license_finder 6.3.0 → 6.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +6 -0
- data/CHANGELOG.md +20 -0
- data/Dockerfile +2 -2
- data/README.md +2 -2
- data/Rakefile +1 -1
- data/VERSION +1 -1
- data/ci/tasks/rubocop.yml +1 -1
- data/lib/license_finder/cli.rb +1 -0
- data/lib/license_finder/cli/base.rb +1 -0
- data/lib/license_finder/cli/inherited_decisions.rb +32 -0
- data/lib/license_finder/cli/main.rb +3 -1
- data/lib/license_finder/configuration.rb +4 -0
- data/lib/license_finder/decision_applier.rb +8 -4
- data/lib/license_finder/decisions.rb +63 -20
- data/lib/license_finder/license/definitions.rb +3 -2
- data/lib/license_finder/license/templates/SimplifiedBSD.txt +0 -4
- data/lib/license_finder/license/text.rb +24 -2
- data/lib/license_finder/package.rb +2 -1
- data/lib/license_finder/package_managers/go_15vendorexperiment.rb +1 -1
- data/lib/license_finder/package_managers/nuget.rb +3 -1
- data/lib/license_finder/package_managers/yarn.rb +16 -2
- data/lib/license_finder/packages/bower_package.rb +7 -0
- data/lib/license_finder/packages/bundler_package.rb +4 -0
- data/lib/license_finder/packages/cargo_package.rb +4 -0
- data/lib/license_finder/packages/cocoa_pods_package.rb +4 -0
- data/lib/license_finder/packages/composer_package.rb +4 -0
- data/lib/license_finder/packages/conan_package.rb +4 -0
- data/lib/license_finder/packages/go_package.rb +4 -0
- data/lib/license_finder/packages/gradle_package.rb +4 -0
- data/lib/license_finder/packages/maven_package.rb +4 -0
- data/lib/license_finder/packages/merged_package.rb +1 -1
- data/lib/license_finder/packages/mix_package.rb +4 -0
- data/lib/license_finder/packages/npm_package.rb +4 -0
- data/lib/license_finder/packages/nuget_package.rb +4 -0
- data/lib/license_finder/packages/pip_package.rb +4 -0
- data/lib/license_finder/packages/rebar_package.rb +4 -0
- data/lib/license_finder/packages/yarn_package.rb +4 -0
- data/lib/license_finder/reports/csv_report.rb +7 -3
- data/lib/license_finder/reports/json_report.rb +2 -0
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 49007dc96f2251e1f02fb489fbef1819bfa1a075bfe27037ad8dc3ead458dcb1
|
|
4
|
+
data.tar.gz: 618df1ba6cea281f398bd8d9e4123d67bbe8ae30b40998ed3efe6207bf430a6f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 778ff393ca3575be42a792f17b26090a0bb665e4478c0bb1cedc59752c5f52f30ed1697da1080e313208694df1ff198431c9a88408d6196897bea098bc01ff0f
|
|
7
|
+
data.tar.gz: c94eb0ac3628a8a82165f2b86eff419e6a8337df0e6cf43032ad82482fb00db22caede28cb3f3fa6d2b829465bb40a0c05d09732aa928eee6873eb73f74cae42
|
data/.rubocop.yml
CHANGED
|
@@ -48,6 +48,12 @@ Style/MissingRespondToMissing:
|
|
|
48
48
|
Enabled: false
|
|
49
49
|
Style/FormatStringToken:
|
|
50
50
|
EnforcedStyle: unannotated
|
|
51
|
+
Style/HashEachMethods:
|
|
52
|
+
Enabled: true
|
|
53
|
+
Style/HashTransformKeys:
|
|
54
|
+
Enabled: true
|
|
55
|
+
Style/HashTransformValues:
|
|
56
|
+
Enabled: true
|
|
51
57
|
Layout/MultilineMethodCallIndentation:
|
|
52
58
|
Enabled: false
|
|
53
59
|
DoubleNegation:
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,17 @@
|
|
|
1
|
+
# [6.4.0] / 2020-05-22
|
|
2
|
+
|
|
3
|
+
### Added
|
|
4
|
+
* install path for nuget dependencies [#172251374] - [ad73c946](https://github.com/pivotal/LicenseFinder/commit/ad73c946113846f8f548adfc73542aebb3763175) - Jeff Jun
|
|
5
|
+
* new Rubocop cops - [c4cc6b8b](https://github.com/pivotal/LicenseFinder/commit/c4cc6b8b13273db17b65cecaf24c9053e4989ea1) - Jeff Jun
|
|
