license_scout 0.1.2 → 0.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 52257de820176f3967f5ccb25d3b63c0d6ab8361
-  data.tar.gz: 552b96f0d3f02afad489a574eb7ac65e94b8393b
+  metadata.gz: 83b949a77e7dcd991b2de72715882700e160e0eb
+  data.tar.gz: 0f5275681d5db4fe0f6ea19db30131a739d63de1
 SHA512:
-  metadata.gz: 224df51c2fc2c5a8215693476b6198fee5295e65032432fe51bdba97bd65ea1b9652532f6e8991a6c5efde6a069ed41901a30b5d342ade64efe300307d8d04da
-  data.tar.gz: 3bcecbde801328acc30291aa43af5768b89b37b2d50948919a5be52a99e7a5b1423bf163334006e3bae6819ddd2ed8dc20a2ed32d05f3dadb8591a1719fff4b9
+  metadata.gz: 6835e670ec069a60fee4b27e5042217c79b59470103d62a4b3c316733edcbf2e12b9bc024250bad67f0a7e6b11cb537449e74ff1a4c55d6ea66e3d61985705a3
+  data.tar.gz: bc383bdc559ad4dc050564647a14674c5667d63fcf64722dac82e201ec08c114cbc277591c9417b25b6b31a10018ec9c1774e1b5648cff9e74f426a666424a11

data/appveyor.yml

@@ -0,0 +1,19 @@
+os: Windows Server 2012 R2
+platform:
+  - x64
+
+skip_tags: true
+branches:
+  only:
+    - master
+
+install:
+  - set PATH=C:\Ruby22\bin;%PATH%
+  - appveyor DownloadFile http://curl.haxx.se/ca/cacert.pem -FileName C:\cacert.pem
+  - set SSL_CERT_FILE=C:\cacert.pem
+
+build_script:
+  - bundle install || bundle install || bundle install
+
+test_script:
+  - bundle exec rake spec

data/lib/license_scout/canonical_licenses/BSD-4-Clause.txt

@@ -0,0 +1,31 @@
+Copyright (c) <year> <owner> . All rights reserved.
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+this list of conditions and the following disclaimer in the documentation
+and/or other materials provided with the distribution.
+
+3. All advertising materials mentioning features or use of this software must
+display the following acknowledgement: This product includes software developed
+by the the organization .
+
+4. Neither the name of the copyright holder nor the names of its contributors
+may be used to endorse or promote products derived from this software without
+specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY COPYRIGHT HOLDER "AS IS" AND ANY EXPRESS OR
+IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+EVENT SHALL COPYRIGHT HOLDER BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
+IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGE.
+
+

data/lib/license_scout/canonical_licenses/ISC.txt

@@ -0,0 +1,14 @@
+ISC License (ISC)
+Copyright (c) 4-digit year, Company or Person's Name <E-mail address>
+
+Permission to use, copy, modify, and/or distribute this software for any
+purpose with or without fee is hereby granted, provided that the above
+copyright notice and this permission notice appear in all copies.
+
+THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
+REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND
+FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
+INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
+LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+PERFORMANCE OF THIS SOFTWARE.

data/lib/license_scout/canonical_licenses/MIT.txt

@@ -0,0 +1,20 @@
+MIT License
+Copyright (c) <year> <copyright holders>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/lib/license_scout/collector.rb

@@ -78,9 +78,9 @@ module LicenseScout
     end
 
     def collect_licenses_from(dependency_manager)
-      license_manifest_data[:dependency_managers][dependency_manager.name] = []
-
       dependency_manager.dependencies.each do |dep|
+        license_manifest_data[:dependency_managers][dep.dep_mgr_name] ||= []
+
         license_data = {
           name: dep.name,
           version: dep.version,
@@ -101,7 +101,7 @@ module LicenseScout
           license_data[:license_files] << output_license_filename
         end
 
