license_finder 6.6.1 → 6.6.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/Dockerfile +7 -5
- data/README.md +4 -4
- data/VERSION +1 -1
- data/lib/license_finder/configuration.rb +1 -1
- data/lib/license_finder/decisions.rb +17 -1
- data/lib/license_finder/license.rb +2 -1
- data/lib/license_finder/package_managers/go_modules.rb +35 -14
- data/lib/license_finder/package_managers/mix.rb +1 -1
- data/lib/license_finder/package_managers/rebar.rb +29 -8
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 48bb96da32ab1ac5f0ee5f3a61e35a546c7666794348b6055fafbdcd2afb9067
|
|
4
|
+
data.tar.gz: c712efcd6787e0747ea1d2975ef719f74ee5e27eb2664dc0f0d1d0f681f62fe2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 204084155100a9da1d8511db5173bfd138f1247c2fd0ed6a5c967a4da7c01b4a3db7352b8e55d98dd82cc68b4460d48daee400531e8a34605ca54046f66065a6
|
|
7
|
+
data.tar.gz: 0db4e9e0660b01393a9f142c6f320a526e366cd1e4831097170f954a2496cf2fbb9cbb1fcff9d8f188ca7e5bfccec34ae8c1ab8cfd7c4b3c5815a33b924b61d1
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,14 @@
|
|
|
1
|
+
# [6.6.2] / 2020-07-09
|
|
2
|
+
|
|
3
|
+
### Added
|
|
4
|
+
* support for rebar3 [Removed] support for rebar2 [#173637980] - [b20e7444](https://github.com/pivotal/LicenseFinder/commit/b20e7444c147d8dbfa46eb4e8e549e03be751e02) - Jeff Jun
|
|
5
|
+
|
|
6
|
+
### Fixed
|
|
7
|
+
* handle empty case for mix dependencies [#173637843] - [fc34b281](https://github.com/pivotal/LicenseFinder/commit/fc34b2813925a709addde675849e199b05fc4a23) - Jeff Jun
|
|
8
|
+
|
|
9
|
+
### Removed
|
|
10
|
+
[Added] support for rebar3 * support for rebar2 [#173637980] - [b20e7444](https://github.com/pivotal/LicenseFinder/commit/b20e7444c147d8dbfa46eb4e8e549e03be751e02) - Jeff Jun
|
|
11
|
+
|
|
1
12
|
# [6.6.1] / 2020-06-30
|
|
2
13
|
|
|
3
14
|
### Changed
|
|
@@ -885,3 +896,4 @@ Bugfixes:
|
|
|
885
896
|
[6.5.0]: https://github.com/pivotal/LicenseFinder/compare/v6.4.0...v6.5.0
|
|
886
897
|
[6.6.0]: https://github.com/pivotal/LicenseFinder/compare/v6.5.0...v6.6.0
|
|
887
898
|
[6.6.1]: https://github.com/pivotal/LicenseFinder/compare/v6.6.0...v6.6.1
|
|
899
|
+
[6.6.2]: https://github.com/pivotal/LicenseFinder/compare/v6.6.1...v6.6.2
|
data/Dockerfile
CHANGED
|
@@ -48,11 +48,13 @@ ENV JAVA_HOME=/opt/jdk-12.0.2
|
|
|
48
48
|
ENV PATH=$PATH:$JAVA_HOME/bin
|
|
49
49
|
RUN java -version
|
|
50
50
|
|
|
51
|
-
# install
|
|
52
|
-
RUN
|
|
51
|
+
# install rebar3
|
|
52
|
+
RUN curl -o rebar3 https://s3.amazonaws.com/rebar3/rebar3 && \
|
|
53
|
+
sudo chmod +x rebar3 && \
|
|
54
|
+
sudo mv rebar3 /usr/local/bin/rebar3
|
|
53
55
|
|
|
54
|
-
# install and update python-pip
|
|
55
|
-
RUN apt-get install -y python-pip python3-pip && \
|
|
56
|
+
# install and update python and python-pip
|
|
57
|
+
RUN apt-get install -y python python-pip python3-pip && \
|
|
56
58
|
pip2 install --no-cache-dir --upgrade pip==$PIP_INSTALL_VERSION && \
|
|
57
59
|
pip3 install --no-cache-dir --upgrade pip==$PIP3_INSTALL_VERSION
|
|
58
60
|
|
|
@@ -157,7 +159,7 @@ RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 4F4EA0AAE5
|
|
|
157
159
|
apt-get update &&\
|
|
158
160
|
apt-get install -y php7.4-cli &&\
|
|
159
161
|
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" &&\
|
|
160
|
-
php -r "if (hash_file('sha384', 'composer-setup.php') === '
|
|
162
|
+
php -r "if (hash_file('sha384', 'composer-setup.php') === 'e5325b19b381bfd88ce90a5ddb7823406b2a38cff6bb704b0acc289a09c8128d4a8ce2bbafcd1fcbdc38666422fe2806') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;" &&\
|
|
161
163
|
php composer-setup.php &&\
|
|
162
164
|
php -r "unlink('composer-setup.php');" &&\
|
|
163
165
|
mv composer.phar /usr/bin/composer
|
data/README.md
CHANGED
|
@@ -43,7 +43,7 @@ and give you an actionable exception report.