6
|
+
|
|
7
|
+
### Fixed
|
|
8
|
+
* Separate lines in license text with LF when exported to JSON - [baddb976](https://github.com/pivotal/LicenseFinder/commit/baddb976e7a8683c5cc320eddc8c2712dfb16c15) - Robert Huitl
|
|
9
|
+
|
|
10
|
+
### Changed
|
|
11
|
+
* updated Simplifed BSD license made license detection from templates more flexible [#171961625] - [acf57057](https://github.com/pivotal/LicenseFinder/commit/acf570573b4a2414d9c43212dea5d4ecb157319e) - Jeff Jun
|
|
12
|
+
|
|
13
|
+
* Update Ruby version to 2.7.1 [#172295831] - [475e2948](https://github.com/pivotal/LicenseFinder/commit/475e2948ec1ad859aee59e77aa9ce2a51e1a5029)
|
|
14
|
+
|
|
1
15
|
# [6.3.0] / 2020-05-06
|
|
2
16
|
|
|
3
17
|
### Added
|
|
@@ -10,6 +24,11 @@
|
|
|
10
24
|
* Bump PHP version to 7.3 - [1c3c3271](https://github.com/pivotal/LicenseFinder/commit/1c3c3271b977a6c8d24e4159a6b8098a51086522)
|
|
11
25
|
* Remove +compatible in Go package versions [#171754392] - [5cba5801](https://github.com/pivotal/LicenseFinder/commit/5cba5801f4f276482f01bfeea46fde0dbbcce7b1)
|
|
12
26
|
|
|
27
|
+
### Fixed
|
|
28
|
+
* Fixed Maven Package manager Groups check - [5058d90](https://github.com/pivotal/LicenseFinder/commit/5058d90246a25ca15c72e0eed8e19ebbf7e39998) - Ravi Soni
|
|
29
|
+
* GoModules: fix compute with vendor mod - [067eb19](https://github.com/pivotal/LicenseFinder/commit/067eb1916ce024039631bdbd4114ababa6c02c3a) - forelabs
|
|
30
|
+
* Do not set Bundle path. Bundler will figure it out. - [6319a7a](https://github.com/pivotal/LicenseFinder/commit/6319a7a281bd9cc997c08c903674ab51fcc6545e) - mvz
|
|
31
|
+
|
|
13
32
|
# [6.2.0] / 2020-04-07
|
|
14
33
|
|
|
15
34
|
### Fixed
|
|
@@ -837,3 +856,4 @@ Bugfixes:
|
|
|
837
856
|
[6.1.2]: https://github.com/pivotal/LicenseFinder/compare/v6.1.0...v6.1.2
|
|
838
857
|
[6.2.0]: https://github.com/pivotal/LicenseFinder/compare/v6.1.2...v6.2.0
|
|
839
858
|
[6.3.0]: https://github.com/pivotal/LicenseFinder/compare/v6.2.0...v6.3.0
|
|
859
|
+
[6.4.0]: https://github.com/pivotal/LicenseFinder/compare/v6.3.0...v6.4.0
|
data/Dockerfile
CHANGED
|
@@ -7,7 +7,7 @@ ENV GO_LANG_VERSION 1.13.3
|
|
|
7
7
|
ENV MAVEN_VERSION 3.6.0
|
|
8
8
|
ENV SBT_VERSION 1.3.3
|
|
9
9
|
ENV GRADLE_VERSION 5.6.4
|
|
10
|
-
ENV RUBY_VERSION 2.
|
|
10
|
+
ENV RUBY_VERSION 2.7.1
|
|
11
11
|
ENV MIX_VERSION 1.0
|
|
12
12
|
ENV COMPOSER_ALLOW_SUPERUSER 1
|
|
13
13
|
|
|
@@ -155,7 +155,7 @@ RUN wget -q https://packages.microsoft.com/config/ubuntu/16.04/packages-microsof
|
|
|
155
155
|
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 4F4EA0AAE5267A6C &&\
|
|
156
156
|
echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu xenial main" | sudo tee /etc/apt/sources.list.d/php.list &&\
|
|
157
157
|
apt-get update &&\
|
|
158
|
-
apt-get install -y php7.
|
|
158
|
+
apt-get install -y php7.4-cli &&\
|
|
159
159
|
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" &&\
|
|
160
160
|
php -r "if (hash_file('sha384', 'composer-setup.php') === 'e0012edf3e80b6978849f5eff0d4b4e4c79ff1609dd1e613307e16318854d24ae64f26d17af3ef0bf7cfb710ca74755a') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" &&\
|
|
161
161
|
php composer-setup.php &&\
|
data/README.md
CHANGED
|
@@ -7,7 +7,7 @@ Build status
|
|
|
7
7
|
* Ruby 2.4.9 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
8
8
|
* Ruby 2.5.7 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
9
9
|
* Ruby 2.6.5 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
10
|
-
* Ruby 2.7.
