license_finder_rails_assets 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA256:
3
+ metadata.gz: f60364fc048b2737c452fe56ca741a56f70f3beaee61a7eb42ff345092917b28
4
+ data.tar.gz: 10b1879822375b7ec69871b079f5c6f20acec50e372dcbc136ab824b96146931
5
+ SHA512:
6
+ metadata.gz: f338420c1983d49c8b0cb4a2617902ebacbb07498570e0f843f0822c54c26be322c582e60a207e2320a975d5bae2dc1984c787687e783840773513d72f001ab7
7
+ data.tar.gz: cd2083e42a3242b865688e785ec0d4a095e6a051f4f92e0adbdb0f60e2733ee4e6f3004320a7246e265f1fccbb7494773b3936e6115b4332329a41814119fc29
@@ -0,0 +1,50 @@
1
+ license_finder_rails_assets
2
+ ===========================
3
+
4
+ This gem extends [license_finder][license_finder], making it treat local asset files as packages.
5
+
6
+ It's a bit experimental, which is why it's a gem and not a PR against
7
+ license_finder. Once it's gained some stability and 'niceness' we intended to
8
+ try to get it added to license_finder :-)
9
+
10
+ [license_finder]: https://github.com/pivotal/LicenseFinder
11
+
12
+ Installation and Usage
13
+ ======================
14
+
15
+ ```console
16
+ $ cd mycoolrailsapp
17
+ $ gem install license_finder_rails_assets
18
+ $ license_finder_rails_app
19
+ ```
20
+
21
+ If you're using bundler to manage your dependencies:
22
+
23
+ ```console
24
+ $ cd mycoolrailsapp
25
+ $ bundle add --group=development,test license_finder_rails_assets
26
+ $ bundle exec license_finder_rails_app
27
+ ```
28
+
29
+ You only need to use license_finder_rails_assets to run license validation steps,
30
+ for dependency license tweaks (i.e. any of the `license`,
31
+ `ignored_dependencies`, `whitelist`, or `blacklist` commands) you can use
32
+ license_finder as normal (although license_finder_rails_assets will still work)
33
+
34
+ How it works
35
+ ============
36
+
37
+ Under the hood the license_finder_rails_assets executable requires
38
+ license_finder, then appends a new package manager to the
39
+ `LicenseFinder::Scanner::PACKAGE_MANAGERS` constant (this is what causes a
40
+ warning about redefining a constant). Other than that, it just contains a normal
41
+ `LicenseFinder::PackageManager` and `LicenseFinder::Package` implementation for
42
+ rails assets.
43
+
44
+ Future work
45
+ ===========
46
+
47
+ * Rather than having each file as its own dependency, try to figure out where
48
+ package boundaries lie.
49
+ * Detect license files (e.g. LICENSE, license.txt)
50
+ * Attempt to detect license declarations within comments.
@@ -0,0 +1,5 @@
1
+ #!/usr/bin/env ruby
2
+
3
+ require 'license_finder'
4
+ require 'license_finder_rails_assets'
5
+ LicenseFinder::CLI::Main.start
@@ -0,0 +1,12 @@
1
+ require 'license_finder_rails_assets/package_manager'
2
+ require 'license_finder/scanner'
3
+
4
+ module LicenseFinder
5
+ class Scanner
6
+ PACKAGE_MANAGERS = [LicenseFinderRailsAssets::PackageManager] +
7
+ LicenseFinder::Scanner::PACKAGE_MANAGERS
8
+ end
9
+ end
10
+
11
+ module LicenseFinderRailsAssets
12
+ end
@@ -0,0 +1,36 @@
1
+ require 'license_finder'
2
+ require 'license_finder_rails_assets/rails_asset'
3
+
4
+ module LicenseFinderRailsAssets
5
+ class PackageManager < LicenseFinder::PackageManager
6
+ def possible_package_paths
7
+ [project_path.join('app/assets/javascripts'),
8
+ project_path.join('app/assets/stylesheets')]
9
+ end
10
+
11
+ def current_packages
12
+ possible_package_paths.map do |path|
13
+ find_packages_in(path)
14
+ end.flatten.compact
15
+ end
16
+
17
+ private
18
+
19
+ def find_packages_in(path)
20
+ Dir.entries(path).map do |filename|
21
+ next nil if filename == '..' || filename == '.'
