license_finder 6.3.0 → 6.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +6 -0
- data/CHANGELOG.md +20 -0
- data/Dockerfile +2 -2
- data/README.md +2 -2
- data/Rakefile +1 -1
- data/VERSION +1 -1
- data/ci/tasks/rubocop.yml +1 -1
- data/lib/license_finder/cli.rb +1 -0
- data/lib/license_finder/cli/base.rb +1 -0
- data/lib/license_finder/cli/inherited_decisions.rb +32 -0
- data/lib/license_finder/cli/main.rb +3 -1
- data/lib/license_finder/configuration.rb +4 -0
- data/lib/license_finder/decision_applier.rb +8 -4
- data/lib/license_finder/decisions.rb +63 -20
- data/lib/license_finder/license/definitions.rb +3 -2
- data/lib/license_finder/license/templates/SimplifiedBSD.txt +0 -4
- data/lib/license_finder/license/text.rb +24 -2
- data/lib/license_finder/package.rb +2 -1
- data/lib/license_finder/package_managers/go_15vendorexperiment.rb +1 -1
- data/lib/license_finder/package_managers/nuget.rb +3 -1
- data/lib/license_finder/package_managers/yarn.rb +16 -2
- data/lib/license_finder/packages/bower_package.rb +7 -0
- data/lib/license_finder/packages/bundler_package.rb +4 -0
- data/lib/license_finder/packages/cargo_package.rb +4 -0
- data/lib/license_finder/packages/cocoa_pods_package.rb +4 -0
- data/lib/license_finder/packages/composer_package.rb +4 -0
- data/lib/license_finder/packages/conan_package.rb +4 -0
- data/lib/license_finder/packages/go_package.rb +4 -0
- data/lib/license_finder/packages/gradle_package.rb +4 -0
- data/lib/license_finder/packages/maven_package.rb +4 -0
- data/lib/license_finder/packages/merged_package.rb +1 -1
- data/lib/license_finder/packages/mix_package.rb +4 -0
- data/lib/license_finder/packages/npm_package.rb +4 -0
- data/lib/license_finder/packages/nuget_package.rb +4 -0
- data/lib/license_finder/packages/pip_package.rb +4 -0
- data/lib/license_finder/packages/rebar_package.rb +4 -0
- data/lib/license_finder/packages/yarn_package.rb +4 -0
- data/lib/license_finder/reports/csv_report.rb +7 -3
- data/lib/license_finder/reports/json_report.rb +2 -0
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 49007dc96f2251e1f02fb489fbef1819bfa1a075bfe27037ad8dc3ead458dcb1
|
|
4
|
+
data.tar.gz: 618df1ba6cea281f398bd8d9e4123d67bbe8ae30b40998ed3efe6207bf430a6f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 778ff393ca3575be42a792f17b26090a0bb665e4478c0bb1cedc59752c5f52f30ed1697da1080e313208694df1ff198431c9a88408d6196897bea098bc01ff0f
|
|
7
|
+
data.tar.gz: c94eb0ac3628a8a82165f2b86eff419e6a8337df0e6cf43032ad82482fb00db22caede28cb3f3fa6d2b829465bb40a0c05d09732aa928eee6873eb73f74cae42
|
data/.rubocop.yml
CHANGED
|
@@ -48,6 +48,12 @@ Style/MissingRespondToMissing:
|
|
|
48
48
|
Enabled: false
|
|
49
49
|
Style/FormatStringToken:
|
|
50
50
|
EnforcedStyle: unannotated
|
|
51
|
+
Style/HashEachMethods:
|
|
52
|
+
Enabled: true
|
|
53
|
+
Style/HashTransformKeys:
|
|
54
|
+
Enabled: true
|
|
55
|
+
Style/HashTransformValues:
|
|
56
|
+
Enabled: true
|
|
51
57
|
Layout/MultilineMethodCallIndentation:
|
|
52
58
|
Enabled: false
|
|
53
59
|
DoubleNegation:
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,17 @@
|
|
|
1
|
+
# [6.4.0] / 2020-05-22
|
|
2
|
+
|
|
3
|
+
### Added
|
|
4
|
+
* install path for nuget dependencies [#172251374] - [ad73c946](https://github.com/pivotal/LicenseFinder/commit/ad73c946113846f8f548adfc73542aebb3763175) - Jeff Jun
|
|
5
|
+
* new Rubocop cops - [c4cc6b8b](https://github.com/pivotal/LicenseFinder/commit/c4cc6b8b13273db17b65cecaf24c9053e4989ea1) - Jeff Jun
|