|
|
10
|
+
* Ruby 2.7.1 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
11
11
|
* JRuby 9.2.9.0 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
12
12
|
|
|
13
13
|
|
|
@@ -359,7 +359,7 @@ $ license_finder dependencies remove my_js_dep
|
|
|
359
359
|
Sometimes a project will have development or test dependencies which
|
|
360
360
|
you don't want to track. You can exclude theses dependencies by running
|
|
361
361
|
`license_finder ignored_groups`. (Currently this only works for packages
|
|
362
|
-
managed by Bundler, NPM, and Nuget.)
|
|
362
|
+
managed by Bundler, NPM, Yarn, Maven, Pip2, Pip3, and Nuget.)
|
|
363
363
|
|
|
364
364
|
On rare occasions a package manager will report an individual dependency
|
|
365
365
|
that you want to exclude from all reports, even though it is approved.
|
data/Rakefile
CHANGED
|
@@ -63,7 +63,7 @@ task :update_pipeline, [:slack_url, :slack_channel] do |_, args|
|
|
|
63
63
|
puts 'Warning: You should provide slack channel and url to receive slack notifications on build failures'
|
|
64
64
|
end
|
|
65
65
|
|
|
66
|
-
ruby_versions = %w[2.7.
|
|
66
|
+
ruby_versions = %w[2.7.1 2.6.5 2.5.7 2.4.9 2.3.8 jruby-9.2.9.0]
|
|
67
67
|
|
|
68
68
|
params = []
|
|
69
69
|
params << "ruby_versions=#{ruby_versions.join(',')}"
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
6.
|
|
1
|
+
6.4.0
|
data/ci/tasks/rubocop.yml
CHANGED
data/lib/license_finder/cli.rb
CHANGED
|
@@ -8,6 +8,7 @@ end
|
|
|
8
8
|
require 'license_finder/cli/patched_thor'
|
|
9
9
|
require 'license_finder/cli/base'
|
|
10
10
|
require 'license_finder/cli/makes_decisions'
|
|
11
|
+
require 'license_finder/cli/inherited_decisions'
|
|
11
12
|
require 'license_finder/cli/permitted_licenses'
|
|
12
13
|
require 'license_finder/cli/restricted_licenses'
|
|
13
14
|
require 'license_finder/cli/dependencies'
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module LicenseFinder
|
|
4
|
+
module CLI
|
|
5
|
+
class InheritedDecisions < Base
|
|
6
|
+
extend Subcommand
|
|
7
|
+
include MakesDecisions
|
|
8
|
+
|
|
9
|
+
desc 'list', 'List all the inherited decision files'
|
|
10
|
+
def list
|
|
11
|
+
say 'Inherited Decision Files:', :blue
|
|
12
|
+
say_each(decisions.inherited_decisions)
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
auditable
|
|
16
|
+
desc 'add DECISION_FILE...', 'Add one or more decision files to the inherited decisions'
|
|
17
|
+
def add(*decision_files)
|
|
18
|
+
assert_some decision_files
|
|
19
|
+
modifying { decision_files.each { |filepath| decisions.inherit_from(filepath) } }
|
|
20
|
+
say "Added #{decision_files.join(', ')} to the inherited decisions"
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
auditable
|
|
24
|
+
desc 'remove DECISION_FILE...', 'Remove one or more decision files from the inherited decisions'
|
|
25
|
+
def remove(*decision_files)
|
|
26
|
+
assert_some decision_files
|
|
27
|
+
modifying { decision_files.each { |filepath| decisions.remove_inheritance(filepath) } }
|
|
28
|
+
say "Removed #{decision_files.join(', ')} from the inherited decisions"
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
end
|
|
@@ -140,6 +140,7 @@ module LicenseFinder
|
|
|
140
140
|
desc 'report', "Print a report of the project's dependencies to stdout"
|
|
141
141
|
shared_options
|
|
142
142
|
format_option
|
|
143
|
+
method_option :write_headers, type: :boolean, desc: 'Write exported columns as header row (csv).', default: false, required: false
|
|
143
144
|
method_option :save, desc: "Save report to a file. Default: 'license_report.csv' in project root.", lazy_default: 'license_report'
|
|
144
145
|
|
|
145
146
|
def report
|
|
@@ -171,6 +172,7 @@ module LicenseFinder
|
|
|
171
172
|
subcommand 'permitted_licenses', PermittedLicenses, 'Automatically approve any dependency that has a permitted license'
|
|
172
173
|
subcommand 'restricted_licenses', RestrictedLicenses, 'Forbid approval of any dependency whose licenses are all restricted'
|
|
173
174
|
subcommand 'project_name', ProjectName, 'Set the project name, for display in reports'
|
|
175
|
+
subcommand 'inherited_decisions', InheritedDecisions, 'Add or remove decision files you want to inherit from'
|
|
174
176
|
|
|
175
177
|
private
|
|
176
178
|
|
|
@@ -203,7 +205,7 @@ module LicenseFinder
|
|
|
203
205
|
def report_of(content)
|
|
204
206
|
report = FORMATS[config.format] || FORMATS['text']
|
|
205
207
|
report = MergedReport if report == CsvReport && config.aggregate_paths
|
|
206
|
-
report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s)
|
|
208
|
+
report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s, write_headers: config.write_headers)
|
|
207
209
|
end
|
|
208
210
|
|
|
209
211
|
def save?
