license_finder 6.12.2 → 6.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/Dockerfile +48 -0
- data/README.md +2 -1
- data/VERSION +1 -1
- data/lib/license_finder/package.rb +1 -0
- data/lib/license_finder/package_manager.rb +1 -0
- data/lib/license_finder/package_managers/go_modules.rb +3 -1
- data/lib/license_finder/package_managers/spm.rb +93 -0
- data/lib/license_finder/packages/spm_package.rb +18 -0
- data/lib/license_finder/scanner.rb +1 -1
- metadata +4 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 81a1d40948fcecd79b16e2e4865e6f5526766555215edd838b346342546783df
|
|
4
|
+
data.tar.gz: a4f8021b36ae39ef95cab4234b7fc628de8bde6e00f348be381d334545eaec15
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0ee3c694d2a2410a4d5adbd0322050856403f66a9c4a80f7c4687bb668c9b86ba0d8835046366d9c2c64747eb972828fece491f172a90ddc8ca9c5582890e8fd
|
|
7
|
+
data.tar.gz: 4cf78f8b7e9a284d60bddc97c4d2eb5fe1ac1f1010ac347c86ced7d1d24a036cdaf15ca9ec514b48b67ab389f5bc19ea55844bfa115fdb6ec2f535c4610e19ac
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,8 @@
|
|
|
1
|
+
# [6.13.0] / 2021-04-27
|
|
2
|
+
|
|
3
|
+
### Fixed
|
|
4
|
+
* Ignore packages with nil modules - [4eca0ec1](https://github.com/pivotal/LicenseFinder/commit/4eca0ec15dc6266afa48b74b3742278351246eb8)
|
|
5
|
+
|
|
1
6
|
# [6.12.2] / 2021-04-14
|
|
2
7
|
|
|
3
8
|
### Changed
|
|
@@ -948,3 +953,4 @@ Bugfixes:
|
|
|
948
953
|
[6.12.0]: https://github.com/pivotal/LicenseFinder/compare/v6.11.0...v6.12.0
|
|
949
954
|
[6.12.1]: https://github.com/pivotal/LicenseFinder/compare/v6.12.0...v6.12.1
|
|
950
955
|
[6.12.2]: https://github.com/pivotal/LicenseFinder/compare/v6.12.1...v6.12.2
|
|
956
|
+
[6.13.0]: https://github.com/pivotal/LicenseFinder/compare/v6.12.2...v6.13.0
|
data/Dockerfile
CHANGED
|
@@ -179,6 +179,54 @@ RUN \
|
|
|
179
179
|
([ "$sha" = "${ref}" ] || (echo "Verification failed: ${sha} != ${ref}"; false)) &&\
|
|
180
180
|
(echo; echo "yes") | sh "${conda_installer}"