|
6
|
+
|
|
7
|
+
### Fixed
|
|
8
|
+
* Separate lines in license text with LF when exported to JSON - [baddb976](https://github.com/pivotal/LicenseFinder/commit/baddb976e7a8683c5cc320eddc8c2712dfb16c15) - Robert Huitl
|
|
9
|
+
|
|
10
|
+
### Changed
|
|
11
|
+
* updated Simplifed BSD license made license detection from templates more flexible [#171961625] - [acf57057](https://github.com/pivotal/LicenseFinder/commit/acf570573b4a2414d9c43212dea5d4ecb157319e) - Jeff Jun
|
|
12
|
+
|
|
13
|
+
* Update Ruby version to 2.7.1 [#172295831] - [475e2948](https://github.com/pivotal/LicenseFinder/commit/475e2948ec1ad859aee59e77aa9ce2a51e1a5029)
|
|
14
|
+
|
|
1
15
|
# [6.3.0] / 2020-05-06
|
|
2
16
|
|
|
3
17
|
### Added
|
|
@@ -10,6 +24,11 @@
|
|
|
10
24
|
* Bump PHP version to 7.3 - [1c3c3271](https://github.com/pivotal/LicenseFinder/commit/1c3c3271b977a6c8d24e4159a6b8098a51086522)
|
|
11
25
|
* Remove +compatible in Go package versions [#171754392] - [5cba5801](https://github.com/pivotal/LicenseFinder/commit/5cba5801f4f276482f01bfeea46fde0dbbcce7b1)
|
|
12
26
|
|
|
27
|
+
### Fixed
|
|
28
|
+
* Fixed Maven Package manager Groups check - [5058d90](https://github.com/pivotal/LicenseFinder/commit/5058d90246a25ca15c72e0eed8e19ebbf7e39998) - Ravi Soni
|
|
29
|
+
* GoModules: fix compute with vendor mod - [067eb19](https://github.com/pivotal/LicenseFinder/commit/067eb1916ce024039631bdbd4114ababa6c02c3a) - forelabs
|
|
30
|
+
* Do not set Bundle path. Bundler will figure it out. - [6319a7a](https://github.com/pivotal/LicenseFinder/commit/6319a7a281bd9cc997c08c903674ab51fcc6545e) - mvz
|
|
31
|
+
|
|
13
32
|
# [6.2.0] / 2020-04-07
|
|
14
33
|
|
|
15
34
|
### Fixed
|
|
@@ -837,3 +856,4 @@ Bugfixes:
|
|
|
837
856
|
[6.1.2]: https://github.com/pivotal/LicenseFinder/compare/v6.1.0...v6.1.2
|
|
838
857
|
[6.2.0]: https://github.com/pivotal/LicenseFinder/compare/v6.1.2...v6.2.0
|
|
839
858
|
[6.3.0]: https://github.com/pivotal/LicenseFinder/compare/v6.2.0...v6.3.0
|
|
859
|
+
[6.4.0]: https://github.com/pivotal/LicenseFinder/compare/v6.3.0...v6.4.0
|
data/Dockerfile
CHANGED
|
@@ -7,7 +7,7 @@ ENV GO_LANG_VERSION 1.13.3
|
|
|
7
7
|
ENV MAVEN_VERSION 3.6.0
|
|
8
8
|
ENV SBT_VERSION 1.3.3
|
|
9
9
|
ENV GRADLE_VERSION 5.6.4
|
|
10
|
-
ENV RUBY_VERSION 2.
|
|
10
|
+
ENV RUBY_VERSION 2.7.1
|
|
11
11
|
ENV MIX_VERSION 1.0
|
|
12
12
|
ENV COMPOSER_ALLOW_SUPERUSER 1
|
|
13
13
|
|
|
@@ -155,7 +155,7 @@ RUN wget -q https://packages.microsoft.com/config/ubuntu/16.04/packages-microsof
|
|
|
155
155
|
RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 4F4EA0AAE5267A6C &&\
|
|
156
156
|
echo "deb http://ppa.launchpad.net/ondrej/php/ubuntu xenial main" | sudo tee /etc/apt/sources.list.d/php.list &&\
|
|
157
157
|
apt-get update &&\
|
|
158
|
-
apt-get install -y php7.
|
|
158
|
+
apt-get install -y php7.4-cli &&\
|
|
159
159
|
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" &&\
|
|
160
160
|
php -r "if (hash_file('sha384', 'composer-setup.php') === 'e0012edf3e80b6978849f5eff0d4b4e4c79ff1609dd1e613307e16318854d24ae64f26d17af3ef0bf7cfb710ca74755a') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" &&\
|
|
161
161
|
php composer-setup.php &&\
|
data/README.md
CHANGED
|
@@ -7,7 +7,7 @@ Build status
|
|
|
7
7
|
* Ruby 2.4.9 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
8
8
|
* Ruby 2.5.7 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
9
9
|
* Ruby 2.6.5 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
10
|
-
* Ruby 2.7.