|
|
@@ -4,7 +4,7 @@ module LicenseFinder
|
|
|
4
4
|
class DecisionApplier
|
|
5
5
|
def initialize(options)
|
|
6
6
|
@decisions = options.fetch(:decisions)
|
|
7
|
-
@all_packages =
|
|
7
|
+
@all_packages = options.fetch(:packages).to_set + @decisions.packages.to_set
|
|
8
8
|
@acknowledged = apply_decisions
|
|
9
9
|
end
|
|
10
10
|
|
|
@@ -28,10 +28,14 @@ module LicenseFinder
|
|
|
28
28
|
|
|
29
29
|
def apply_decisions
|
|
30
30
|
all_packages
|
|
31
|
-
.map { |package| with_decided_licenses(package) }
|
|
32
|
-
.map { |package| with_approval(package) }
|
|
33
|
-
.map { |package| with_homepage(package) }
|
|
34
31
|
.reject { |package| ignored?(package) }
|
|
32
|
+
.map do |package|
|
|
33
|
+
with_homepage(
|
|
34
|
+
with_approval(
|
|
35
|
+
with_decided_licenses(package)
|
|
36
|
+
)
|
|
37
|
+
)
|
|
38
|
+
end
|
|
35
39
|
end
|
|
36
40
|
|
|
37
41
|
def ignored?(package)
|
|
@@ -1,12 +1,14 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require 'open-uri'
|
|
4
|
+
|
|
3
5
|
module LicenseFinder
|
|
4
6
|
class Decisions
|
|
5
7
|
######
|
|
6
8
|
# READ
|
|
7
9
|
######
|
|
8
10
|
|
|
9
|
-
attr_reader :packages, :permitted, :restricted, :ignored, :ignored_groups, :project_name
|
|
11
|
+
attr_reader :packages, :permitted, :restricted, :ignored, :ignored_groups, :project_name, :inherited_decisions
|
|
10
12
|
|
|
11
13
|
def licenses_of(name)
|
|
12
14
|
@licenses[name]
|
|
@@ -72,40 +74,41 @@ module LicenseFinder
|
|
|
72
74
|
@restricted = Set.new
|
|
73
75
|
@ignored = Set.new
|
|
74
76
|
@ignored_groups = Set.new
|
|
77
|
+
@inherited_decisions = Set.new
|
|
75
78
|
end
|
|
76
79
|
|
|
77
80
|
def add_package(name, version, txn = {})
|
|
78
|
-
|
|
81
|
+
add_decision [:add_package, name, version, txn]
|
|
79
82
|
@packages << ManualPackage.new(name, version)
|
|
80
83
|
self
|
|
81
84
|
end
|
|
82
85
|
|
|
83
86
|
def remove_package(name, txn = {})
|
|
84
|
-
|
|
87
|
+
add_decision [:remove_package, name, txn]
|
|
85
88
|
@packages.delete(ManualPackage.new(name))
|
|
86
89
|
self
|
|
87
90
|
end
|
|
88
91
|
|
|
89
92
|
def license(name, lic, txn = {})
|
|
90
|
-
|
|
93
|
+
add_decision [:license, name, lic, txn]
|
|
91
94
|
@licenses[name] << License.find_by_name(lic)
|
|
92
95
|
self
|
|
93
96
|
end
|
|
94
97
|
|
|
95
98
|
def unlicense(name, lic, txn = {})
|
|
96
|
-
|
|
99
|
+
add_decision [:unlicense, name, lic, txn]
|
|
97
100
|
@licenses[name].delete(License.find_by_name(lic))
|
|
98
101
|
self
|
|
99
102
|
end
|
|
100
103
|
|
|
101
104
|
def homepage(name, homepage, txn = {})
|
|
102
|
-
|
|
105
|
+
add_decision [:homepage, name, homepage, txn]
|
|
103
106
|
@homepages[name] = homepage
|
|
104
107
|
self
|
|
105
108
|
end
|
|
106
109
|
|
|
107
110
|
def approve(name, txn = {})
|
|
108
|
-
|
|
111
|
+
add_decision [:approve, name, txn]
|
|
109
112
|
|
|
110
113
|
versions = []
|
|
111
114
|
versions = @approvals[name][:safe_versions] if @approvals.key?(name)
|
|
@@ -115,71 +118,112 @@ module LicenseFinder
|
|
|
115
118
|
end
|
|
116
119
|
|
|
117
120
|