-        license_manifest_data[:dependency_managers][dependency_manager.name] << license_data
+        license_manifest_data[:dependency_managers][dep.dep_mgr_name] << license_data
 
       end
     end

data/lib/license_scout/dependency.rb

@@ -16,5 +16,18 @@
 #
 
 module LicenseScout
-  Dependency = Struct.new(:name, :version, :license, :license_files)
+  Dependency = Struct.new(:name, :version, :license, :license_files, :dep_mgr_name) do
+
+    def eql?(other)
+      other.kind_of?(self.class) && other.hash == hash
+    end
+
+    # hash code for when Dependency is used as a key in a Hash or member of a
+    # Set. The implementation is somewhat naive, but will work fine if you
+    # don't go too crazy mixing different types.
+    def hash
+      [dep_mgr_name, name, version, license].hash
+    end
+
+  end
 end

data/lib/license_scout/dependency_manager/base.rb

@@ -33,13 +33,19 @@ module LicenseScout
         License.rdoc
         Licence.rdoc
         Licence.md
+        license
+        LICENCE
+        licence
         MIT-LICENSE
         MIT-LICENSE.txt
         LICENSE.MIT
+        LICENSE-MIT
+        LICENSE-MIT.txt
         LGPL-2.1
         COPYING.txt
         COPYING
         BSD_LICENSE
+        LICENSE.BSD
       }
 
       attr_reader :project_dir
@@ -50,6 +56,11 @@ module LicenseScout
         @options = options
       end
 
+      def create_dependency(dep_name, version, license, license_files, dep_mgr_name = self.name)
+        # add name of the dependency manager `name` to the dependency we are
+        # creating.
+        Dependency.new(dep_name, version, license, license_files, dep_mgr_name)
+      end
     end
   end
 end

data/lib/license_scout/dependency_manager/berkshelf.rb

@@ -78,7 +78,7 @@ module LicenseScout
             dependency_license_files = override_license_files.resolve_locations(cookbook_path)
           end
 
-          dependencies << Dependency.new(
+          dependencies << create_dependency(
             dependency_name,
             dependency_version,
             dependency_license,

data/lib/license_scout/dependency_manager/bundler.rb

@@ -93,7 +93,7 @@ module LicenseScout
             end
           end
 
-          dependencies << Dependency.new(
+          dependencies << create_dependency(
             dependency_name,
             dependency_version,
             dependency_license,

data/lib/license_scout/dependency_manager/cpan.rb

@@ -77,7 +77,8 @@ module LicenseScout
             dist,
             version,
             license,
-            license_files
+            license_files,
+            "perl_cpan"
           )
         end
 

data/lib/license_scout/dependency_manager/manual.rb

@@ -0,0 +1,67 @@
+#
+# Copyright:: Copyright 2016, Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "license_scout/dependency_manager/base"
+require "license_scout/dependency"
+require "license_scout/overrides"
+
+module LicenseScout
+  module DependencyManager
+    class Manual < Base
+      def name
+        "manual"
+      end
+
+      def detected?
+        !options.manual_licenses.nil?
+      end
+
+      def dependencies
+        validate_input!
+
+        options.manual_licenses.map do |d|
+          create_dependency(
+            d[:name],
+            d[:version],
+            d[:license],
+            resolve_license_file_locations(d[:license_files]),
+            d[:dependency_manager]
+          )
+        end
+      end
+
+      def resolve_license_file_locations(license_files)
+        LicenseScout::Overrides::OverrideLicenseSet.new(license_files)
+          .resolve_locations(project_dir)
+      end
+
+      def validate_input!
+        if !options.manual_licenses.is_a?(Array)
+          raise LicenseScout::Exceptions::InvalidManualDependency.new("Invalid manual dependency is specified. :manual_licenses should be an Array in options.")
+        end
+
+        options.manual_licenses.each do |l|
+          l.keys.each do |k|
+            if ![:name, :version, :license, :license_files, :dependency_manager].include?(k)
+              raise LicenseScout::Exceptions::InvalidManualDependency.new("Invalid manual dependency is specified. Key '#{k}' is not supported.")
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/license_scout/dependency_manager/npm.rb