|
|
10
|
+
* Ruby 2.7.1 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
11
11
|
* JRuby 9.2.9.0 [](https://norsk.cf-app.com/teams/main/pipelines/LicenseFinder)
|
|
12
12
|
|
|
13
13
|
|
|
@@ -359,7 +359,7 @@ $ license_finder dependencies remove my_js_dep
|
|
|
359
359
|
Sometimes a project will have development or test dependencies which
|
|
360
360
|
you don't want to track. You can exclude theses dependencies by running
|
|
361
361
|
`license_finder ignored_groups`. (Currently this only works for packages
|
|
362
|
-
managed by Bundler, NPM, and Nuget.)
|
|
362
|
+
managed by Bundler, NPM, Yarn, Maven, Pip2, Pip3, and Nuget.)
|
|
363
363
|
|
|
364
364
|
On rare occasions a package manager will report an individual dependency
|
|
365
365
|
that you want to exclude from all reports, even though it is approved.
|
data/Rakefile
CHANGED
|
@@ -63,7 +63,7 @@ task :update_pipeline, [:slack_url, :slack_channel] do |_, args|
|
|
|
63
63
|
puts 'Warning: You should provide slack channel and url to receive slack notifications on build failures'
|
|
64
64
|
end
|
|
65
65
|
|
|
66
|
-
ruby_versions = %w[2.7.
|
|
66
|
+
ruby_versions = %w[2.7.1 2.6.5 2.5.7 2.4.9 2.3.8 jruby-9.2.9.0]
|
|
67
67
|
|
|
68
68
|
params = []
|
|
69
69
|
params << "ruby_versions=#{ruby_versions.join(',')}"
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
6.
|
|
1
|
+
6.4.0
|
data/ci/tasks/rubocop.yml
CHANGED
data/lib/license_finder/cli.rb
CHANGED
|
@@ -8,6 +8,7 @@ end
|
|
|
8
8
|
require 'license_finder/cli/patched_thor'
|
|
9
9
|
require 'license_finder/cli/base'
|
|
10
10
|
require 'license_finder/cli/makes_decisions'
|
|
11
|
+
require 'license_finder/cli/inherited_decisions'
|
|
11
12
|
require 'license_finder/cli/permitted_licenses'
|
|
12
13
|
require 'license_finder/cli/restricted_licenses'
|
|
13
14
|
require 'license_finder/cli/dependencies'
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module LicenseFinder
|
|
4
|
+
module CLI
|
|
5
|
+
class InheritedDecisions < Base
|
|
6
|
+
extend Subcommand
|
|
7
|
+
include MakesDecisions
|
|
8
|
+
|
|
9
|
+
desc 'list', 'List all the inherited decision files'
|
|
10
|
+
def list
|
|
11
|
+
say 'Inherited Decision Files:', :blue
|
|
12
|
+
say_each(decisions.inherited_decisions)
|
|
13
|
+
end
|
|
14
|
+
|
|
15
|
+
auditable
|
|
16
|
+
desc 'add DECISION_FILE...', 'Add one or more decision files to the inherited decisions'
|
|
17
|
+
def add(*decision_files)
|
|
18
|
+
assert_some decision_files
|
|
19
|
+
modifying { decision_files.each { |filepath| decisions.inherit_from(filepath) } }
|
|
20
|
+
say "Added #{decision_files.join(', ')} to the inherited decisions"
|
|
21
|
+
end
|
|
22
|
+
|
|
23
|
+
auditable
|
|
24
|
+
desc 'remove DECISION_FILE...', 'Remove one or more decision files from the inherited decisions'
|
|
25
|
+
def remove(*decision_files)
|
|
26
|
+
assert_some decision_files
|
|
27
|
+
modifying { decision_files.each { |filepath| decisions.remove_inheritance(filepath) } }
|
|
28
|
+
say "Removed #{decision_files.join(', ')} from the inherited decisions"
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
end
|
|
@@ -140,6 +140,7 @@ module LicenseFinder
|
|
|
140
140
|
desc 'report', "Print a report of the project's dependencies to stdout"
|
|
141
141
|
shared_options
|
|
142
142
|
format_option
|
|
143
|
+
method_option :write_headers, type: :boolean, desc: 'Write exported columns as header row (csv).', default: false, required: false
|
|
143
144
|
method_option :save, desc: "Save report to a file. Default: 'license_report.csv' in project root.", lazy_default: 'license_report'
|
|
144
145
|
|
|
145
146
|
def report
|
|
@@ -171,6 +172,7 @@ module LicenseFinder
|
|
|
171
172
|
subcommand 'permitted_licenses', PermittedLicenses, 'Automatically approve any dependency that has a permitted license'
|
|
172
173
|
subcommand 'restricted_licenses', RestrictedLicenses, 'Forbid approval of any dependency whose licenses are all restricted'
|
|
173
174
|
subcommand 'project_name', ProjectName, 'Set the project name, for display in reports'
|
|
175
|
+
subcommand 'inherited_decisions', InheritedDecisions, 'Add or remove decision files you want to inherit from'
|
|
174
176
|
|
|
175
177
|
private
|
|
176
178
|
|
|
@@ -203,7 +205,7 @@ module LicenseFinder
|
|
|
203
205
|
def report_of(content)
|
|
204
206
|
report = FORMATS[config.format] || FORMATS['text']
|
|
205
207
|
report = MergedReport if report == CsvReport && config.aggregate_paths
|
|
206
|
-
report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s)
|
|
208
|
+
report.of(content, columns: config.columns, project_name: decisions.project_name || config.project_path.basename.to_s, write_headers: config.write_headers)
|
|
207
209
|
end
|
|
208
210
|
|
|
209
211
|
def save?