def unapprove(name, txn = {})
|
|
118
|
-
|
|
121
|
+
add_decision [:unapprove, name, txn]
|
|
119
122
|
@approvals.delete(name)
|
|
120
123
|
self
|
|
121
124
|
end
|
|
122
125
|
|
|
123
126
|
def permit(lic, txn = {})
|
|
124
|
-
|
|
127
|
+
add_decision [:permit, lic, txn]
|
|
125
128
|
@permitted << License.find_by_name(lic)
|
|
126
129
|
self
|
|
127
130
|
end
|
|
128
131
|
|
|
129
132
|
def unpermit(lic, txn = {})
|
|
130
|
-
|
|
133
|
+
add_decision [:unpermit, lic, txn]
|
|
131
134
|
@permitted.delete(License.find_by_name(lic))
|
|
132
135
|
self
|
|
133
136
|
end
|
|
134
137
|
|
|
135
138
|
def restrict(lic, txn = {})
|
|
136
|
-
|
|
139
|
+
add_decision [:restrict, lic, txn]
|
|
137
140
|
@restricted << License.find_by_name(lic)
|
|
138
141
|
self
|
|
139
142
|
end
|
|
140
143
|
|
|
141
144
|
def unrestrict(lic, txn = {})
|
|
142
|
-
|
|
145
|
+
add_decision [:unrestrict, lic, txn]
|
|
143
146
|
@restricted.delete(License.find_by_name(lic))
|
|
144
147
|
self
|
|
145
148
|
end
|
|
146
149
|
|
|
147
150
|
def ignore(name, txn = {})
|
|
148
|
-
|
|
151
|
+
add_decision [:ignore, name, txn]
|
|
149
152
|
@ignored << name
|
|
150
153
|
self
|
|
151
154
|
end
|
|
152
155
|
|
|
153
156
|
def heed(name, txn = {})
|
|
154
|
-
|
|
157
|
+
add_decision [:heed, name, txn]
|
|
155
158
|
@ignored.delete(name)
|
|
156
159
|
self
|
|
157
160
|
end
|
|
158
161
|
|
|
159
162
|
def ignore_group(name, txn = {})
|
|
160
|
-
|
|
163
|
+
add_decision [:ignore_group, name, txn]
|
|
161
164
|
@ignored_groups << name
|
|
162
165
|
self
|
|
163
166
|
end
|
|
164
167
|
|
|
165
168
|
def heed_group(name, txn = {})
|
|
166
|
-
|
|
169
|
+
add_decision [:heed_group, name, txn]
|
|
167
170
|
@ignored_groups.delete(name)
|
|
168
171
|
self
|
|
169
172
|
end
|
|
170
173
|
|
|
171
174
|
def name_project(name, txn = {})
|
|
172
|
-
|
|
175
|
+
add_decision [:name_project, name, txn]
|
|
173
176
|
@project_name = name
|
|
174
177
|
self
|
|
175
178
|
end
|
|
176
179
|
|
|
177
180
|
def unname_project(txn = {})
|
|
178
|
-
|
|
181
|
+
add_decision [:unname_project, txn]
|
|
179
182
|
@project_name = nil
|
|
180
183
|
self
|
|
181
184
|
end
|
|
182
185
|
|
|
186
|
+
def inherit_from(filepath)
|
|
187
|
+
decisions =
|
|
188
|
+
if filepath =~ %r{^https?://}
|
|
189
|
+
open_uri(filepath).read
|
|
190
|
+
else
|
|
191
|
+
Pathname(filepath).read
|
|
192
|
+
end
|
|
193
|
+
|
|
194
|
+
add_decision [:inherit_from, filepath]
|
|
195
|
+
@inherited_decisions << filepath
|
|
196
|
+
restore_inheritance(decisions)
|
|
197
|
+
end
|
|
198
|
+
|
|
199
|
+
def remove_inheritance(filepath)
|
|
200
|
+
@decisions -= [[:inherit_from, filepath]]
|
|
201
|
+
@inherited_decisions.delete(filepath)
|
|
202
|
+
self
|
|
203
|
+
end
|
|
204
|
+
|
|
205
|
+
def add_decision(decision)
|
|
206
|
+
@decisions << decision unless @inherited
|
|
207
|
+
end
|
|
208
|
+
|
|
209
|
+
def restore_inheritance(decisions)
|
|
210
|
+
@inherited = true
|
|
211
|
+
self.class.restore(decisions, self)
|
|
212
|
+
@inherited = false
|
|
213
|
+
self
|
|
214
|
+
