = paths.group_by { |path| path.split('/').first }
|
|
6
|
+
paths_with_roots.each do |common_root, full_paths|
|
|
7
|
+
# use the shortest path as the 'template'
|
|
8
|
+
shortest_path = full_paths.sort_by { |path| path.split('/').length }.first
|
|
9
|
+
shortest_common_path = common_root
|
|
10
|
+
|
|
11
|
+
# iterate through each subpath of the 'template'
|
|
12
|
+
shortest_path.split('/').each_with_index do |subpath, i|
|
|
13
|
+
potential_path = i.zero? ? shortest_common_path : [shortest_common_path, subpath].join('/')
|
|
14
|
+
|
|
15
|
+
# check each for the existence of the subsequent subpath
|
|
16
|
+
mismatch = full_paths.any? { |path| !path.start_with?(potential_path) }
|
|
17
|
+
break if mismatch
|
|
18
|
+
|
|
19
|
+
shortest_common_path = potential_path
|
|
20
|
+
end
|
|
21
|
+
common_paths << shortest_common_path
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
data/license_finder.gemspec
CHANGED
|
@@ -5,7 +5,7 @@ require 'license_finder/platform'
|
|
|
5
5
|
require 'license_finder/version'
|
|
6
6
|
|
|
7
7
|
Gem::Specification.new do |s|
|
|
8
|
-
s.required_ruby_version = '>= 1.
|
|
8
|
+
s.required_ruby_version = '>= 2.1.0'
|
|
9
9
|
s.name = 'license_finder'
|
|
10
10
|
s.version = LicenseFinder::VERSION
|
|
11
11
|
|
|
@@ -50,14 +50,14 @@ Gem::Specification.new do |s|
|
|
|
50
50
|
s.add_dependency 'rubyzip'
|
|
51
51
|
s.add_dependency 'thor'
|
|
52
52
|
s.add_dependency 'toml', '0.2.0'
|
|
53
|
+
s.add_dependency 'with_env', '1.1.0'
|
|
53
54
|
s.add_dependency 'xml-simple'
|
|
54
55
|
|
|
55
|
-
|
|
56
|
-
s.add_dependency 'with_env', (RUBY_VERSION <= '1.9.3' ? '1.0.0' : '> 1.0')
|
|
57
|
-
|
|
56
|
+
s.add_development_dependency 'addressable', '2.5.2'
|
|
58
57
|
s.add_development_dependency 'capybara', '~> 2.0.0'
|
|
59
58
|
s.add_development_dependency 'cocoapods', '0.34.0' if LicenseFinder::Platform.darwin?
|
|
60
59
|
s.add_development_dependency 'fakefs', '~> 0.11.3'
|
|
60
|
+
s.add_development_dependency 'mime-types', '3.1'
|
|
61
61
|
s.add_development_dependency 'pry'
|
|
62
62
|
s.add_development_dependency 'rake'
|
|
63
63
|
s.add_development_dependency 'rspec', '~> 3'
|
|
@@ -66,10 +66,7 @@ Gem::Specification.new do |s|
|
|
|
66
66
|
|
|
67
67
|
# to preserve ruby < 2.2.2 support.
|
|
68
68
|
s.add_development_dependency 'rack', (RUBY_VERSION < '2.2.2' ? '1.6.0' : '> 1.6')