|
|
@@ -4,7 +4,7 @@ module LicenseFinder
|
|
|
4
4
|
class DecisionApplier
|
|
5
5
|
def initialize(options)
|
|
6
6
|
@decisions = options.fetch(:decisions)
|
|
7
|
-
@all_packages =
|
|
7
|
+
@all_packages = options.fetch(:packages).to_set + @decisions.packages.to_set
|
|
8
8
|
@acknowledged = apply_decisions
|
|
9
9
|
end
|
|
10
10
|
|
|
@@ -28,10 +28,14 @@ module LicenseFinder
|
|
|
28
28
|
|
|
29
29
|
def apply_decisions
|
|
30
30
|
all_packages
|
|
31
|
-
.map { |package| with_decided_licenses(package) }
|
|
32
|
-
.map { |package| with_approval(package) }
|
|
33
|
-
.map { |package| with_homepage(package) }
|
|
34
31
|
.reject { |package| ignored?(package) }
|
|
32
|
+
.map do |package|
|
|
33
|
+
with_homepage(
|
|
34
|
+
with_approval(
|
|
35
|
+
with_decided_licenses(package)
|
|
36
|
+
)
|
|
37
|
+
)
|
|
38
|
+
end
|
|
35
39
|
end
|
|
36
40
|
|
|
37
41
|
def ignored?(package)
|
|
@@ -1,12 +1,14 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require 'open-uri'
|
|
4
|
+
|
|
3
5
|
module LicenseFinder
|
|
4
6
|
class Decisions
|
|
5
7
|
######
|
|
6
8
|
# READ
|
|
7
9
|
######
|
|
8
10
|
|
|
9
|
-
attr_reader :packages, :permitted, :restricted, :ignored, :ignored_groups, :project_name
|
|
11
|
+
attr_reader :packages, :permitted, :restricted, :ignored, :ignored_groups, :project_name, :inherited_decisions
|
|
10
12
|
|
|
11
13
|
def licenses_of(name)
|
|
12
14
|
@licenses[name]
|
|
@@ -72,40 +74,41 @@ module LicenseFinder
|
|
|
72
74
|
@restricted = Set.new
|
|
73
75
|
@ignored = Set.new
|
|
74
76
|
@ignored_groups = Set.new
|
|
77
|
+
@inherited_decisions = Set.new
|
|
75
78
|
end
|
|
76
79
|
|
|
77
80
|
def add_package(name, version, txn = {})
|
|
78
|
-
|
|
81
|
+
add_decision [:add_package, name, version, txn]
|
|
79
82
|
@packages << ManualPackage.new(name, version)
|
|
80
83
|
self
|
|
81
84
|
end
|
|
82
85
|
|
|
83
86
|
def remove_package(name, txn = {})
|
|
84
|
-
|
|
87
|
+
add_decision [:remove_package, name, txn]
|
|
85
88
|
@packages.delete(ManualPackage.new(name))
|
|
86
89
|
self
|
|
87
90
|
end
|
|
88
91
|
|
|
89
92
|
def license(name, lic, txn = {})
|
|
90
|
-
|
|
93
|
+
add_decision [:license, name, lic, txn]
|
|
91
94
|
@licenses[name] << License.find_by_name(lic)
|
|
92
95
|
self
|
|
93
96
|
end
|
|
94
97
|
|
|
95
98
|
def unlicense(name, lic, txn = {})
|
|
96
|
-
|
|
99
|
+
add_decision [:unlicense, name, lic, txn]
|
|
97
100
|
@licenses[name].delete(License.find_by_name(lic))
|
|
98
101
|
self
|
|
99
102
|
end
|
|
100
103
|
|
|
101
104
|
def homepage(name, homepage, txn = {})
|
|
102
|
-
|
|
105
|
+
add_decision [:homepage, name, homepage, txn]
|
|
103
106
|
@homepages[name] = homepage
|
|
104
107
|
self
|
|
105
108
|
end
|
|
106
109
|
|
|
107
110
|
def approve(name, txn = {})
|
|
108
|
-
|
|
111
|
+
add_decision [:approve, name, txn]
|
|
109
112
|
|
|
110
113
|
versions = []
|
|
111
114
|
versions = @approvals[name][:safe_versions] if @approvals.key?(name)
|
|
@@ -115,71 +118,112 @@ module LicenseFinder
|
|
|
115
118
|
end
|
|
116
119
|
|
|
117
120
|