|
|
|
43
43
|
|
|
44
44
|
### Experimental project types
|
|
45
45
|
|
|
46
|
-
* Erlang (via `
|
|
46
|
+
* Erlang (via `rebar3`)
|
|
47
47
|
* Objective-C, Swift (via Carthage or CocoaPods \[0.39 and below. See [CocoaPods Specs Repo Sharding](http://blog.cocoapods.org/Sharding/)\])
|
|
48
48
|
* Objective-C (+ CocoaPods 0.39 and below. See [CocoaPods Specs Repo Sharding](http://blog.cocoapods.org/Sharding/))
|
|
49
49
|
* Elixir (via `mix`)
|
|
@@ -175,7 +175,7 @@ languages, as long as that language has a package definition in the project dire
|
|
|
175
175
|
* `bower.json` (for `bower`)
|
|
176
176
|
* `Podfile` (for `pod`)
|
|
177
177
|
* `Cartfile` (for `carthage`)
|
|
178
|
-
* `rebar.config` (for `
|
|
178
|
+
* `rebar.config` (for `rebar3`)
|
|
179
179
|
* `mix.exs` (for `mix`)
|
|
180
180
|
* `packages/` directory (for `nuget`)
|
|
181
181
|
* `*.csproj` (for `dotnet`)
|
|
@@ -183,7 +183,7 @@ languages, as long as that language has a package definition in the project dire
|
|
|
183
183
|
* `glide.lock` file (for `glide`)
|
|
184
184
|
* `vendor/vendor.json` file (for `govendor`)
|
|
185
185
|
* `Gopkg.lock` file (for `dep`)
|
|
186
|
-
* `go.
|
|
186
|
+
* `go.mod` file (for `go mod`)
|
|
187
187
|
* `vendor.conf` file (for `trash`)
|
|
188
188
|
* `yarn.lock` file (for `yarn`)
|
|
189
189
|
* `conanfile.txt` file (for `conan`)
|
|
@@ -412,7 +412,7 @@ If you have a gradle project, you can invoke gradle with a custom script by
|
|
|
412
412
|
passing (for example) `--gradle_command gradlew` to `license_finder` or
|
|
413
413
|
`license_finder report`.
|
|
414
414
|
|
|
415
|
-
Similarly you can invoke a custom rebar script with `--rebar_command
|
|
415
|
+
Similarly you can invoke a custom rebar script with `--rebar_command rebar`.
|
|
416
416
|
If you store rebar dependencies in a custom directory (by setting `deps_dir` in
|
|
417
417
|
`rebar.config`), set `--rebar_deps_dir`.
|
|
418
418
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
6.6.
|
|
1
|
+
6.6.2
|
|
@@ -190,7 +190,7 @@ module LicenseFinder
|
|
|
190
190
|
def inherit_from(filepath_info)
|
|
191
191
|
decisions =
|
|
192
192
|
if filepath_info.is_a?(Hash)
|
|
193
|
-
|
|
193
|
+
resolve_inheritance(filepath_info)
|
|
194
194
|
elsif filepath_info =~ %r{^https?://}
|
|
195
195
|
open_uri(filepath_info).read
|
|
196
196
|
else
|
|
@@ -202,6 +202,22 @@ module LicenseFinder
|
|
|
202
202
|
restore_inheritance(decisions)
|
|
203
203
|
end
|
|
204
204
|
|
|
205
|
+
def resolve_inheritance(filepath_info)
|
|
206
|
+
if (gem_name = filepath_info['gem'])
|
|
207
|
+
Pathname(gem_config_path(gem_name, filepath_info['path'])).read
|
|
208
|
+
else
|
|
209
|
+
open_uri(filepath_info['url'], filepath_info['authorization']).read
|
|
210
|
+
end
|
|
211
|
+
end
|
|
212
|
+
|
|
213
|
+
def gem_config_path(gem_name, relative_config_path)
|
|
214
|
+
spec = Gem::Specification.find_by_name(gem_name)
|
|
215
|
+
File.join(spec.gem_dir, relative_config_path)
|
|
216
|
+
rescue Gem::LoadError => e
|
|
217
|
+
raise Gem::LoadError,
|
|
218
|
+
"Unable to find gem #{gem_name}; is the gem installed? #{e}"
|
|
219
|
+
end
|
|
220
|
+
|
|
205
221
|
def remove_inheritance(filepath)
|
|
206
222
|
@decisions -= [[:inherit_from, filepath]]
|
|
207
223
|
@inherited_decisions.delete(filepath)
|
|
@@ -88,7 +88,8 @@ module LicenseFinder
|
|
|
88
88
|
@url = nil
|
|
89
89
|
@matcher = NoneMatcher.new
|
|
90
90
|
# removes heading and trailing parentesis and splits
|
|
91
|
-
|
|
91
|
+
name = name[1..-2] if name.start_with?('(')
|
|
92
|
+
names = name.split(operator)
|
|
92
93
|
@sub_licenses = names.map do |sub_name|
|
|
93
94
|
License.find_by_name(sub_name)
|
|
94
95
|
end
|
|
@@ -4,7 +4,7 @@ require 'license_finder/packages/go_package'
|
|
|
4
4
|
|
|
5
5
|
module LicenseFinder
|
|
6
6
|
class GoModules < PackageManager
|
|
7
|
-
PACKAGES_FILE = 'go.