|
|
181
181
|
|
|
182
|
+
# install Swift Package Manager
|
|
183
|
+
# Based on https://github.com/apple/swift-docker/blob/main/5.3/ubuntu/16.04/Dockerfile
|
|
184
|
+
RUN apt-get -q install -y \
|
|
185
|
+
libatomic1 \
|
|
186
|
+
libcurl3 \
|
|
187
|
+
libxml2 \
|
|
188
|
+
libedit2 \
|
|
189
|
+
libsqlite3-0 \
|
|
190
|
+
libc6-dev \
|
|
191
|
+
binutils \
|
|
192
|
+
libgcc-5-dev \
|
|
193
|
+
libstdc++-5-dev \
|
|
194
|
+
zlib1g-dev \
|
|
195
|
+
libpython2.7 \
|
|
196
|
+
tzdata \
|
|
197
|
+
pkg-config \
|
|
198
|
+
&& rm -r /var/lib/apt/lists/*
|
|
199
|
+
|
|
200
|
+
# pub 4096R/ED3D1561 2019-03-22 [expires: 2021-03-21]
|
|
201
|
+
# Key fingerprint = A62A E125 BBBF BB96 A6E0 42EC 925C C1CC ED3D 1561
|
|
202
|
+
# uid Swift 5.x Release Signing Key <swift-infrastructure@swift.org
|
|
203
|
+
ARG SWIFT_SIGNING_KEY=A62AE125BBBFBB96A6E042EC925CC1CCED3D1561
|
|
204
|
+
ARG SWIFT_PLATFORM=ubuntu16.04
|
|
205
|
+
ARG SWIFT_BRANCH=swift-5.3.3-release
|
|
206
|
+
ARG SWIFT_VERSION=swift-5.3.3-RELEASE
|
|
207
|
+
ARG SWIFT_WEBROOT=https://swift.org/builds/
|
|
208
|
+
|
|
209
|
+
ENV SWIFT_SIGNING_KEY=$SWIFT_SIGNING_KEY \
|
|
210
|
+
SWIFT_PLATFORM=$SWIFT_PLATFORM \
|
|
211
|
+
SWIFT_BRANCH=$SWIFT_BRANCH \
|
|
212
|
+
SWIFT_VERSION=$SWIFT_VERSION \
|
|
213
|
+
SWIFT_WEBROOT=$SWIFT_WEBROOT
|
|
214
|
+
|
|
215
|
+
RUN set -e; \
|
|
216
|
+
SWIFT_WEBDIR="$SWIFT_WEBROOT/$SWIFT_BRANCH/$(echo $SWIFT_PLATFORM | tr -d .)/" \
|
|
217
|
+
&& SWIFT_BIN_URL="$SWIFT_WEBDIR/$SWIFT_VERSION/$SWIFT_VERSION-$SWIFT_PLATFORM.tar.gz" \
|
|
218
|
+
&& SWIFT_SIG_URL="$SWIFT_BIN_URL.sig" \
|
|
219
|
+
# - Download the GPG keys, Swift toolchain, and toolchain signature, and verify.
|
|
220
|
+
&& export GNUPGHOME="$(mktemp -d)" \
|
|
221
|
+
&& curl -fsSL "$SWIFT_BIN_URL" -o swift.tar.gz "$SWIFT_SIG_URL" -o swift.tar.gz.sig \
|
|
222
|
+
&& gpg --batch --quiet --keyserver ha.pool.sks-keyservers.net --recv-keys "$SWIFT_SIGNING_KEY" \
|
|
223
|
+
&& gpg --batch --verify swift.tar.gz.sig swift.tar.gz \
|
|
224
|
+
# - Unpack the toolchain, set libs permissions, and clean up.
|
|
225
|
+
&& tar -xzf swift.tar.gz --directory / --strip-components=1 \
|
|
226
|
+
&& chmod -R o+r /usr/lib/swift \
|
|
227
|
+
&& rm -rf "$GNUPGHOME" swift.tar.gz.sig swift.tar.gz \
|
|
228
|
+
set +e
|
|
229
|
+
|
|
182
230
|
# install license_finder
|
|
183
231
|
COPY . /LicenseFinder
|
|
184
232
|
RUN bash -lc "cd /LicenseFinder && bundle config set no-cache 'true' && bundle install -j4 && rake install"
|
data/README.md
CHANGED
|
@@ -44,7 +44,7 @@ and give you an actionable exception report.
|
|
|
44
44
|
### Experimental project types
|
|
45
45
|
|
|
46
46
|
* Erlang (via `rebar` and `Erlang.mk`)
|
|
47
|
-
* Objective-C, Swift (via Carthage
|
|
47
|
+
* Objective-C, Swift (via Carthage, CocoaPods \[0.39 and below. See [CocoaPods Specs Repo Sharding](http://blog.cocoapods.org/Sharding/)\]) and Swift Package Manager)
|
|
48
48
|
* Objective-C (+ CocoaPods 0.39 and below. See [CocoaPods Specs Repo Sharding](http://blog.cocoapods.org/Sharding/))
|
|
49
49
|
* Elixir (via `mix`)
|
|
50
50
|
* Golang (via `gvt`, `glide`,`dep`, `trash` and `govendor`)
|
|
@@ -176,6 +176,7 @@ languages, as long as that language has a package definition in the project dire
|
|
|
176
176
|
* `bower.json` (for `bower`)
|
|
177
177
|
* `Podfile` (for `pod`)
|
|
178
178
|
* `Cartfile` (for `carthage`)
|
|
179
|
+
* `workspace-state.json` under build directory (provided as enviroment variable `SPM_DERIVED_DATA` for Xcode, or default `.build` for non-Xcode projects), (for `spm`)
|
|
179
180
|
* `rebar.config` (for `rebar`)
|
|
180
181
|
* `Erlang.mk` or `erlang.mk` file (for `Erlang.mk`)
|
|
181
182
|
* `mix.exs` (for `mix`)
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
6.