end
|
|
215
|
+
|
|
216
|
+
def open_uri(uri)
|
|
217
|
+
# ruby < 2.5.0 URI.open is private
|
|
218
|
+
if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.5.0')
|
|
219
|
+
# rubocop:disable Security/Open
|
|
220
|
+
open(uri)
|
|
221
|
+
# rubocop:enable Security/Open
|
|
222
|
+
else
|
|
223
|
+
URI.open(uri)
|
|
224
|
+
end
|
|
225
|
+
end
|
|
226
|
+
|
|
183
227
|
#########
|
|
184
228
|
# PERSIST
|
|
185
229
|
#########
|
|
@@ -192,8 +236,7 @@ module LicenseFinder
|
|
|
192
236
|
write!(persist, file)
|
|
193
237
|
end
|
|
194
238
|
|
|
195
|
-
def self.restore(persisted)
|
|
196
|
-
result = new
|
|
239
|
+
def self.restore(persisted, result = new)
|
|
197
240
|
return result unless persisted
|
|
198
241
|
|
|
199
242
|
actions = YAML.load(persisted)
|
|
@@ -294,9 +294,10 @@ module LicenseFinder
|
|
|
294
294
|
def wtfpl
|
|
295
295
|
License.new(
|
|
296
296
|
short_name: 'WTFPL',
|
|
297
|
-
pretty_name: '
|
|
297
|
+
pretty_name: 'WTFPL',
|
|
298
298
|
other_names: [
|
|
299
|
-
'WTFPL V2'
|
|
299
|
+
'WTFPL V2',
|
|
300
|
+
'Do What The Fuck You Want To Public License'
|
|
300
301
|
],
|
|
301
302
|
url: 'http://www.wtfpl.net/'
|
|
302
303
|
)
|
|
@@ -17,7 +17,3 @@ LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
|
17
17
|
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
18
18
|
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
19
19
|
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
20
|
-
|
|
21
|
-
The views and conclusions contained in the software and documentation are those
|
|
22
|
-
of the authors and should not be interpreted as representing official policies,
|
|
23
|
-
either expressed or implied, of the FreeBSD Project.
|
|
@@ -6,15 +6,37 @@ module LicenseFinder
|
|
|
6
6
|
SPACES = /\s+/.freeze
|
|
7
7
|
QUOTES = /['`"]{1,2}/.freeze
|
|
8
8
|
PLACEHOLDERS = /<[^<>]+>/.freeze
|
|
9
|
+
SPECIAL_SINGLE_QUOTES = /[‘’]/.freeze
|
|
10
|
+
SPECIAL_DOUBLE_QUOTES = /[“”„«»]/.freeze
|
|
11
|
+
ALPHABET_ORDERED_LIST = /\\\([a-z]\\\)\\\s/.freeze
|
|
12
|
+
ALPHABET_ORDERED_LIST_OPTIONAL = '(\([a-z]\)\s)?'
|
|
13
|
+
LIST_BULLETS = /(\d{1,2}\\\.|\\\*)\\\s/.freeze
|
|
14
|
+
LIST_BULLETS_OPTIONAL = '(\d{1,2}.|\*)?\s*'
|
|
15
|
+
NEWLINE_CHARACTER = /\n+/.freeze
|
|
16
|
+
QUOTE_COMMENT_CHARACTER = /^\s*\>+/.freeze
|
|
17
|
+
ESCAPED_QUOTES = /\\\"/.freeze
|
|
9
18
|
|
|
10
19
|
def self.normalize_punctuation(text)
|
|
11
|
-
text.
|
|
20
|
+
text.dup.force_encoding('UTF-8')
|
|
21
|
+
.gsub(SPECIAL_DOUBLE_QUOTES, '"')
|
|
22
|
+
.gsub(SPECIAL_SINGLE_QUOTES, "'")
|
|
23
|
+
.gsub(QUOTE_COMMENT_CHARACTER, '')
|
|
24
|
+
.gsub(SPACES, ' ')
|
|
25
|
+
.gsub(NEWLINE_CHARACTER, ' ')
|
|
26
|
+
.gsub(ESCAPED_QUOTES, '"')
|
|
12
27
|
.gsub(QUOTES, '"')
|
|
13
28
|
.strip
|
|
29
|
+
rescue ArgumentError => _e
|
|
30
|
+
text
|
|
14
31
|
end
|
|
15
32
|
|
|
16
33
|
def self.compile_to_regex(text)
|
|
17
|
-
Regexp.new(Regexp.escape(text)
|
|
34
|
+
Regexp.new(Regexp.escape(normalize_punctuation(text))
|
|
35
|
+
.gsub(PLACEHOLDERS, '(.*)')
|
|
36
|
+
.gsub(',', '(,)?')