|
|
69
|
-
|
|
70
|
-
# temporary to preserve ruby 1.9.3 support.
|
|
71
|
-
s.add_development_dependency 'addressable', '< 2.5.0'
|
|
72
|
-
s.add_development_dependency 'mime-types', '< 3.0'
|
|
69
|
+
s.add_development_dependency 'rack-test', (RUBY_VERSION < '2.2.2' ? '0.7.0' : '> 0.7')
|
|
73
70
|
|
|
74
71
|
s.files = `git ls-files`.split("\n").reject { |f| f.start_with?('spec', 'features') }
|
|
75
72
|
s.executables = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: license_finder
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.0
|
|
4
|
+
version: 5.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ryan Collins
|
|
@@ -27,7 +27,7 @@ authors:
|
|
|
27
27
|
autorequire:
|
|
28
28
|
bindir: bin
|
|
29
29
|
cert_chain: []
|
|
30
|
-
date: 2018-02
|
|
30
|
+
date: 2018-04-02 00:00:00.000000000 Z
|
|
31
31
|
dependencies:
|
|
32
32
|
- !ruby/object:Gem::Dependency
|
|
33
33
|
name: bundler
|
|
@@ -99,6 +99,20 @@ dependencies:
|
|
|
99
99
|
- - '='
|
|
100
100
|
- !ruby/object:Gem::Version
|
|
101
101
|
version: 0.2.0
|
|
102
|
+
- !ruby/object:Gem::Dependency
|
|
103
|
+
name: with_env
|
|
104
|
+
requirement: !ruby/object:Gem::Requirement
|
|
105
|
+
requirements:
|
|
106
|
+
- - '='
|
|
107
|
+
- !ruby/object:Gem::Version
|
|
108
|
+
version: 1.1.0
|
|
109
|
+
type: :runtime
|
|
110
|
+
prerelease: false
|
|
111
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
112
|
+
requirements:
|
|
113
|
+
- - '='
|
|
114
|
+
- !ruby/object:Gem::Version
|
|
115
|
+
version: 1.1.0
|
|
102
116
|
- !ruby/object:Gem::Dependency
|
|
103
117
|
name: xml-simple
|
|
104
118
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -114,19 +128,19 @@ dependencies:
|
|
|
114
128
|
- !ruby/object:Gem::Version
|
|
115
129
|
version: '0'
|
|
116
130
|
- !ruby/object:Gem::Dependency
|
|
117
|
-
name:
|
|
131
|
+
name: addressable
|
|
118
132
|
requirement: !ruby/object:Gem::Requirement
|
|
119
133
|
requirements:
|
|
120
|
-
- -
|
|
134
|
+
- - '='
|
|
121
135
|
- !ruby/object:Gem::Version
|
|
122
|
-
version:
|
|
123
|
-
type: :
|
|
136
|
+
version: 2.5.2
|
|
137
|
+
type: :development
|
|
124
138
|
prerelease: false
|
|
125
139
|
version_requirements: !ruby/object:Gem::Requirement
|
|
126
140
|
requirements:
|
|
127
|
-
- -
|
|
141
|
+
- - '='
|
|
128
142
|
- !ruby/object:Gem::Version
|
|
129
|
-
version:
|
|
143
|
+
version: 2.5.2
|
|
130
144
|
- !ruby/object:Gem::Dependency
|
|
131
145
|
name: capybara
|
|
132
146
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -155,6 +169,20 @@ dependencies:
|
|
|
155
169
|
- - "~>"
|
|
156
170
|
- !ruby/object:Gem::Version
|
|
157
171
|
version: 0.11.3
|
|
172
|
+
- !ruby/object:Gem::Dependency
|
|
173
|
+
name: mime-types
|
|
174
|
+
requirement: !ruby/object:Gem::Requirement
|
|
175
|
+
requirements:
|
|
176
|
+
- - '='
|
|
177
|
+
- !ruby/object:Gem::Version
|
|
178
|
+
version: '3.1'
|
|
179
|
+
type: :development
|
|
180
|
+
prerelease: false
|
|
181
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
182
|
+
requirements:
|
|
183
|
+
- - '='
|
|
184
|
+
- !ruby/object:Gem::Version
|
|
185
|
+
version: '3.1'
|
|
158
186
|
- !ruby/object:Gem::Dependency
|
|
159
187
|
name: pry
|
|
160
188
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -240,33 +268,19 @@ dependencies:
|
|
|
240
268
|
- !ruby/object:Gem::Version
|
|
241
269
|
version: '1.6'
|
|
242
270
|
- !ruby/object:Gem::Dependency
|
|
243
|
-
name:
|
|
244
|
-
requirement: !ruby/object:Gem::Requirement
|
|
245
|
-
requirements:
|
|
246
|
-
- - "<"
|
|
247
|
-
- !ruby/object:Gem::Version
