licensed 0.11.1 → 1.0.0

data/lib/licensed/dependency.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require "licensee"
 
 module Licensed
@@ -11,9 +12,9 @@ module Licensed
       @path = path
       @search_root = metadata.delete("search_root")
 
-      # with licensee now providing license_file[:dir],
+      # with licensee providing license_file[:dir],
       # enforcing absolute paths makes life much easier when determining
-      # an absolute file path in notices\
+      # an absolute file path in notices
       unless Pathname.new(path).absolute?
         raise "Dependency path #{path} must be absolute"
       end
@@ -21,10 +22,14 @@ module Licensed
       super metadata
     end
 
+    # Returns a Licensee::Projects::FSProject for the dependency path
     def project
       @project ||= Licensee::Projects::FSProject.new(path, search_root: search_root, detect_packages: true, detect_readme: true)
     end
 
+    # Detects license information and sets it on this dependency object.
+    #  After calling `detect_license!``, the license is set at
+    # `dependency["license"]` and legal text is set to `dependency.text`
     def detect_license!
       self["license"] = license_key
       self.text = ([license_text] + self.notices).compact.join("\n" + "-" * 80 + "\n")
@@ -35,6 +40,7 @@ module Licensed
       local_files.uniq.map { |f| File.read(f) }
     end
 
+    # Returns an array of file paths used to locate legal notices
     def local_files
       return [] unless Dir.exist?(path)
 

data/lib/licensed/git.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+module Licensed
+  module Git
+    class << self
+      # Returns whether git commands are available
+      def available?
+        @git ||= Licensed::Shell.tool_available?("git")
+      end
+
+      def repository_root
+        return unless available?
+        @root ||= Pathname.new(Licensed::Shell.execute("git", "rev-parse", "--show-toplevel"))
+      end
+
+      # Returns the most recent git SHA for a file or directory
+      # or nil if SHA is not available
+      #
+      # descriptor - file or directory to retrieve latest SHA for
+      def version(descriptor)
+        return unless available? && descriptor
+
+        dir = File.directory?(descriptor) ? descriptor : File.dirname(descriptor)
+        file = File.directory?(descriptor) ? "." : File.basename(descriptor)
+
+        Dir.chdir dir do
+          Licensed::Shell.execute("git", "rev-list", "-1", "HEAD", "--", file)
+        end
+      end
+
+      # Returns the commit date for the provided SHA as a timestamp
+      #
+      # sha - commit sha to retrieve date
+      def commit_date(sha)
+        return unless available? && sha
+        Licensed::Shell.execute("git", "show", "-s", "-1", "--format=%ct", sha)
+      end
+    end
+  end
+end

data/lib/licensed/license.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require "yaml"
 require "fileutils"
 require "forwardable"

data/lib/licensed/shell.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+require "open3"
+
+module Licensed
+  module Shell
+    # Executes a command, returning it's STDOUT on success.  Returns an empty
+    # string on failure
+    def self.execute(cmd, *args)
+      output, _, status = Open3.capture3(cmd, *args)
+      return "" unless status.success?
+      output.strip
+    end
+
+    # Executes a command and returns a boolean value indicating if the command
+    # was succesful
+    def self.success?(cmd, *args)
+      _, _, status = Open3.capture3(cmd, *args)
+      status.success?
+    end
+
+    # Returns a boolean indicating whether a CLI tool is available in the
+    # current environment
+    def self.tool_available?(tool)
+      output, err, status = Open3.capture3("which", tool)
+      status.success? && !output.strip.empty? && err.strip.empty?
+    end
+  end
+end

data/lib/licensed/source/bower.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require "json"
 
 module Licensed
@@ -33,6 +34,7 @@ module Licensed
         end
       end
 
+      # Returns a parsed ".bowerrc" configuration, or an empty hash if not found
       def bower_config
         @bower_config ||= begin
           path = @config.pwd.join(".bowerrc")
@@ -40,6 +42,8 @@ module Licensed
         end
       end
 
