license_finder_rails_assets 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: f60364fc048b2737c452fe56ca741a56f70f3beaee61a7eb42ff345092917b28
|
4
|
+
data.tar.gz: 10b1879822375b7ec69871b079f5c6f20acec50e372dcbc136ab824b96146931
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: f338420c1983d49c8b0cb4a2617902ebacbb07498570e0f843f0822c54c26be322c582e60a207e2320a975d5bae2dc1984c787687e783840773513d72f001ab7
|
7
|
+
data.tar.gz: cd2083e42a3242b865688e785ec0d4a095e6a051f4f92e0adbdb0f60e2733ee4e6f3004320a7246e265f1fccbb7494773b3936e6115b4332329a41814119fc29
|
data/README.md
ADDED
@@ -0,0 +1,50 @@
|
|
1
|
+
license_finder_rails_assets
|
2
|
+
===========================
|
3
|
+
|
4
|
+
This gem extends [license_finder][license_finder], making it treat local asset files as packages.
|
5
|
+
|
6
|
+
It's a bit experimental, which is why it's a gem and not a PR against
|
7
|
+
license_finder. Once it's gained some stability and 'niceness' we intended to
|
8
|
+
try to get it added to license_finder :-)
|
9
|
+
|
10
|
+
[license_finder]: https://github.com/pivotal/LicenseFinder
|
11
|
+
|
12
|
+
Installation and Usage
|
13
|
+
======================
|
14
|
+
|
15
|
+
```console
|
16
|
+
$ cd mycoolrailsapp
|
17
|
+
$ gem install license_finder_rails_assets
|
18
|
+
$ license_finder_rails_app
|
19
|
+
```
|
20
|
+
|
21
|
+
If you're using bundler to manage your dependencies:
|
22
|
+
|
23
|
+
```console
|
24
|
+
$ cd mycoolrailsapp
|
25
|
+
$ bundle add --group=development,test license_finder_rails_assets
|
26
|
+
$ bundle exec license_finder_rails_app
|
27
|
+
```
|
28
|
+
|
29
|
+
You only need to use license_finder_rails_assets to run license validation steps,
|
30
|
+
for dependency license tweaks (i.e. any of the `license`,
|
31
|
+
`ignored_dependencies`, `whitelist`, or `blacklist` commands) you can use
|
32
|
+
license_finder as normal (although license_finder_rails_assets will still work)
|
33
|
+
|
34
|
+
How it works
|
35
|
+
============
|
36
|
+
|
37
|
+
Under the hood the license_finder_rails_assets executable requires
|
38
|
+
license_finder, then appends a new package manager to the
|
39
|
+
`LicenseFinder::Scanner::PACKAGE_MANAGERS` constant (this is what causes a
|
40
|
+
warning about redefining a constant). Other than that, it just contains a normal
|
41
|
+
`LicenseFinder::PackageManager` and `LicenseFinder::Package` implementation for
|
42
|
+
rails assets.
|
43
|
+
|
44
|
+
Future work
|
45
|
+
===========
|
46
|
+
|
47
|
+
* Rather than having each file as its own dependency, try to figure out where
|
48
|
+
package boundaries lie.
|
49
|
+
* Detect license files (e.g. LICENSE, license.txt)
|
50
|
+
* Attempt to detect license declarations within comments.
|
@@ -0,0 +1,12 @@
|
|
1
|
+
require 'license_finder_rails_assets/package_manager'
|
2
|
+
require 'license_finder/scanner'
|
3
|
+
|
4
|
+
module LicenseFinder
|
5
|
+
class Scanner
|
6
|
+
PACKAGE_MANAGERS = [LicenseFinderRailsAssets::PackageManager] +
|
7
|
+
LicenseFinder::Scanner::PACKAGE_MANAGERS
|
8
|
+
end
|
9
|
+
end
|
10
|
+
|
11
|
+
module LicenseFinderRailsAssets
|
12
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
require 'license_finder'
|
2
|
+
require 'license_finder_rails_assets/rails_asset'
|
3
|
+
|
4
|
+
module LicenseFinderRailsAssets
|
5
|
+
class PackageManager < LicenseFinder::PackageManager
|
6
|
+
def possible_package_paths
|
7
|
+
[project_path.join('app/assets/javascripts'),
|
8
|
+
project_path.join('app/assets/stylesheets')]
|
9
|
+
end
|
10
|
+
|
11
|
+
def current_packages
|
12
|
+
possible_package_paths.map do |path|
|
13
|
+
find_packages_in(path)
|
14
|
+
end.flatten.compact
|
15
|
+
end
|
16
|
+
|
17
|
+
private
|
18
|
+
|
19
|
+
def find_packages_in(path)
|
20
|
+
Dir.entries(path).map do |filename|
|
21
|
+
next nil if filename == '..' || filename == '.'