def unapprove(name, txn = {})
|
|
118
|
-
|
|
121
|
+
add_decision [:unapprove, name, txn]
|
|
119
122
|
@approvals.delete(name)
|
|
120
123
|
self
|
|
121
124
|
end
|
|
122
125
|
|
|
123
126
|
def permit(lic, txn = {})
|
|
124
|
-
|
|
127
|
+
add_decision [:permit, lic, txn]
|
|
125
128
|
@permitted << License.find_by_name(lic)
|
|
126
129
|
self
|
|
127
130
|
end
|
|
128
131
|
|
|
129
132
|
def unpermit(lic, txn = {})
|
|
130
|
-
|
|
133
|
+
add_decision [:unpermit, lic, txn]
|
|
131
134
|
@permitted.delete(License.find_by_name(lic))
|
|
132
135
|
self
|
|
133
136
|
end
|
|
134
137
|
|
|
135
138
|
def restrict(lic, txn = {})
|
|
136
|
-
|
|
139
|
+
add_decision [:restrict, lic, txn]
|
|
137
140
|
@restricted << License.find_by_name(lic)
|
|
138
141
|
self
|
|
139
142
|
end
|
|
140
143
|
|
|
141
144
|
def unrestrict(lic, txn = {})
|
|
142
|
-
|
|
145
|
+
add_decision [:unrestrict, lic, txn]
|
|
143
146
|
@restricted.delete(License.find_by_name(lic))
|
|
144
147
|
self
|
|
145
148
|
end
|
|
146
149
|
|
|
147
150
|
def ignore(name, txn = {})
|
|
148
|
-
|
|
151
|
+
add_decision [:ignore, name, txn]
|
|
149
152
|
@ignored << name
|
|
150
153
|
self
|
|
151
154
|
end
|
|
152
155
|
|
|
153
156
|
def heed(name, txn = {})
|
|
154
|
-
|
|
157
|
+
add_decision [:heed, name, txn]
|
|
155
158
|
@ignored.delete(name)
|
|
156
159
|
self
|
|
157
160
|
end
|
|
158
161
|
|
|
159
162
|
def ignore_group(name, txn = {})
|
|
160
|
-
|
|
163
|
+
add_decision [:ignore_group, name, txn]
|
|
161
164
|
@ignored_groups << name
|
|
162
165
|
self
|
|
163
166
|
end
|
|
164
167
|
|
|
165
168
|
def heed_group(name, txn = {})
|
|
166
|
-
|
|
169
|
+
add_decision [:heed_group, name, txn]
|
|
167
170
|
@ignored_groups.delete(name)
|
|
168
171
|
self
|
|
169
172
|
end
|
|
170
173
|
|
|
171
174
|
def name_project(name, txn = {})
|
|
172
|
-
|
|
175
|
+
add_decision [:name_project, name, txn]
|
|
173
176
|
@project_name = name
|
|
174
177
|
self
|
|
175
178
|
end
|
|
176
179
|
|
|
177
180
|
def unname_project(txn = {})
|
|
178
|
-
|
|
181
|
+
add_decision [:unname_project, txn]
|
|
179
182
|
@project_name = nil
|
|
180
183
|
self
|
|
181
184
|
end
|
|
182
185
|
|
|
186
|
+
def inherit_from(filepath)
|
|
187
|
+
decisions =
|
|
188
|
+
if filepath =~ %r{^https?://}
|
|
189
|
+
open_uri(filepath).read
|
|
190
|
+
else
|
|
191
|
+
Pathname(filepath).read
|
|
192
|
+
end
|
|
193
|
+
|
|
194
|
+
add_decision [:inherit_from, filepath]
|
|
195
|
+
@inherited_decisions << filepath
|
|
196
|
+
restore_inheritance(decisions)
|
|
197
|
+
end
|
|
198
|
+
|
|
199
|
+
def remove_inheritance(filepath)
|
|
200
|
+
@decisions -= [[:inherit_from, filepath]]
|
|
201
|
+
@inherited_decisions.delete(filepath)
|
|
202
|
+
self
|
|
203
|
+
end
|
|
204
|
+
|
|
205
|
+
def add_decision(decision)
|
|
206
|
+
@decisions << decision unless @inherited
|
|
207
|
+
end
|
|
208
|
+
|
|
209
|
+
def restore_inheritance(decisions)
|
|
210
|
+
@inherited = true
|
|
211
|
+
self.class.restore(decisions, self)
|
|
212
|
+
@inherited = false
|
|
213
|
+
self
|
|
214
|
+
end