|
|
37
|
+
.gsub('HOLDER', '(HOLDER|OWNER)')
|
|
38
|
+
.gsub(ALPHABET_ORDERED_LIST, ALPHABET_ORDERED_LIST_OPTIONAL)
|
|
39
|
+
.gsub(LIST_BULLETS, LIST_BULLETS_OPTIONAL))
|
|
18
40
|
end
|
|
19
41
|
end
|
|
20
42
|
end
|
|
@@ -43,6 +43,7 @@ module LicenseFinder
|
|
|
43
43
|
@summary = options[:summary] || ''
|
|
44
44
|
@description = options[:description] || ''
|
|
45
45
|
@homepage = options[:homepage] || ''
|
|
46
|
+
@package_url = options[:package_url].to_s
|
|
46
47
|
@children = options[:children] || []
|
|
47
48
|
@parents = Set.new # will be figured out later by package manager
|
|
48
49
|
@groups = options[:groups] || []
|
|
@@ -61,7 +62,7 @@ module LicenseFinder
|
|
|
61
62
|
|
|
62
63
|
## DESCRIPTION
|
|
63
64
|
|
|
64
|
-
attr_accessor :homepage
|
|
65
|
+
attr_accessor :homepage, :package_url
|
|
65
66
|
|
|
66
67
|
attr_reader :name, :version, :authors,
|
|
67
68
|
:summary, :description,
|
|
@@ -51,7 +51,9 @@ module LicenseFinder
|
|
|
51
51
|
def current_packages
|
|
52
52
|
dependencies.each_with_object({}) do |dep, memo|
|
|
53
53
|
licenses = license_urls(dep)
|
|
54
|
-
|
|
54
|
+
path = Dir.glob("#{Dir.home}/.nuget/packages/#{dep.name.downcase}/#{dep.version}").first
|
|
55
|
+
|
|
56
|
+
memo[dep.name] ||= NugetPackage.new(dep.name, dep.version, spec_licenses: licenses, install_path: path)
|
|
55
57
|
memo[dep.name].groups << dep.assembly unless memo[dep.name].groups.include? dep.assembly
|
|
56
58
|
end.values
|
|
57
59
|
end
|
|
@@ -72,11 +72,25 @@ module LicenseFinder
|
|
|
72
72
|
valid_packages = filter_yarn_internal_package(packages)
|
|
73
73
|
|
|
74
74
|
valid_packages.map do |package_hash|
|
|
75
|
-
YarnPackage.new(
|
|
76
|
-
|
|
75
|
+
YarnPackage.new(
|
|
76
|
+
package_hash['Name'],
|
|
77
|
+
package_hash['Version'],
|
|
78
|
+
spec_licenses: [package_hash['License']],
|
|
79
|
+
homepage: package_hash['VendorUrl'],
|
|
80
|
+
authors: package_hash['VendorName'],
|
|
81
|
+
install_path: project_path.join(modules_folder, package_hash['Name'])
|
|
82
|
+
)
|
|
77
83
|
end
|
|
78
84
|
end
|
|
79
85
|
|
|
86
|
+
def modules_folder
|
|
87
|
+
return @modules_folder if @modules_folder
|
|
88
|
+
|
|
89
|
+
stdout, _stderr, status = Cmd.run('yarn config get modules-folder')
|
|
90
|
+
@modules_folder = 'node_modules' if !status.success? || stdout.strip == 'undefined'
|
|
91
|
+
@modules_folder ||= stdout.strip
|
|
92
|
+
end
|
|
93
|
+
|
|
80
94
|
# remove fake package created by yarn [Yarn Bug]
|
|
81
95
|
def filter_yarn_internal_package(all_packages)
|
|
82
96
|
internal_package_pattern = /workspace-aggregator-[a-zA-z0-9]{8}-[a-zA-z0-9]{4}-[a-zA-z0-9]{4}-[a-zA-z0-9]{4}-[a-zA-z0-9]{12}/
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require 'open-uri'
|
|
4
|
+
|
|
3
5
|
module LicenseFinder
|
|
4
6
|
class BowerPackage < Package
|
|
5
7
|
def initialize(bower_module, options = {})
|
|
@@ -31,5 +33,10 @@ module LicenseFinder
|
|
|
31
33
|
def package_manager
|
|
32
34
|
'Bower'
|
|
33
35
|
end
|
|
36
|
+
|
|
37
|
+
def package_url
|
|
38
|
+
meta = JSON.parse(open("https://registry.bower.io/packages/#{CGI.escape(name)}").read)
|
|
39
|
+
meta['url']
|
|
40
|
+
end
|
|
34
41
|
end
|
|
35
42
|
end
|
|
@@ -11,7 +11,7 @@ module LicenseFinder
|
|
|
11
11
|
super(package.name, package.version)
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