@@ -0,0 +1,166 @@
+#
+# Copyright:: Copyright 2016, Chef Software Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require "set"
+require "ffi_yajl"
+require "license_scout/dependency_manager/base"
+
+module LicenseScout
+  module DependencyManager
+    class NPM < Base
+
+      def name
+        "js_npm"
+      end
+
+      def detected?
+        File.exist?(root_node_modules_path)
+      end
+
+      def dependencies
+        packages = all_package_json_files.inject(Set.new) do |package_set, package_json_file|
+          pkg_info = File.open(package_json_file) do |f|
+            FFI_Yajl::Parser.parse(f)
+          end
+
+          pkg_name = pkg_info["name"]
+          pkg_version = pkg_info["version"]
+          package_path = File.dirname(package_json_file)
+
+          license = options.overrides.license_for(name, pkg_name, pkg_version) ||
+            normalize_license_data(pkg_info["license"] || pkg_info["licence"] || pkg_info["licenses"])
+
+          override_license_files = options.overrides.license_files_for(name, pkg_name, pkg_version)
+          if override_license_files.empty?
+            license_files = find_license_files_in(package_path)
+          else
+            license_files = override_license_files.resolve_locations(package_path)
+          end
+
+          package_set << create_dependency(
+            pkg_name,
+            pkg_version,
+            license,
+            license_files
+          )
+        end
+        packages.to_a
+      end
+
+      private
+
+      # List all the package.json files in the project
+      #
+      # It would be easier to implement this with a dir glob using the `**`
+      # metacharacter, but that approach will find "fake" packages that exist
+      # as test fixtures inside a package. For example, one of our projects,
+      # the 'module-deps' package contains a file
+      # `test/files/tr_2dep_module/node_modules/g/package.json` which isn't a
+      # "real" package. Therefore we do our own looping to traverse the
+      # directories; at each step we look for `$PACKAGE_PATH/node_modules/*` to
+      # find the next level of modules. This approach can miss cases where the
+      # package authors have vendored packages in a directory not named
+      # `node_modules`, but this case is rare and doesn't have a satisfactory
+      # general solution (e.g., we cannot detect a vendored package if the
+      # package metadata is removed).
+      def all_package_json_files
+        all_files = []
+        package_dirs = [project_dir]
+        loop do
+          break if package_dirs.empty?
+
+          package_dir = package_dirs.pop
+          package_json_path = File.join(package_dir, "package.json")
+
+          all_files << package_json_path if File.exist?(package_json_path)
+
+          node_modules_dir = File.join(package_dir, "node_modules")
+          if File.exist?(node_modules_dir)
+            # Sort makes deduplication of identical deps deterministic
+            package_dirs.concat(Dir[File.join(node_modules_dir, "*")].sort)
+          end
+        end
+
+        all_files
+      end
+
+      def find_license_files_in(dir)
+        root_files = Dir["#{dir}/*"]
+        root_files.select { |f| POSSIBLE_LICENSE_FILES.include?(File.basename(f)) }
+      end
+
+      def normalize_license_data(license_metadata)
+        license_string =
+          case license_metadata
+          when nil
+            nil
+          when String
+            license_metadata
+          when Hash
+            license_metadata["type"]
+          when Array
+            if (map = license_metadata.first) && map.kind_of?(Hash) && (type = map["type"])
+              type
+            else
+              nil
+            end
+          end
+        select_best_license(license_string)
+      end
+
+      # npm packages use SPDX "expressions" for their licenses; Thus far we've
+      # only seen a single license, optional multiple licenses like "(MIT OR Apache-2.0)"
+      # or mandatory multiple licenses like "(MIT AND CC-BY-3.0)"
+      #
+      # If there are multiple options, we want to pick just one to keep it simple.
+      def select_best_license(license_string)
+        return nil if license_string.nil?
+        options = license_string.tr("(", "").tr(")", "").split(" OR ")
+        options.inject do |selected_license, license|
+          if license_rank(selected_license) < license_rank(license)
+            selected_license
+          else
+            license
+          end
+        end
+      end
+
+      # Rank licenses when selecting one of multiple options. Licenses are
+      # converted to integer scores, the lower the better.
+      #
+      # We prefer Apache-2.0 since it matches our own projects, then MIT, then
+      # BSDs. Everything else is considered equal.
+      def license_rank(license)
+        case license
+        when "Apache-2.0"
+          0
+        when "MIT"
+          1
+        when /bsd/i
+          2
+        else
+          3
+        end
+      end
+
+      def root_node_modules_path
+        File.join(project_dir, "node_modules")
+      end
+
+    end
+  end
+end