|
|
7
|
+
PACKAGES_FILE = 'go.mod'
|
|
8
8
|
|
|
9
9
|
class << self
|
|
10
10
|
def takes_priority_over
|
|
@@ -12,12 +12,8 @@ module LicenseFinder
|
|
|
12
12
|
end
|
|
13
13
|
end
|
|
14
14
|
|
|
15
|
-
def prepare_command
|
|
16
|
-
'GO111MODULE=on go mod tidy && GO111MODULE=on go mod vendor'
|
|
17
|
-
end
|
|
18
|
-
|
|
19
15
|
def active?
|
|
20
|
-
|
|
16
|
+
mod_files?
|
|
21
17
|
end
|
|
22
18
|
|
|
23
19
|
def current_packages
|
|
@@ -33,19 +29,44 @@ module LicenseFinder
|
|
|
33
29
|
private
|
|
34
30
|
|
|
35
31
|
def packages_info
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
32
|
+
Dir.chdir(project_path) do
|
|
33
|
+
# Explanations:
|
|
34
|
+
# * Only list dependencies (packages not listed in the project directory)
|
|
35
|
+
# (.DepOnly)
|
|
36
|
+
# * Ignore standard library packages
|
|
37
|
+
# (not .Standard)
|
|
38
|
+
# * Replacement modules are respected
|
|
39
|
+
# (or .Module.Replace .Module)
|
|
40
|
+
# * Module cache directory or (vendored) package directory
|
|
41
|
+
# (or $mod.Dir .Dir)
|
|
42
|
+
format_str = \
|
|
43
|
+
'{{ if and (.DepOnly) (not .Standard) }}'\
|
|
44
|
+
'{{ $mod := (or .Module.Replace .Module) }}'\
|
|
45
|
+
'{{ $mod.Path }},{{ $mod.Version }},{{ or $mod.Dir .Dir }}'\
|
|
46
|
+
'{{ end }}'
|
|
40
47
|
|
|
41
|
-
|
|
48
|
+
# The module list flag (`-m`) is intentionally not used here. If the module
|
|
49
|
+
# dependency tree were followed, transitive dependencies that are never imported
|
|
50
|
+
# may be included.
|
|
51
|
+
#
|
|
52
|
+
# Instead, the owning module is listed for each imported package. This better
|
|
53
|
+
# matches the implementation of other Go package managers.
|
|
54
|
+
#
|
|
55
|
+
# TODO: Figure out a way to make the vendor directory work (i.e. remove the
|
|
56
|
+
# -mod=readonly flag). Each of the imported packages gets listed separatly,
|
|
57
|
+
# confusing the issue as to which package is the root of the module.
|
|
58
|
+
info_output, _stderr, _status = Cmd.run("GO111MODULE=on go list -mod=readonly -deps -f '#{format_str}' ./...")
|
|
59
|
+
|
|
60
|
+
# Since many packages may belong to a single module, #uniq is used to deduplicate
|
|
61
|
+
info_output.split("\n").uniq
|
|
62
|
+
end
|
|
42
63
|
end
|
|
43
64
|
|
|
44
|
-
def
|
|
45
|
-
|
|
65
|
+
def mod_files?
|
|
66
|
+
mod_file_paths.any?