-
def_delegators :@dependency, :name, :version, :authors, :summary, :description, :homepage, :children, :parents,
|
|
14
|
+
def_delegators :@dependency, :name, :version, :authors, :summary, :description, :homepage, :package_url, :children, :parents,
|
|
15
15
|
:groups, :permitted, :restricted, :manual_approval, :install_path, :licenses, :approved_manually?,
|
|
16
16
|
:approved_manually!, :approved?, :permitted!, :permitted?, :restricted!, :restricted?, :hash,
|
|
17
17
|
:activations, :missing, :license_names_from_spec, :decided_licenses, :licensing, :decide_on_license,
|
|
@@ -3,6 +3,7 @@ require 'csv'
|
|
|
3
3
|
module LicenseFinder
|
|
4
4
|
class CsvReport < Report
|
|
5
5
|
COMMA_SEP = ','.freeze
|
|
6
|
+
NEWLINE_SEP = '\@NL'.freeze
|
|
6
7
|
AVAILABLE_COLUMNS = %w[name version authors licenses license_links approved summary description homepage install_path package_manager groups texts notice].freeze
|
|
7
8
|
MISSING_DEPENDENCY_TEXT = 'This package is not installed. Please install to determine licenses.'.freeze
|
|
8
9
|
|
|
@@ -10,10 +11,11 @@ module LicenseFinder
|
|
|
10
11
|
super
|
|
11
12
|
options[:columns] ||= %w[name version licenses]
|
|
12
13
|
@columns = Array(options[:columns]) & self.class::AVAILABLE_COLUMNS
|
|
14
|
+
@write_headers = options[:write_headers] || false
|
|
13
15
|
end
|
|
14
16
|
|
|
15
17
|
def to_s
|
|
16
|
-
CSV.generate(col_sep: self.class::COMMA_SEP) do |csv|
|
|
18
|
+
CSV.generate(col_sep: self.class::COMMA_SEP, headers: @columns, write_headers: @write_headers) do |csv|
|
|
17
19
|
sorted_dependencies.each do |s|
|
|
18
20
|
csv << format_dependency(s)
|
|
19
21
|
end
|
|
@@ -29,11 +31,13 @@ module LicenseFinder
|
|
|
29
31
|
end
|
|
30
32
|
|
|
31
33
|
def format_texts(dep)
|
|
32
|
-
dep.license_files.map { |file| file.text.split(/[\n\r]+/).join(
|
|
34
|
+
dep.license_files.map { |file| file.text.split(/[\n\r]+/).join(self.class::NEWLINE_SEP) }
|
|
35
|
+
.join(self.class::NEWLINE_SEP).force_encoding("ISO-8859-1").encode("UTF-8")
|
|
33
36
|
end
|
|
34
37
|
|
|
35
38
|
def format_notice(dep)
|
|
36
|
-
dep.notice_files.map { |file| file.text.split(/[\n\r]+/).join(
|
|
39
|
+
dep.notice_files.map { |file| file.text.split(/[\n\r]+/).join(self.class::NEWLINE_SEP) }
|
|
40
|
+
.join(self.class::NEWLINE_SEP).force_encoding("ISO-8859-1").encode("UTF-8")
|
|
37
41
|
end
|
|
38
42
|
|
|
39
43
|
def format_name(dep)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: license_finder
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.
|
|
4
|
+
version: 6.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ryan Collins
|
|
@@ -27,7 +27,7 @@ authors:
|
|
|
27
27
|
autorequire:
|
|
28
28
|
bindir: bin
|
|
29
29
|
cert_chain: []
|
|
30
|
-
date: 2020-05-
|
|
30
|
+
date: 2020-05-22 00:00:00.000000000 Z
|
|
31
31
|
dependencies:
|
|
32
32
|
- !ruby/object:Gem::Dependency
|
|
33
33
|
name: bundler
|
|
@@ -358,6 +358,7 @@ files:
|
|
|
358
358
|
- lib/license_finder/cli/dependencies.rb
|
|
359
359
|
- lib/license_finder/cli/ignored_dependencies.rb
|
|
360
360
|
- lib/license_finder/cli/ignored_groups.rb
|
|
361
|
+
- lib/license_finder/cli/inherited_decisions.rb
|
|
361
362
|
- lib/license_finder/cli/licenses.rb
|
|
362
363
|
- lib/license_finder/cli/main.rb
|
|
363
364
|
- lib/license_finder/cli/makes_decisions.rb
|