data/lib/license_scout/dependency_manager/rebar.rb

@@ -84,7 +84,7 @@ module LicenseScout
 
           license_name = options.overrides.license_for(name, dep_name, dep_version) || scan_licenses(license_files)
 
-          dep = Dependency.new(dep_name, dep_version, license_name, license_files)
+          dep = create_dependency(dep_name, dep_version, license_name, license_files)
 
           dependencies << dep
         end

data/lib/license_scout/dependency_manager.rb

@@ -19,11 +19,13 @@ require "license_scout/dependency_manager/bundler"
 require "license_scout/dependency_manager/rebar"
 require "license_scout/dependency_manager/cpan"
 require "license_scout/dependency_manager/berkshelf"
+require "license_scout/dependency_manager/npm"
+require "license_scout/dependency_manager/manual"
 
 module LicenseScout
   module DependencyManager
     def self.implementations
-      [Bundler, Rebar, CPAN, Berkshelf]
+      [Bundler, Rebar, CPAN, Berkshelf, NPM, Manual]
     end
   end
 end

data/lib/license_scout/exceptions.rb

@@ -42,6 +42,7 @@ module LicenseScout
     class InaccessibleDependency < Error; end
     class InvalidOverride < Error; end
     class InvalidOutputReport < Error; end
+    class InvalidManualDependency < Error; end
 
     class NetworkError < Error
 

data/lib/license_scout/options.rb

@@ -19,7 +19,7 @@ require "license_scout/overrides"
 
 module LicenseScout
   class Options
-    SUPPORTED_OPTIONS = [:overrides, :environment, :ruby_bin, :cpan_cache]
+    SUPPORTED_OPTIONS = [:overrides, :environment, :ruby_bin, :cpan_cache, :manual_licenses]
 
     SUPPORTED_OPTIONS.each do |o|
       self.send(:attr_reader, o)
@@ -40,6 +40,7 @@ module LicenseScout
         environment: {},
         ruby_bin: nil,
         cpan_cache: Dir.tmpdir,
+        manual_licenses: nil,
       }
     end
   end

data/lib/license_scout/overrides.rb

@@ -58,11 +58,11 @@ module LicenseScout
 
     attr_reader :override_rules
 
-    def initialize(&rules)
+    def initialize(exclude_default: false, &rules)
       @override_rules = {}
       instance_eval(&rules) if block_given?
 