|
|
248
|
-
version: 2.5.0
|
|
249
|
-
type: :development
|
|
250
|
-
prerelease: false
|
|
251
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
252
|
-
requirements:
|
|
253
|
-
- - "<"
|
|
254
|
-
- !ruby/object:Gem::Version
|
|
255
|
-
version: 2.5.0
|
|
256
|
-
- !ruby/object:Gem::Dependency
|
|
257
|
-
name: mime-types
|
|
271
|
+
name: rack-test
|
|
258
272
|
requirement: !ruby/object:Gem::Requirement
|
|
259
273
|
requirements:
|
|
260
|
-
- - "
|
|
274
|
+
- - ">"
|
|
261
275
|
- !ruby/object:Gem::Version
|
|
262
|
-
version: '
|
|
276
|
+
version: '0.7'
|
|
263
277
|
type: :development
|
|
264
278
|
prerelease: false
|
|
265
279
|
version_requirements: !ruby/object:Gem::Requirement
|
|
266
280
|
requirements:
|
|
267
|
-
- - "
|
|
281
|
+
- - ">"
|
|
268
282
|
- !ruby/object:Gem::Version
|
|
269
|
-
version: '
|
|
283
|
+
version: '0.7'
|
|
270
284
|
description: |2
|
|
271
285
|
LicenseFinder works with your package managers to find
|
|
272
286
|
dependencies, detect the licenses of the packages in them, compare
|
|
@@ -375,6 +389,7 @@ files:
|
|
|
375
389
|
- lib/license_finder/package_managers/nuget.rb
|
|
376
390
|
- lib/license_finder/package_managers/pip.rb
|
|
377
391
|
- lib/license_finder/package_managers/rebar.rb
|
|
392
|
+
- lib/license_finder/package_managers/sbt.rb
|
|
378
393
|
- lib/license_finder/package_managers/yarn.rb
|
|
379
394
|
- lib/license_finder/package_utils/activation.rb
|
|
380
395
|
- lib/license_finder/package_utils/conan_info_parser.rb
|
|
@@ -383,6 +398,7 @@ files:
|
|
|
383
398
|
- lib/license_finder/package_utils/licensing.rb
|
|
384
399
|
- lib/license_finder/package_utils/maven_dependency_finder.rb
|
|
385
400
|
- lib/license_finder/package_utils/possible_license_file.rb
|
|
401
|
+
- lib/license_finder/package_utils/sbt_dependency_finder.rb
|
|
386
402
|
- lib/license_finder/packages/bower_package.rb
|
|
387
403
|
- lib/license_finder/packages/bundler_package.rb
|
|
388
404
|
- lib/license_finder/packages/carthage_package.rb
|
|
@@ -398,6 +414,7 @@ files:
|
|
|
398
414
|
- lib/license_finder/packages/nuget_package.rb
|
|
399
415
|
- lib/license_finder/packages/pip_package.rb
|
|
400
416
|
- lib/license_finder/packages/rebar_package.rb
|
|
417
|
+
- lib/license_finder/packages/sbt_package.rb
|
|
401
418
|
- lib/license_finder/packages/yarn_package.rb
|
|
402
419
|
- lib/license_finder/platform.rb
|
|
403
420
|
- lib/license_finder/project_finder.rb
|
|
@@ -414,6 +431,7 @@ files:
|
|
|
414
431
|
- lib/license_finder/reports/text_report.rb
|
|
415
432
|
- lib/license_finder/scanner.rb
|
|
416
433
|
- lib/license_finder/shared_helpers/cmd.rb
|
|
434
|
+
- lib/license_finder/shared_helpers/common_path.rb
|
|
417
435
|
- lib/license_finder/version.rb
|
|
418
436
|
- license_finder.gemspec
|
|
419
437
|
- release/instructions.md
|
|
@@ -429,7 +447,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
429
447
|
requirements:
|
|
430
448
|
- - ">="
|
|
431
449
|
- !ruby/object:Gem::Version
|
|
432
|
-
version: 1.
|
|
450
|
+
version: 2.1.0
|
|
433
451
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
434
452
|
requirements:
|
|
435
453
|
- - ">="
|
|
@@ -437,7 +455,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
437
455
|
version: '0'
|
|
438
456
|
requirements: []
|
|
439
457
|
rubyforge_project:
|
|
440
|
-
rubygems_version: 2.7.
|
|
458
|
+
rubygems_version: 2.7.6
|
|
441
459
|
signing_key:
|
|
442
460
|
specification_version: 4
|
|
443
461
|
summary: Audit the OSS licenses of your application's dependencies.
|