|
|
215
|
+
|
|
216
|
+
def open_uri(uri)
|
|
217
|
+
# ruby < 2.5.0 URI.open is private
|
|
218
|
+
if Gem::Version.new(RUBY_VERSION) < Gem::Version.new('2.5.0')
|
|
219
|
+
# rubocop:disable Security/Open
|
|
220
|
+
open(uri)
|
|
221
|
+
# rubocop:enable Security/Open
|
|
222
|
+
else
|
|
223
|
+
URI.open(uri)
|
|
224
|
+
end
|
|
225
|
+
end
|
|
226
|
+
|
|
183
227
|
#########
|
|
184
228
|
# PERSIST
|
|
185
229
|
#########
|
|
@@ -192,8 +236,7 @@ module LicenseFinder
|
|
|
192
236
|
write!(persist, file)
|
|
193
237
|
end
|
|
194
238
|
|
|
195
|
-
def self.restore(persisted)
|
|
196
|
-
result = new
|
|
239
|
+
def self.restore(persisted, result = new)
|
|
197
240
|
return result unless persisted
|
|
198
241
|
|
|
199
242
|
actions = YAML.load(persisted)
|
|
@@ -294,9 +294,10 @@ module LicenseFinder
|
|
|
294
294
|
def wtfpl
|
|
295
295
|
License.new(
|
|
296
296
|
short_name: 'WTFPL',
|
|
297
|
-
pretty_name: '
|
|
297
|
+
pretty_name: 'WTFPL',
|
|
298
298
|
other_names: [
|
|
299
|
-
'WTFPL V2'
|
|
299
|
+
'WTFPL V2',
|
|
300
|
+
'Do What The Fuck You Want To Public License'
|
|
300
301
|
],
|
|
301
302
|
url: 'http://www.wtfpl.net/'
|
|
302
303
|
)
|
|
@@ -17,7 +17,3 @@ LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
|
17
17
|
ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
18
18
|
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
|
19
19
|
SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
20
|
-
|
|
21
|
-
The views and conclusions contained in the software and documentation are those
|
|
22
|
-
of the authors and should not be interpreted as representing official policies,
|
|
23
|
-
either expressed or implied, of the FreeBSD Project.
|
|
@@ -6,15 +6,37 @@ module LicenseFinder
|
|
|
6
6
|
SPACES = /\s+/.freeze
|
|
7
7
|
QUOTES = /['`"]{1,2}/.freeze
|
|
8
8
|
PLACEHOLDERS = /<[^<>]+>/.freeze
|
|
9
|
+
SPECIAL_SINGLE_QUOTES = /[‘’]/.freeze
|
|
10
|
+
SPECIAL_DOUBLE_QUOTES = /[“”„«»]/.freeze
|
|
11
|
+
ALPHABET_ORDERED_LIST = /\\\([a-z]\\\)\\\s/.freeze
|
|
12
|
+
ALPHABET_ORDERED_LIST_OPTIONAL = '(\([a-z]\)\s)?'
|
|
13
|
+
LIST_BULLETS = /(\d{1,2}\\\.|\\\*)\\\s/.freeze
|
|
14
|
+
LIST_BULLETS_OPTIONAL = '(\d{1,2}.|\*)?\s*'
|
|
15
|
+
NEWLINE_CHARACTER = /\n+/.freeze
|
|
16
|
+
QUOTE_COMMENT_CHARACTER = /^\s*\>+/.freeze
|
|
17
|
+
ESCAPED_QUOTES = /\\\"/.freeze
|
|
9
18
|
|
|
10
19
|
def self.normalize_punctuation(text)
|
|
11
|
-
text.
|
|
20
|
+
text.dup.force_encoding('UTF-8')
|
|
21
|
+
.gsub(SPECIAL_DOUBLE_QUOTES, '"')
|
|
22
|
+
.gsub(SPECIAL_SINGLE_QUOTES, "'")
|
|
23
|
+
.gsub(QUOTE_COMMENT_CHARACTER, '')
|
|
24
|
+
.gsub(SPACES, ' ')
|
|
25
|
+
.gsub(NEWLINE_CHARACTER, ' ')
|
|
26
|
+
.gsub(ESCAPED_QUOTES, '"')
|
|
12
27
|
.gsub(QUOTES, '"')
|
|
13
28
|
.strip
|
|
29
|
+
rescue ArgumentError => _e
|
|
30
|
+
text
|
|
14
31
|
end
|
|
15
32
|
|
|
16
33
|
def self.compile_to_regex(text)
|
|
17
|
-
Regexp.new(Regexp.escape(text)
|
|
34
|
+
Regexp.new(Regexp.escape(normalize_punctuation(text))
|
|
35
|
+
.gsub(PLACEHOLDERS, '(.*)')
|
|
36
|
+
.gsub(',', '(,)?')