-      default_overrides
+      default_overrides unless exclude_default
     end
 
     def override_license(dependency_manager, dependency_name, &rule)
@@ -91,6 +91,10 @@ module LicenseScout
       override_rules[dependency_manager][dependency_name].call(dependency_version)
     end
 
+    def canonical(shortname)
+      File.expand_path("../canonical_licenses/#{shortname}.txt", __FILE__)
+    end
+
     def default_overrides
       # Default overrides for ruby_bundler dependency manager.
       [
@@ -143,6 +147,7 @@ module LicenseScout
         ["knife-opc", "Apache-2.0", nil],
         ["highline", "Ruby", ["LICENSE"]],
         ["unicorn", "Ruby", ["LICENSE"]],
+        ["winrm-fs", "Apache-2.0", nil],
         # Overrides that require file fetching from internet
         ["sfl", "Ruby", ["https://raw.githubusercontent.com/ujihisa/spawn-for-legacy/master/LICENCE.md"]],
         ["json_pure", nil, ["https://raw.githubusercontent.com/flori/json/master/README.md"]],
@@ -189,6 +194,7 @@ module LicenseScout
         ["rails", nil, ["https://raw.githubusercontent.com/rails/rails/master/README.md"]],
         ["unicorn-rails", "MIT", ["https://raw.githubusercontent.com/samuelkadolph/unicorn-rails/master/LICENSE"]],
         ["hoe", "MIT", ["https://raw.githubusercontent.com/seattlerb/hoe/master/README.rdoc"]],
+        ["rubyzip", nil, ["https://raw.githubusercontent.com/rubyzip/rubyzip/master/README.md"]],
       ].each do |override_data|
         override_license "ruby_bundler", override_data[0] do |version|
           {}.tap do |d|
@@ -198,6 +204,7 @@ module LicenseScout
         end
       end
 
+      # chef_berkshelf
       [
         ["apt", nil, ["https://raw.githubusercontent.com/chef-cookbooks/apt/master/LICENSE"]],
         ["chef-ha-drbd", nil, ["https://raw.githubusercontent.com/chef/chef-server/master/LICENSE"]],
@@ -286,6 +293,7 @@ module LicenseScout
         end
       end
 