|
|
1
|
+
6.13.0
|
|
@@ -188,6 +188,7 @@ require 'license_finder/packages/maven_package'
|
|
|
188
188
|
require 'license_finder/packages/gradle_package'
|
|
189
189
|
require 'license_finder/packages/cocoa_pods_package'
|
|
190
190
|
require 'license_finder/packages/carthage_package'
|
|
191
|
+
require 'license_finder/packages/spm_package'
|
|
191
192
|
require 'license_finder/packages/rebar_package'
|
|
192
193
|
require 'license_finder/packages/erlangmk_package'
|
|
193
194
|
require 'license_finder/packages/mix_package'
|
|
@@ -165,6 +165,7 @@ require 'license_finder/package_managers/maven'
|
|
|
165
165
|
require 'license_finder/package_managers/mix'
|
|
166
166
|
require 'license_finder/package_managers/cocoa_pods'
|
|
167
167
|
require 'license_finder/package_managers/carthage'
|
|
168
|
+
require 'license_finder/package_managers/spm'
|
|
168
169
|
require 'license_finder/package_managers/gradle'
|
|
169
170
|
require 'license_finder/package_managers/rebar'
|
|
170
171
|
require 'license_finder/package_managers/erlangmk'
|
|
@@ -33,6 +33,8 @@ module LicenseFinder
|
|
|
33
33
|
# Explanations:
|
|
34
34
|
# * Only list dependencies (packages not listed in the project directory)
|
|
35
35
|
# (.DepOnly)
|
|
36
|
+
# * Ignore packages that have nil modules
|
|
37
|
+
# (.Module)
|
|
36
38
|
# * Ignore standard library packages
|
|
37
39
|
# (not .Standard)
|
|
38
40
|
# * Replacement modules are respected
|
|
@@ -40,7 +42,7 @@ module LicenseFinder
|
|
|
40
42
|
# * Module cache directory or (vendored) package directory
|
|
41
43
|
# (or $mod.Dir .Dir)
|
|
42
44
|
format_str = \
|
|
43
|
-
'{{ if and (.DepOnly) (not .Standard) }}'\
|
|
45
|
+
'{{ if and (.DepOnly) (.Module) (not .Standard) }}'\
|
|
44
46
|
'{{ $mod := (or .Module.Replace .Module) }}'\
|
|
45
47
|
'{{ $mod.Path }},{{ $mod.Version }},{{ or $mod.Dir .Dir }}'\
|
|
46
48
|
'{{ end }}'
|
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'json'
|
|
4
|
+
|
|
5
|
+
module LicenseFinder
|
|
6
|
+
class Spm < PackageManager
|
|
7
|
+
class SpmError < RuntimeError; end
|
|
8
|
+
|
|
9
|
+
def current_packages
|
|
10
|
+
unless File.exist?(workspace_state_path)
|
|
11
|
+
raise SpmError, 'No checked-out SPM packages found.
|
|
12
|
+
Please install your dependencies first.'
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
workspace_state = JSON.parse(IO.read(workspace_state_path))
|
|
16
|
+
workspace_state['object']['dependencies'].map do |dependency|
|
|
17
|
+
package_ref = dependency['packageRef']
|
|
18
|
+
checkout_state = dependency['state']['checkoutState']
|
|
19
|
+
|
|
20
|
+
subpath = dependency['subpath']
|
|
21
|
+
package_name = package_ref['name']
|
|
22
|
+
package_version = checkout_state['version'] || checkout_state['revision']
|
|
23
|
+
homepage = package_ref['path']
|
|
24
|
+
|
|
25
|
+
SpmPackage.new(
|
|
26
|
+
package_name,
|
|
27
|
+
package_version,
|
|
28
|
+
license_text(subpath),
|
|
29
|
+
logger: logger,
|
|
30
|
+
install_path: project_checkout(subpath),
|
|
31
|
+
homepage: homepage
|
|
32
|
+
)
|
|
33
|
+
end
|
|
34
|
+
end
|
|
35
|
+
|
|
36
|
+
def package_management_command
|
|
37
|
+
LicenseFinder::Platform.darwin? ? 'xcodebuild' : 'swift'
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def prepare_command
|
|
41
|
+
LicenseFinder::Platform.darwin? ? 'xcodebuild -resolvePackageDependencies' : 'swift package resolve'
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def possible_package_paths
|
|
45
|
+
[workspace_state_path]
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
private
|
|
49
|
+
|
|
50
|
+
def resolved_package
|
|
51
|
+
if File.exist?(resolved_path)
|
|
52
|
+
@resolved_file ||= IO.read(resolved_path)
|
|
53
|
+
else
|
|
54
|
+
raise SpmError, 'No Package.resolved found.