|
|
37
|
+
.gsub('HOLDER', '(HOLDER|OWNER)')
|
|
38
|
+
.gsub(ALPHABET_ORDERED_LIST, ALPHABET_ORDERED_LIST_OPTIONAL)
|
|
39
|
+
.gsub(LIST_BULLETS, LIST_BULLETS_OPTIONAL))
|
|
18
40
|
end
|
|
19
41
|
end
|
|
20
42
|
end
|
|
@@ -43,6 +43,7 @@ module LicenseFinder
|
|
|
43
43
|
@summary = options[:summary] || ''
|
|
44
44
|
@description = options[:description] || ''
|
|
45
45
|
@homepage = options[:homepage] || ''
|
|
46
|
+
@package_url = options[:package_url].to_s
|
|
46
47
|
@children = options[:children] || []
|
|
47
48
|
@parents = Set.new # will be figured out later by package manager
|
|
48
49
|
@groups = options[:groups] || []
|
|
@@ -61,7 +62,7 @@ module LicenseFinder
|
|
|
61
62
|
|
|
62
63
|
## DESCRIPTION
|
|
63
64
|
|
|
64
|
-
attr_accessor :homepage
|
|
65
|
+
attr_accessor :homepage, :package_url
|
|
65
66
|
|
|
66
67
|
attr_reader :name, :version, :authors,
|
|
67
68
|
:summary, :description,
|
|
@@ -51,7 +51,9 @@ module LicenseFinder
|
|
|
51
51
|
def current_packages
|
|
52
52
|
dependencies.each_with_object({}) do |dep, memo|
|
|
53
53
|
licenses = license_urls(dep)
|
|
54
|
-
|
|
54
|
+
path = Dir.glob("#{Dir.home}/.nuget/packages/#{dep.name.downcase}/#{dep.version}").first
|
|
55
|
+
|
|
56
|
+
memo[dep.name] ||= NugetPackage.new(dep.name, dep.version, spec_licenses: licenses, install_path: path)
|
|
55
57
|
memo[dep.name].groups << dep.assembly unless memo[dep.name].groups.include? dep.assembly
|
|
56
58
|
end.values
|
|
57
59
|
end
|
|
@@ -72,11 +72,25 @@ module LicenseFinder
|
|
|
72
72
|
valid_packages = filter_yarn_internal_package(packages)
|
|
73
73
|
|
|
74
74
|
valid_packages.map do |package_hash|
|
|
75
|
-
YarnPackage.new(
|
|
76
|
-
|
|
75
|
+
YarnPackage.new(
|
|
76
|
+
package_hash['Name'],
|
|
77
|
+
package_hash['Version'],
|
|
78
|
+
spec_licenses: [package_hash['License']],
|
|
79
|
+
homepage: package_hash['VendorUrl'],
|
|
80
|
+
authors: package_hash['VendorName'],
|
|
81
|
+
install_path: project_path.join(modules_folder, package_hash['Name'])
|
|
82
|
+
)
|
|
77
83
|
end
|
|
78
84
|
end
|
|
79
85
|
|
|
86
|
+
def modules_folder
|
|
87
|
+
return @modules_folder if @modules_folder
|
|
88
|
+
|
|
89
|
+
stdout, _stderr, status = Cmd.run('yarn config get modules-folder')
|
|
90
|
+
@modules_folder = 'node_modules' if !status.success? || stdout.strip == 'undefined'
|
|
91
|
+
@modules_folder ||= stdout.strip
|
|
92
|
+
end
|
|
93
|
+
|
|
80
94
|
# remove fake package created by yarn [Yarn Bug]
|
|
81
95
|
def filter_yarn_internal_package(all_packages)
|
|
82
96
|
internal_package_pattern = /workspace-aggregator-[a-zA-z0-9]{8}-[a-zA-z0-9]{4}-[a-zA-z0-9]{4}-[a-zA-z0-9]{4}-[a-zA-z0-9]{12}/
|
|
@@ -1,5 +1,7 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
+
require 'open-uri'
|
|
4
|
+
|
|
3
5
|
module LicenseFinder
|
|
4
6
|
class BowerPackage < Package
|
|
5
7
|
def initialize(bower_module, options = {})
|
|
@@ -31,5 +33,10 @@ module LicenseFinder
|
|
|
31
33
|
def package_manager
|
|
32
34
|
'Bower'
|
|
33
35
|
end
|
|
36
|
+
|
|
37
|
+
def package_url
|
|
38
|
+
meta = JSON.parse(open("https://registry.bower.io/packages/#{CGI.escape(name)}").read)
|
|
39
|
+
meta['url']
|
|
40
|
+
end
|
|
34
41
|
end
|
|
35
42
|
end
|
|
@@ -11,7 +11,7 @@ module LicenseFinder
|
|
|
11
11
|
super(package.name, package.version)
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