+      # Returns the expected path to bower components.
+      # Note this does not validate that the returned path is valid
       def bower_path
         pwd = bower_config["cwd"] ? Pathname.new(bower_config["cwd"]).expand_path : @config.pwd
         pwd.join bower_config["directory"] || "bower_components"

data/lib/licensed/source/bundler.rb

@@ -1,3 +1,4 @@
+# frozen_string_literal: true
 require "bundler"
 
 module Licensed
@@ -32,14 +33,17 @@ module Licensed
         @definition ||= ::Bundler::Definition.build(gemfile_path, lockfile_path, nil)
       end
 
+      # Returns the bundle definition groups, excluding test and development
       def groups
         definition.groups - [:test, :development]
       end
 
+      # Returns the expected path to the Bundler Gemfile
       def gemfile_path
         @config.pwd.join ::Bundler.default_gemfile.basename.to_s
       end
 
+      # Returns the expected path to the Bundler Gemfile.lock
       def lockfile_path
         @config.pwd.join ::Bundler.default_lockfile.basename.to_s
       end

data/lib/licensed/source/cabal.rb

@@ -1,4 +1,5 @@
-require 'English'
+# frozen_string_literal: true
+require "English"
 
 module Licensed
   module Source
@@ -8,7 +9,7 @@ module Licensed
       end
 
       def type
-        'cabal'
+        "cabal"
       end
 
       def enabled?
@@ -21,47 +22,53 @@ module Licensed
 
           path, search_root = package_docs_dirs(package)
           Dependency.new(path, {
-            'type'     => type,
-            'name'     => package['name'],
-            'version'  => package['version'],
-            'summary'  => package['synopsis'],
-            'homepage' => safe_homepage(package['homepage']),
-            'search_root' => search_root
+            "type"     => type,
+            "name"     => package["name"],
+            "version"  => package["version"],
+            "summary"  => package["synopsis"],
+            "homepage" => safe_homepage(package["homepage"]),
+            "search_root" => search_root
           })
         end
       end
 
+      # Returns the packages document directory and search root directory
+      # as an array
       def package_docs_dirs(package)
-        unless package['haddock-html']
+        unless package["haddock-html"]
           # default to a local vendor directory if haddock-html property
           # isn't available
-          return [File.join(@config.pwd, 'vendor', package['name']), nil]
+          return [File.join(@config.pwd, "vendor", package["name"]), nil]
         end
 
-        html_dir = package['haddock-html']
-        data_dir = package['data-dir']
+        html_dir = package["haddock-html"]
+        data_dir = package["data-dir"]
         return [html_dir, nil] unless data_dir
 
-        # don't use a search root that isn't an ancestor of the haddock-html dir
-        unless Pathname.new(html_dir).fnmatch?(File.join(data_dir, '**'))
+        # only allow data directories that are ancestors of the html directory
+        unless Pathname.new(html_dir).fnmatch?(File.join(data_dir, "**"))
           data_dir = nil
         end
 
         [html_dir, data_dir]
       end
 
+      # Returns a homepage url that enforces https and removes url fragments
       def safe_homepage(homepage)
         return unless homepage
         # use https and remove url fragment
-        homepage.gsub(/http:/, 'https:')
-                .gsub(/#[^?]*\z/, '')
+        homepage.gsub(/http:/, "https:")
+                .gsub(/#[^?]*\z/, "")
       end
 
+      # Returns a `Set` of the package ids for all cabal dependencies
       def package_ids
         deps = cabal_packages.flat_map { |n| package_dependencies(n, false) }
         recursive_dependencies(deps)
       end
 
+      # Recursively finds the dependencies for each cabal package.
+      # Returns a `Set` containing the package names for all dependencies
       def recursive_dependencies(package_names, results = Set.new)
         return [] if package_names.nil? || package_names.empty?
 