22
+
23
+ fullpath = File.join(path, filename)
24
+ next RailsAsset.from_file(fullpath) if File.file?(fullpath)
25
+
26
+ if File.directory?(fullpath)
27
+ if File.exist?(File.join(fullpath, '.treat_as_package'))
28
+ RailsAsset.from_dir(fullpath)
29
+ else
30
+ find_packages_in(fullpath).flatten.compact
31
+ end
32
+ end
33
+ end
34
+ end
35
+ end
36
+ end
@@ -0,0 +1,33 @@
1
+ require 'license_finder'
2
+ require 'digest'
3
+
4
+ module LicenseFinderRailsAssets
5
+ class RailsAsset < LicenseFinder::Package
6
+ def package_manager
7
+ 'Rails asset'
8
+ end
9
+
10
+ class << self
11
+ def from_file(path)
12
+ version = Digest::SHA1.hexdigest(IO.read(path))
13
+ RailsAsset.new(remove_prefix(path), version, install_path: path, package_manager: 'Rails asset')
14
+ end
15
+
16
+ def from_dir(path)
17
+ digest = Digest::SHA1.new
18
+ Dir["#{path}/**/*"].sort.each do |filename|
19
+ digest << IO.read(filename) if File.file? filename
20
+ end
21
+ version = digest.hexdigest
22
+
23
+ RailsAsset.new(remove_prefix(path), version, install_path: path, package_manager: 'Rails asset')
24
+ end
25
+
26
+ private
27
+
28
+ def remove_prefix(path)
29
+ path.sub(%r{^.*/app/assets/[^/]+/}, '')
30
+ end
31
+ end
32
+ end
33
+ end
metadata ADDED
@@ -0,0 +1,123 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: license_finder_rails_assets
3
+ version: !ruby/object:Gem::Version
4
+ version: 1.0.0
5
+ platform: ruby
6
+ authors:
7
+ - Telyn Roat
8
+ autorequire:
9
+ bindir: bin
10
+ cert_chain: []
11
+ date: 2019-06-07 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: license_finder
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - "~>"
18
+ - !ruby/object:Gem::Version
19
+ version: '5.8'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - "~>"
25
+ - !ruby/object:Gem::Version
26
+ version: '5.8'
27
+ - !ruby/object:Gem::Dependency
28
+ name: fuubar
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - "~>"
32
+ - !ruby/object:Gem::Version
33
+ version: '2.3'
34
+ type: :development
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - "~>"
39
+ - !ruby/object:Gem::Version
40
+ version: '2.3'
41
+ - !ruby/object:Gem::Dependency
42
+ name: guard
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - "~>"
46
+ - !ruby/object:Gem::Version
47
+ version: '2.15'
48
+ type: :development
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - "~>"
53
+ - !ruby/object:Gem::Version
54
+ version: '2.15'
55
+ - !ruby/object:Gem::Dependency
56
+ name: guard-rspec
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - "~>"
60
+ - !ruby/object:Gem::Version
61
+ version: '4.7'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - "~>"
67
+ - !ruby/object:Gem::Version
68
+ version: '4.7'
69
+ - !ruby/object:Gem::Dependency
70
+ name: rspec
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '3.8'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '3.8'
83
+ description: |2
84
+ LicenseFinderRailsAssets is a plugin for LicenseFinder
85
+ that adds support for declaring licenses and decisions
86
+ for rails assets.
87
+ email:
88
+ - troat@researchbods.com
89
+ executables:
90
+ - license_finder_rails_assets
91
+ extensions: []
92
+ extra_rdoc_files: []
93
+ files:
94
+ - README.md
95
+ - bin/license_finder_rails_assets
96
+ - lib/license_finder_rails_assets.rb
97
+ - lib/license_finder_rails_assets/package_manager.rb
98
+ - lib/license_finder_rails_assets/rails_asset.rb
99
+ homepage: ''
100
+ licenses:
101
+ - MIT
102
+ metadata: {}
103
+ post_install_message:
104
+ rdoc_options: []
105
+ require_paths:
106
+ - lib
107
+ required_ruby_version: !ruby/object:Gem::Requirement
108
+ requirements:
109
+ - - ">="
110
+ - !ruby/object:Gem::Version
111
+ version: 2.3.3
112
+ required_rubygems_version: !ruby/object:Gem::Requirement
113
+ requirements:
114
+ - - ">="
115
+ - !ruby/object:Gem::Version
116
+ version: '0'
117
+ requirements: []
118
+ rubygems_version: 3.0.3
119
+ signing_key:
120
+ specification_version: 4
121
+ summary: Audit the OSS licenses of your applications's dependencies, even if they're
122
+ stored as rails assets like it's 2005
123
+ test_files: []