+      # erlang_rebar
       [
         ["sync", "MIT", ["https://raw.githubusercontent.com/rustyio/sync/11df81d196eaab2d84caa3fbe8def5d476ef79d8/src/sync.erl"]],
         ["rebar_vsn_plugin", "Apache-2.0", ["https://raw.githubusercontent.com/erlware/rebar_vsn_plugin/master/src/rebar_vsn_plugin.erl"]],
@@ -299,6 +307,10 @@ module LicenseScout
         ["rabbit_common", "MPL-2.0", ["https://raw.githubusercontent.com/muxspace/rabbit_common/master/include/rabbit_msg_store.hrl"]],
         ["uuid", "BSD-2-Clause", ["https://raw.githubusercontent.com/okeuday/uuid/master/README.markdown"]],
         ["ibrowse", "BSD-2-Clause", nil],
+        ["eunit_formatters", "Apache-2.0", ["https://raw.githubusercontent.com/seancribbs/eunit_formatters/master/README.md"]],
+        ["erlware_commons", "MIT", ["https://raw.githubusercontent.com/erlware/erlware_commons/master/COPYING"]],
+        ["getopt", "MIT", nil],
+        ["relx", "Apache-2.0", ["https://raw.githubusercontent.com/erlware/relx/master/LICENSE.md"]],
       ].each do |override_data|
         override_license "erlang_rebar", override_data[0] do |version|
           {}.tap do |d|
@@ -307,6 +319,144 @@ module LicenseScout
           end
         end
       end
+
+      # js_npm
+      [
+        ["isarray", nil, [canonical("MIT")]],
+        ["array-filter", nil, [canonical("MIT")]],
+        ["chokidar", nil, ["README.md"]],
+        ["set-immediate-shim", "MIT", ["https://raw.githubusercontent.com/sindresorhus/set-immediate-shim/master/license"]],
+        ["process-nextick-args", nil, [canonical("MIT")]],
+        ["buffer-shims", nil, [canonical("MIT")]],
+        ["brace-expansion", nil, ["README.md"]],
+        ["verror", "MIT", ["https://github.com/joyent/node-verror/blob/master/LICENSE"]],
+        # From the json-schema readme:
+        # Code is licensed under the AFL or BSD license as part of the
+        # Persevere project which is administered under the Dojo foundation,
+        # and all contributions require a Dojo CLA.
+        ["json-schema", "BSD", ["https://raw.githubusercontent.com/dojo/dojo/master/LICENSE"]],
+        ["tweetnacl", "BSD", ["https://raw.githubusercontent.com/dchest/tweetnacl-js/master/COPYING.txt"]],
+        ["assert-plus", "MIT", ["README.md"]],
+        ["sntp", "BSD-3-Clause", nil],
+        ["node-uuid", "MIT", nil],
+        ["ms", "MIT", nil],
+        ["jsonpointer", nil, ["https://raw.githubusercontent.com/janl/node-jsonpointer/master/LICENSE.md"]],
+        ["has-color", nil, ["https://raw.githubusercontent.com/chalk/supports-color/master/license"]],
+        ["generate-function", nil, ["https://github.com/mafintosh/generate-function/blob/master/LICENSE"]],
+        ["extsprintf", "MIT", nil],
+        ["debug", nil, ["README.md"]],
+        ["dashdash", nil, ["https://raw.githubusercontent.com/trentm/node-dashdash/master/LICENSE.txt"]],
+        # The link here is what's included in the readme
+        ["async-each", nil, ["https://raw.githubusercontent.com/paulmillr/mit/master/README.md"]],
+        # README on https://www.npmjs.com/package/indexof just says "MIT"
+        ["indexof", "MIT", [canonical("MIT")]],
+        ["querystring", "MIT", nil],
+        ["timers-browserify", "MIT", nil],
+        ["shell-quote", nil, ["https://raw.githubusercontent.com/substack/node-shell-quote/master/LICENSE"]],
+        ["querystring-es3", "MIT", nil],
+        ["xtend", "MIT", nil],
+        ["source-map", nil, ["https://raw.githubusercontent.com/mozilla/source-map/master/LICENSE"]],
+        ["randombytes", nil, [canonical("MIT")]],
+        ["public-encrypt", nil, [canonical("MIT")]],
+        ["parse-asn1", nil, [canonical("ISC")]],
+        ["evp_bytestokey", nil, [canonical("MIT")]],
+        ["cipher-base", nil, [canonical("MIT")]],
+        ["asn1.js", nil, ["README.md"]],
+        ["minimalistic-assert", nil, [canonical("ISC")]],
+        ["bn.js", nil, ["README.md"]],
+        ["diffie-hellman", nil, [canonical("MIT")]],
+        ["miller-rabin", nil, ["README.md"]],
+        ["brorand", nil, ["README.md"]],
+        ["create-hmac", nil, [canonical("MIT")]],
+        ["create-hash", nil, [canonical("MIT")]],
+        ["ripemd160", nil, ["https://github.com/crypto-browserify/ripemd160/blob/master/LICENSE.md"]],
+        ["create-ecdh", nil, [canonical("MIT")]],
+        ["elliptic", nil, ["README.md"]],
+        ["hash.js", nil, ["README.md"]],
+        ["adm-zip", nil, ["https://raw.githubusercontent.com/cthackers/adm-zip/master/MIT-LICENSE.txt"]],
+        ["after", "MIT", nil],
+        ["agent-base", nil, ["README.md"]],
+        ["angular-embedly", "BSD-2-Clause", nil],
+        ["angular-feature-flags", nil, ["https://mjt01.mit-license.org/"]],
+        ["angular-restmod", "MIT", nil],
+        ["angular-spinner", nil, [canonical("MIT")]],
+        ["ansi", "MIT", ["https://raw.githubusercontent.com/TooTallNate/ansi.js/master/LICENSE"]],
+        ["ansi-regex", nil, ["https://raw.githubusercontent.com/chalk/ansi-regex/master/license"]],