|
22
|
+
|
23
|
+
fullpath = File.join(path, filename)
|
24
|
+
next RailsAsset.from_file(fullpath) if File.file?(fullpath)
|
25
|
+
|
26
|
+
if File.directory?(fullpath)
|
27
|
+
if File.exist?(File.join(fullpath, '.treat_as_package'))
|
28
|
+
RailsAsset.from_dir(fullpath)
|
29
|
+
else
|
30
|
+
find_packages_in(fullpath).flatten.compact
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
@@ -0,0 +1,33 @@
|
|
1
|
+
require 'license_finder'
|
2
|
+
require 'digest'
|
3
|
+
|
4
|
+
module LicenseFinderRailsAssets
|
5
|
+
class RailsAsset < LicenseFinder::Package
|
6
|
+
def package_manager
|
7
|
+
'Rails asset'
|
8
|
+
end
|
9
|
+
|
10
|
+
class << self
|
11
|
+
def from_file(path)
|
12
|
+
version = Digest::SHA1.hexdigest(IO.read(path))
|
13
|
+
RailsAsset.new(remove_prefix(path), version, install_path: path, package_manager: 'Rails asset')
|
14
|
+
end
|
15
|
+
|
16
|
+
def from_dir(path)
|
17
|
+
digest = Digest::SHA1.new
|
18
|
+
Dir["#{path}/**/*"].sort.each do |filename|
|
19
|
+
digest << IO.read(filename) if File.file? filename
|
20
|
+
end
|
21
|
+
version = digest.hexdigest
|
22
|
+
|
23
|
+
RailsAsset.new(remove_prefix(path), version, install_path: path, package_manager: 'Rails asset')
|
24
|
+
end
|
25
|
+
|
26
|
+
private
|
27
|
+
|
28
|
+
def remove_prefix(path)
|
29
|
+
path.sub(%r{^.*/app/assets/[^/]+/}, '')
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
33
|
+
end
|
metadata
ADDED
@@ -0,0 +1,123 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: license_finder_rails_assets
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Telyn Roat
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain: []
|
11
|
+
date: 2019-06-07 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: license_finder
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '5.8'
|
20
|
+
type: :runtime
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '5.8'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: fuubar
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '2.3'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '2.3'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: guard
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '2.15'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '2.15'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: guard-rspec
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - "~>"
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '4.7'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - "~>"
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '4.7'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: rspec
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - "~>"
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '3.8'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - "~>"
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '3.8'
|
83
|
+
description: |2
|
84
|
+
LicenseFinderRailsAssets is a plugin for LicenseFinder
|
85
|
+
that adds support for declaring licenses and decisions
|
86
|
+
for rails assets.
|
87
|
+
email:
|
88
|
+
- troat@researchbods.com
|
89
|
+
executables:
|
90
|
+
- license_finder_rails_assets
|
91
|
+
extensions: []
|
92
|
+
extra_rdoc_files: []
|
93
|
+
files:
|
94
|
+
- README.md
|
95
|
+
- bin/license_finder_rails_assets
|
96
|
+
- lib/license_finder_rails_assets.rb
|
97
|
+
- lib/license_finder_rails_assets/package_manager.rb
|
98
|
+
- lib/license_finder_rails_assets/rails_asset.rb
|
99
|
+
homepage: ''
|
100
|
+
licenses:
|
101
|
+
- MIT
|
102
|
+
metadata: {}
|
103
|
+
post_install_message:
|
104
|
+
rdoc_options: []
|
105
|
+
require_paths:
|
106
|
+
- lib
|
107
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
108
|
+
requirements:
|
109
|
+
- - ">="
|
110
|
+
- !ruby/object:Gem::Version
|
111
|
+
version: 2.3.3
|
112
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
113
|
+
requirements:
|
114
|
+
- - ">="
|
115
|
+
- !ruby/object:Gem::Version
|
116
|
+
version: '0'
|
117
|
+
requirements: []
|
118
|
+
rubygems_version: 3.0.3
|
119
|
+
signing_key:
|
120
|
+
specification_version: 4
|
121
|
+
summary: Audit the OSS licenses of your applications's dependencies, even if they're
|
122
|
+
stored as rails assets like it's 2005
|
123
|
+
test_files: []
|