@@ -78,37 +85,70 @@ module Licensed
         results.merge recursive_dependencies(dependencies, results)
       end
 
+      # Returns an array of dependency package names for the cabal package
+      # given by `id`
       def package_dependencies(id, full_id = true)
-        package_dependencies_command(id, full_id).gsub('depends:', '')
+        package_dependencies_command(id, full_id).gsub("depends:", "")
                                                  .split
                                                  .map(&:strip)
       end
 
+      # Returns the output of running `ghc-pkg field depends` for a package id
+      # Optionally allows for interpreting the given id as an
+      # installed package id (`--ipid`)
       def package_dependencies_command(id, full_id)
-        args = full_id ? '--ipid' : ''
         fields = %w(depends)
 
-        ghc_pkg_field_command(id, fields, args)
+        if full_id
+          ghc_pkg_field_command(id, fields, "--ipid")
+        else
+          ghc_pkg_field_command(id, fields)
+        end
       end
 
+      # Returns package information as a hash for the given id
       def package_info(id)
         package_info_command(id).lines.each_with_object({}) do |line, info|
-          key, value = line.split(':', 2).map(&:strip)
+          key, value = line.split(":", 2).map(&:strip)
           next unless key && value
 
           info[key] = value
         end
       end
 
+      # Returns the output of running `ghc-pkg field` to obtain package information
       def package_info_command(id)
         fields = %w(name version synopsis homepage haddock-html data-dir)
-        ghc_pkg_field_command(id, fields, '--ipid')
+        ghc_pkg_field_command(id, fields, "--ipid")
       end
 
+      # Runs a `ghc-pkg field` command for a given set of fields and arguments
+      # Automatically includes ghc package DB locations in the command
       def ghc_pkg_field_command(id, fields, *args)
-        `ghc-pkg field #{id} #{fields.join(',')} #{args.join(' ')}`
+        Licensed::Shell.execute("ghc-pkg", "field", id, fields.join(","), *args, *package_db_args)
+      end
+
+      # Returns an array of ghc package DB locations as specified in the app
+      # configuration
+      def package_db_args
+        return [] unless @config["cabal"]
+        Array(@config["cabal"]["ghc_package_db"]).map do |path|
+          next "--#{path}" if %w(global user).include?(path)
+          path = realized_ghc_package_path(path)
+          path = File.expand_path(path, @config.pwd)
+
+          next unless File.exist?(path)
+          "--package-db=#{path}"
+        end.compact
       end
 
+      # Returns a ghc package path with template markers replaced by live
+      # data
+      def realized_ghc_package_path(path)
+        path.gsub("<ghc_version>", ghc_version)
+      end
+
+      # Return an array of the top-level cabal packages for the current app
       def cabal_packages
         cabal_files.map do |f|
           name_match = File.read(f).match(/^name:\s*(.*)$/)
@@ -116,12 +156,20 @@ module Licensed
         end.compact
       end
 
+      # Returns an array of the local directory cabal package files
       def cabal_files
-        @cabal_files ||= Dir.glob(File.join(@config.pwd, '*.cabal'))
+        @cabal_files ||= Dir.glob(File.join(@config.pwd, "*.cabal"))
+      end
+
+      # Returns the ghc cli tool version
+      def ghc_version
+        return unless ghc?
+        @version ||= Licensed::Shell.execute("ghc", "--numeric-version")
       end
 
+      # Returns whether the ghc cli tool is available
       def ghc?
-        @ghc = `which ghc 2>/dev/null` && $CHILD_STATUS.success?
+        @ghc ||= Licensed::Shell.tool_available?("ghc")
       end
     end
   end

data/lib/licensed/source/go.rb

@@ -1,5 +1,6 @@
-require 'json'
-require 'English'
+# frozen_string_literal: true
+require "json"
+require "English"
 
 module Licensed
   module Source
@@ -9,7 +10,7 @@ module Licensed
       end
 
       def type
-        'go'
+        "go"
       end
 
       def enabled?
@@ -22,18 +23,18 @@ module Licensed
           import_path = non_vendored_import_path(package_name)
 
           if package.empty?
-            next if @config.ignored?('type' => type, 'name' => package_name)
+            next if @config.ignored?("type" => type, "name" => package_name)
             raise "couldn't find package for #{import_path}"
           end
 