+        ["ansi-styles", nil, [canonical("MIT")]],
+        ["ansi_up", "MIT", ["README.md"]],
+        ["are-we-there-yet", nil, ["https://raw.githubusercontent.com/iarna/are-we-there-yet/master/LICENSE"]],
+        ["arraybuffer.slice", "MIT", ["README.md"]],
+        ["asn1", "MIT", nil],
+        ["async-foreach", "MIT", nil],
+        ["aws-sign2", "Apache-2.0", nil],
+        ["babel", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-code-frame", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-core", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-generator", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-helper-call-delegate", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-helper-define-map", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-helper-function-name", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-helper-get-function-arity", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-helper-hoist-variables", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-helper-optimise-call-expression", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-helper-regex", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-helper-replace-supers", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-helpers", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-messages", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-check-es2015-constants", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-syntax-async-functions", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-arrow-functions", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-block-scoped-functions", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-block-scoping", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-classes", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-computed-properties", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-destructuring", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-duplicate-keys", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-for-of", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-function-name", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-literals", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-modules-amd", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-modules-commonjs", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-modules-systemjs", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-modules-umd", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-object-super", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-parameters", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-shorthand-properties", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-spread", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-sticky-regex", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-template-literals", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-typeof-symbol", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-es2015-unicode-regex", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-plugin-transform-strict-mode", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-preset-es2015", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-register", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-runtime", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-template", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-traverse", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["babel-types", nil, ["https://raw.githubusercontent.com/babel/babel/master/LICENSE"]],
+        ["backo2", nil, ["https://raw.githubusercontent.com/mokesmokes/backo/master/LICENSE"]],
+        ["balanced-match", nil, ["https://raw.githubusercontent.com/juliangruber/balanced-match/master/LICENSE.md"]],
+        ["base64id", "MIT", ["https://raw.githubusercontent.com/faeldt/base64id/master/LICENSE"]],
+        ["batch", nil, ["README.md"]],
+        ["bcrypt-pbkdf", nil, [canonical("BSD-4-Clause")]],
+        ["better-assert", "MIT", ["https://raw.githubusercontent.com/tj/better-assert/master/LICENSE"]],
+        ["binary", nil, [canonical("MIT")]],
+        ["bindings", nil, ["README.md"]],
+        ["blob", "MIT", ["https://raw.githubusercontent.com/webmodules/blob/master/LICENSE"]],
+        ["bluebird", nil, ["https://github.com/petkaantonov/bluebird/blob/master/LICENSE"]],
+        ["browserify-cipher", nil, [canonical("MIT")]],
+        ["browserify-des", nil, [canonical("MIT")]],
+        ["browserify-zlib", nil, ["https://raw.githubusercontent.com/devongovett/browserify-zlib/master/LICENSE"]],
+        ["buffers", "MIT", [canonical("MIT")]],
+        ["bufferutil", nil, [canonical("MIT")]],
+      ].each do |override_data|
+        override_license "js_npm", override_data[0] do |version|
+          {}.tap do |d|
+            d[:license] = override_data[1] if override_data[1]
+            d[:license_files] = override_data[2] if override_data[2]
+          end
+        end
+      end
     end
 