|
|
46
67
|
end
|
|
47
68
|
|
|
48
|
-
def
|
|
69
|
+
def mod_file_paths
|
|
49
70
|
Dir[project_path.join(PACKAGES_FILE)]
|
|
50
71
|
end
|
|
51
72
|
|
|
@@ -96,7 +96,7 @@ module LicenseFinder
|
|
|
96
96
|
raise "Command '#{command}' failed to execute: #{stderr}" unless status.success?
|
|
97
97
|
|
|
98
98
|
packages_lines(stdout)
|
|
99
|
-
.reject { |package_lines| package_lines.length == 1 } # in_umbrella: true dependencies
|
|
99
|
+
.reject { |package_lines| package_lines.length == 1 || package_lines.empty? } # in_umbrella: true dependencies
|
|
100
100
|
.map { |package_lines| [package_lines[0].split(' ')[1], resolve_version(package_lines[1])] }
|
|
101
101
|
end
|
|
102
102
|
|
|
@@ -5,23 +5,25 @@ module LicenseFinder
|
|
|
5
5
|
def initialize(options = {})
|
|
6
6
|
super
|
|
7
7
|
@command = options[:rebar_command] || package_management_command
|
|
8
|
-
@deps_path = Pathname(options[:rebar_deps_dir] || '
|
|
8
|
+
@deps_path = Pathname(options[:rebar_deps_dir] || File.join(project_path, '_build/default/lib'))
|
|
9
9
|
end
|
|
10
10
|
|
|
11
11
|
def current_packages
|
|
12
|
-
|
|
12
|
+
rebar_deps.map do |name, version|
|
|
13
|
+
licenses, homepage = dep_info(name)
|
|
13
14
|
RebarPackage.new(
|
|
14
15
|
name,
|
|
15
|
-
|
|
16
|
+
version,
|
|
16
17
|
install_path: @deps_path.join(name),
|
|
17
18
|
homepage: homepage,
|
|
19
|
+
spec_licenses: licenses.nil? ? [] : [licenses],
|
|
18
20
|
logger: logger
|
|
19
21
|
)
|
|
20
22
|
end
|
|
21
23
|
end
|
|
22
24
|
|
|
23
25
|
def package_management_command
|
|
24
|
-
'
|
|
26
|
+
'rebar3'
|
|
25
27
|
end
|
|
26
28
|
|
|
27
29
|
def possible_package_paths
|
|
@@ -30,15 +32,34 @@ module LicenseFinder
|
|
|
30
32
|
|
|
31
33
|
private
|
|
32
34
|
|
|
33
|
-
def
|
|
34
|
-
command = "#{@command}
|
|
35
|
+
def rebar_deps
|
|
36
|
+
command = "#{@command} tree"
|
|
35
37
|
stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(command) }
|
|
36
38
|
raise "Command '#{command}' failed to execute: #{stderr}" unless status.success?
|
|
37
39
|
|
|
38
40
|
stdout
|
|
39
41
|
.each_line
|
|
40
|
-
.reject { |line| line.start_with?('=') }
|
|
41
|
-
.map
|
|
42
|
+
.reject { |line| line.start_with?('=') || line.include?('project app') }
|
|
43
|
+
.map do |line|
|
|
44
|
+
matches = line.match(/(?<name>\w+)─(?<version>[\S.]+)\s*/)
|
|
45
|
+
[matches[:name], matches[:version]] if matches
|
|
46
|
+
end.compact
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def dep_info(name)
|
|
50
|
+
command = "#{@command} pkgs #{name}"
|
|
51
|
+
stdout, _, status = Cmd.run(command)
|
|
52
|
+
return [nil, nil] unless status.success?
|
|
53
|
+
|
|
54
|
+
licenses = nil
|
|
55
|
+
homepage = nil
|
|
56
|
+
|
|
57
|
+
stdout.scan(/Licenses: (?<licenses>.+)|(?<homepage>(https|http).*)/) do |pkg_licenses, pkg_homepage|
|
|
58
|
+
licenses ||= pkg_licenses
|
|
59
|
+
homepage ||= pkg_homepage
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
[licenses, homepage]
|
|
42
63
|
end
|
|
43
64
|
end
|
|
44
65
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: license_finder
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 6.6.
|
|
4
|
+
version: 6.6.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ryan Collins
|
|
@@ -27,7 +27,7 @@ authors:
|
|
|
27
27
|
autorequire:
|
|
28
28
|
bindir: bin
|
|
29
29
|
cert_chain: []
|
|
30
|
-
date: 2020-
|
|
30
|
+
date: 2020-07-09 00:00:00.000000000 Z
|
|
31
31
|
dependencies:
|
|
32
32
|
- !ruby/object:Gem::Dependency
|
|
33
33
|
name: bundler
|