-          package_dir = package['Dir']
+          package_dir = package["Dir"]
           Dependency.new(package_dir, {
-            'type'        => type,
-            'name'        => import_path,
-            'summary'     => package['Doc'],
-            'homepage'    => homepage(import_path),
-            'search_root' => search_root(package_dir),
-            'version'     => package_version(package_dir)
+            "type"        => type,
+            "name"        => import_path,
+            "summary"     => package["Doc"],
+            "homepage"    => homepage(import_path),
+            "search_root" => search_root(package_dir),
+            "version"     => Licensed::Git.version(package_dir)
           })
         end.compact
       end
@@ -50,14 +51,14 @@ module Licensed
 
       # Returns an array of dependency package import paths
       def packages
-        return [] unless root_package['Deps']
+        return [] unless root_package["Deps"]
 
         # don't include go std packages
         # don't include packages under the root project that aren't vendored
-        root_package['Deps']
+        root_package["Deps"]
           .uniq
           .select { |d| !go_std_packages.include?(d) }
-          .select { |d| !d.start_with?(root_package['ImportPath']) || vendored_path?(d) }
+          .select { |d| !d.start_with?(root_package["ImportPath"]) || vendored_path?(d) }
       end
 
       # Returns the root directory to search for a package license
@@ -68,18 +69,8 @@ module Licensed
         # 1. vendor folder if package is vendored
         # 2. GOPATH
         # 3. nil (no search up directory hierarchy)
-        return package_dir.match('^(.*/vendor)/.*$')[1] if vendored_path?(package_dir)
-        ENV.fetch('GOPATH', nil)
-      end
-
-      # Returns the most recent git SHA for a package, or nil if SHA is
-      # not available
-      #
-      # package_directory - package location
-      def package_version(package_directory)
-        return unless git? && package_directory
-
-        `cd #{package_directory} && git rev-list -1 HEAD -- .`.strip
+        return package_dir.match("^(.*/vendor)/.*$")[1] if vendored_path?(package_dir)
+        ENV.fetch("GOPATH", nil)
       end
 
       # Returns whether a package is vendored or not based on the package
@@ -87,7 +78,7 @@ module Licensed
       #
       # path - Package path to test
       def vendored_path?(path)
-        path && path.include?('vendor/')
+        path && path.include?("vendor/")
       end
 
       # Returns the import path parameter without the vendor component
@@ -96,7 +87,7 @@ module Licensed
       def non_vendored_import_path(import_path)
         return unless import_path
         return import_path unless vendored_path?(import_path)
-        import_path.split('vendor/')[1]
+        import_path.split("vendor/")[1]
       end
 
       # Returns package information, or {} if package isn't found
@@ -112,7 +103,8 @@ module Licensed
       #
       # package - Go package import path
       def package_info_command(package)
-        `go list -json #{package}`
+        package ||= ""
+        Licensed::Shell.execute("go", "list", "-json", package)
       end
 
       # Returns the info for the package under test
@@ -122,17 +114,12 @@ module Licensed
 
       # Returns whether go source is found
       def go_source?
-        @go_source ||= `go doc 2>/dev/null` && $CHILD_STATUS.success?
+        @go_source ||= Licensed::Shell.success?("go", "doc")
       end
 
       # Returns a list of go standard packages
       def go_std_packages
-        @std_packages ||= `go list std`.lines.map(&:strip)
-      end
-
-      # Returns whether git commands are available
-      def git?
-        @git ||= `which git 2>/dev/null` && $CHILD_STATUS.success?
+        @std_packages ||= Licensed::Shell.execute("go", "list", "std").lines.map(&:strip)
       end
     end
   end