   end

data/lib/license_scout/reporter.rb

@@ -36,34 +36,55 @@ module LicenseScout
       license_report = FFI_Yajl::Parser.parse(File.read(license_manifest_path))
 
       license_report["dependency_managers"].each do |dependency_manager, dependencies|
-        dependencies.each do |dependency|
-          if dependency["name"].nil? || dependency["name"].empty?
-            report << "There is a dependency with a missing name in '#{dependency_manager}'."
-          end
 
-          if dependency["version"].nil? || dependency["version"].empty?
-            report << "Dependency '#{dependency["name"]}' under '#{dependency_manager}' is missing version information."
-          end
+        ok_deps, problem_deps = 0, 0
 
-          if dependency["license"].nil? || dependency["license"].empty?
-            report << "Dependency '#{dependency["name"]}' version '#{dependency["version"]}' under '#{dependency_manager}' is missing license information."
-          end
+        dependencies.sort { |a, b| a["name"] <=> b["name"] }.each do |dependency|
+          dep_ok, problems = license_info_ok?(dependency_manager, dependency)
 
-          if dependency["license_files"].empty?
-            report << "Dependency '#{dependency["name"]}' version '#{dependency["version"]}' under '#{dependency_manager}' is missing license files information."
+          if dep_ok
+            ok_deps += 1
           else
-            dependency["license_files"].each do |license_file|
-              if !File.exist?(full_path_for(license_file))
-                report << "License file '#{license_file}' for the dependency '#{dependency["name"]}' version '#{dependency["version"]}' under '#{dependency_manager}' is missing."
-              end
-            end
+            problem_deps += 1
+            report.concat(problems)
           end
         end
+
+        if problem_deps > 0
+          report << ">> Found #{dependencies.size} dependencies for #{dependency_manager}. #{ok_deps} OK, #{problem_deps} with problems"
+        end
       end
 
       report
     end
 
+    def license_info_ok?(dependency_manager, dependency)
+      problems = []
+      if dependency["name"].nil? || dependency["name"].empty?
+        problems << "There is a dependency with a missing name in '#{dependency_manager}'."
+      end
+
+      if dependency["version"].nil? || dependency["version"].empty?
+        problems << "Dependency '#{dependency["name"]}' under '#{dependency_manager}' is missing version information."
+      end
+
+      if dependency["license"].nil? || dependency["license"].empty?
+        problems << "Dependency '#{dependency["name"]}' version '#{dependency["version"]}' under '#{dependency_manager}' is missing license information."
+      end
+
+      if dependency["license_files"].empty?
+        problems << "Dependency '#{dependency["name"]}' version '#{dependency["version"]}' under '#{dependency_manager}' is missing license files information."
+      else
+        dependency["license_files"].each do |license_file|
+          if !File.exist?(full_path_for(license_file))
+            problems << "License file '#{license_file}' for the dependency '#{dependency["name"]}' version '#{dependency["version"]}' under '#{dependency_manager}' is missing."
+          end
+        end
+      end
+
+      [ problems.empty?, problems ]
+    end
+
     def find_license_manifest!
       if !File.exist?(output_directory)
         raise LicenseScout::Exceptions::InvalidOutputReport.new("Output directory '#{output_directory}' does not exist.")

data/lib/license_scout/version.rb

@@ -16,5 +16,5 @@
 #
 
 module LicenseScout
-  VERSION = "0.1.2"
+  VERSION = "0.1.3"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: license_scout
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.3
 platform: ruby
 authors:
 - Serdar Sutay
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-09-01 00:00:00.000000000 Z
+date: 2016-09-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ffi-yajl
@@ -138,9 +138,13 @@ files:
 - LICENSE
 - README.md
 - Rakefile
+- appveyor.yml
 - bin/config_to_json
 - bin/license_scout
 - lib/license_scout.rb
+- lib/license_scout/canonical_licenses/BSD-4-Clause.txt
+- lib/license_scout/canonical_licenses/ISC.txt
+- lib/license_scout/canonical_licenses/MIT.txt
 - lib/license_scout/collector.rb
 - lib/license_scout/dependency.rb
 - lib/license_scout/dependency_manager.rb
@@ -151,6 +155,8 @@ files:
 - lib/license_scout/dependency_manager/bundler/_bundler_script.rb
 - lib/license_scout/dependency_manager/cpan.rb
 - lib/license_scout/dependency_manager/json/README.md
+- lib/license_scout/dependency_manager/manual.rb
+- lib/license_scout/dependency_manager/npm.rb
 - lib/license_scout/dependency_manager/rebar.rb
 - lib/license_scout/exceptions.rb
 - lib/license_scout/license_file_analyzer.rb