-
def_delegators :@dependency, :name, :version, :authors, :summary, :description, :homepage, :children, :parents,
|
|
14
|
+
def_delegators :@dependency, :name, :version, :authors, :summary, :description, :homepage, :package_url, :children, :parents,
|
|
15
15
|
:groups, :permitted, :restricted, :manual_approval, :install_path, :licenses, :approved_manually?,
|
|
16
16
|
:approved_manually!, :approved?, :permitted!, :permitted?, :restricted!, :restricted?, :hash,
|
|
17
17
|
:activations, :missing, :license_names_from_spec, :decided_licenses, :licensing, :decide_on_license,
|
|
@@ -3,6 +3,7 @@ require 'csv'
|
|
|
3
3
|
module LicenseFinder
|
|
4
4
|
class CsvReport < Report
|
|
5
5
|
COMMA_SEP = ','.freeze
|
|
6
|
+
NEWLINE_SEP = '\@NL'.freeze
|
|
6
7
|
AVAILABLE_COLUMNS = %w[name version authors licenses license_links approved summary description homepage install_path package_manager groups texts notice].freeze
|
|
7
8
|
MISSING_DEPENDENCY_TEXT = 'This package is not installed. Please install to determine licenses.'.freeze
|
|
8
9
|
|
|
@@ -10,10 +11,11 @@ module LicenseFinder
|
|
|
10
11
|
super
|
|
11
12
|
options[:columns] ||= %w[name version licenses]
|
|
12
13
|
@columns = Array(options[:columns]) & self.class::AVAILABLE_COLUMNS
|
|
14
|
+
@write_headers = options[:write_headers] || false
|
|
13
15
|
end
|
|
14
16
|
|
|
15
17
|
def to_s
|
|
16
|
-
CSV.generate(col_sep: self.class::COMMA_SEP) do |csv|
|
|
18
|
+
CSV.generate(col_sep: self.class::COMMA_SEP, headers: @columns, write_headers: @write_headers) do |csv|
|
|
17
19
|
sorted_dependencies.each do |s|
|
|
18
20
|
csv << format_dependency(s)
|
|
19
21
|
end
|
|
@@ -29,11 +31,13 @@ module LicenseFinder
|
|
|
29
31
|
end
|
|
30
32
|
|
|
31
33
|
def format_texts(dep)
|
|
32
|
-
dep.license_files.map { |file| file.text.split(/[\n\r]+/).join(
|
|
34
|
+
dep.license_files.map { |file| file.text.split(/[\n\r]+/).join(self.class::NEWLINE_SEP) }
|
|
35
|
+
.join(self.class::NEWLINE_SEP).force_encoding("ISO-8859-1").encode("UTF-8")
|
|
33
36
|
end
|
|
34
37
|
|
|
35
38
|
def format_notice(dep)
|
|
36
|
-
dep.notice_files.map { |file| file.text.split(/[\n\r]+/).join(
|
|
39
|
+
dep.notice_files.map { |file| file.text.split(/[\n\r]+/).join(self.class::NEWLINE_SEP) }
|
|
40
|
+
.join(self.class::NEWLINE_SEP).force_encoding("ISO-8859-1").encode("UTF-8")
|
|
37
41
|
end
|
|
38
42
|
|
|
39
43
|
def format_name(dep)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: license_finder
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.
|
|
4
|
+
version: 6.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ryan Collins
|
|
@@ -27,7 +27,7 @@ authors:
|
|
|
27
27
|
autorequire:
|
|
28
28
|
bindir: bin
|
|
29
29
|
cert_chain: []
|
|
30
|
-
date: 2020-05-
|
|
30
|
+
date: 2020-05-22 00:00:00.000000000 Z
|
|
31
31
|
dependencies:
|
|
32
32
|
- !ruby/object:Gem::Dependency
|
|
33
33
|
name: bundler
|
|
@@ -358,6 +358,7 @@ files:
|
|
|
358
358
|
- lib/license_finder/cli/dependencies.rb
|
|
359
359
|
- lib/license_finder/cli/ignored_dependencies.rb
|
|
360
360
|
- lib/license_finder/cli/ignored_groups.rb
|
|
361
|
+
- lib/license_finder/cli/inherited_decisions.rb
|
|
361
362
|
- lib/license_finder/cli/licenses.rb
|
|
362
363
|
- lib/license_finder/cli/main.rb
|
|
363
364
|
- lib/license_finder/cli/makes_decisions.rb
|