|
|
55
|
+
Please install your dependencies first and provide it via environment variable
|
|
56
|
+
SPM_PACKAGE_RESOLVED'
|
|
57
|
+
end
|
|
58
|
+
end
|
|
59
|
+
|
|
60
|
+
def resolved_path
|
|
61
|
+
# Xcode projects have SPM packages info under project's derived data location
|
|
62
|
+
derived_data_folder = ENV['SPM_DERIVED_DATA']
|
|
63
|
+
if derived_data_folder
|
|
64
|
+
pathname = Pathname.new(derived_data_folder)
|
|
65
|
+
pathname.absolute? ? pathname : project_path.join(derived_data_folder)
|
|
66
|
+
else
|
|
67
|
+
project_path.join('.build')
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
def workspace_state_path
|
|
72
|
+
resolved_path.join('workspace-state.json')
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
def license_text(subpath)
|
|
76
|
+
license_path = license_pattern(subpath).find { |f| File.exist?(f) }
|
|
77
|
+
license_path.nil? ? nil : IO.read(license_path)
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
def project_checkout(subpath)
|
|
81
|
+
resolved_path.join('checkouts', subpath)
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
def license_pattern(subpath)
|
|
85
|
+
checkout_path = project_checkout(subpath)
|
|
86
|
+
Dir.glob(checkout_path.join('LICENSE*'), File::FNM_CASEFOLD)
|
|
87
|
+
end
|
|
88
|
+
|
|
89
|
+
def name_version_from_line(cartfile_line)
|
|
90
|
+
cartfile_line.split(' ')[1, 2].map { |f| f.split('/').last.delete('"').gsub('.git', '') }
|
|
91
|
+
end
|
|
92
|
+
end
|
|
93
|
+
end
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module LicenseFinder
|
|
4
|
+
class SpmPackage < Package
|
|
5
|
+
def initialize(name, version, license_text, options = {})
|
|
6
|
+
super(name, version, options)
|
|
7
|
+
@license = License.find_by_text(license_text.to_s)
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def licenses_from_spec
|
|
11
|
+
[@license].compact
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def package_manager
|
|
15
|
+
'Spm'
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
@@ -5,7 +5,7 @@ module LicenseFinder
|
|
|
5
5
|
PACKAGE_MANAGERS = [
|
|
6
6
|
GoModules, GoDep, GoWorkspace, Go15VendorExperiment, Glide, Gvt, Govendor, Trash, Dep, Bundler, NPM, Pip,
|
|
7
7
|
Yarn, Bower, Maven, Gradle, CocoaPods, Rebar, Erlangmk, Nuget, Carthage, Mix, Conan, Sbt, Cargo, Dotnet, Composer, Pipenv,
|
|
8
|
-
Conda
|
|
8
|
+
Conda, Spm
|
|
9
9
|
].freeze
|
|
10
10
|
|
|
11
11
|
class << self
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: license_finder
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.
|
|
4
|
+
version: 6.13.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ryan Collins
|
|
@@ -27,7 +27,7 @@ authors:
|
|
|
27
27
|
autorequire:
|
|
28
28
|
bindir: bin
|
|
29
29
|
cert_chain: []
|
|
30
|
-
date: 2021-04-
|
|
30
|
+
date: 2021-04-27 00:00:00.000000000 Z
|
|
31
31
|
dependencies:
|
|
32
32
|
- !ruby/object:Gem::Dependency
|
|
33
33
|
name: bundler
|
|
@@ -457,6 +457,7 @@ files:
|
|
|
457
457
|
- lib/license_finder/package_managers/pipenv.rb
|
|
458
458
|
- lib/license_finder/package_managers/rebar.rb
|
|
459
459
|
- lib/license_finder/package_managers/sbt.rb
|
|
460
|
+
- lib/license_finder/package_managers/spm.rb
|
|
460
461
|
- lib/license_finder/package_managers/trash.rb
|
|
461
462
|
- lib/license_finder/package_managers/yarn.rb
|
|
462
463
|
- lib/license_finder/package_utils/activation.rb
|
|
@@ -489,6 +490,7 @@ files:
|
|
|
489
490
|
- lib/license_finder/packages/pip_package.rb
|
|
490
491
|
- lib/license_finder/packages/rebar_package.rb
|
|
491
492
|
- lib/license_finder/packages/sbt_package.rb
|
|
493
|
+
- lib/license_finder/packages/spm_package.rb
|
|
492
494
|
- lib/license_finder/packages/yarn_package.rb
|
|
493
495
|
- lib/license_finder/platform.rb
|
|
494
496
|
- lib/license_finder/project_finder.rb
|