licensed 1.5.2 → 2.0.0

data/lib/licensed/shell.rb

@@ -3,16 +3,14 @@ require "open3"
 
 module Licensed
   module Shell
-    # Executes a command, returning its standard output on success. On failure,
-    # it raises an exception that contains the error output, unless
-    # `allow_failure` is true, in which case it returns an empty string.
+    # Executes a command, returning its standard output on success.
+    # On failure it raises an exception that contains the error output, unless
+    # `allow_failure` is true.
     def self.execute(cmd, *args, allow_failure: false, env: {})
       stdout, stderr, status = Open3.capture3(env, cmd, *args)
 
-      if status.success?
+      if status.success? || allow_failure
         stdout.strip
-      elsif allow_failure
-        ""
       else
         raise Error.new([cmd, *args], status.exitstatus, stderr)
       end
@@ -33,17 +31,17 @@ module Licensed
     end
 
     class Error < RuntimeError
+      attr_reader :cmd, :status, :stderr
       def initialize(cmd, status, stderr)
         super()
         @cmd = cmd
         @exitstatus = status
-        @output = stderr
+        @stderr = stderr.to_s.strip
       end
 
       def message
-        output = @output.to_s.strip
-        extra = output.empty?? "" : "\n#{output.gsub(/^/, "    ")}"
-        "command exited with status #{@exitstatus}\n  #{escape_cmd}#{extra}"
+        extra = @stderr.empty?? "" : "#{@stderr.gsub(/^/, "        ")}"
+        "'#{escape_cmd}' exited with status #{@exitstatus}\n#{extra}"
       end
 
       def escape_cmd

data/lib/licensed/sources.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+module Licensed
+  module Sources
+    require "licensed/sources/source"
+    require "licensed/sources/bower"
+    require "licensed/sources/bundler"
+    require "licensed/sources/cabal"
+    require "licensed/sources/dep"
+    require "licensed/sources/git_submodule"
+    require "licensed/sources/go"
+    require "licensed/sources/manifest"
+    require "licensed/sources/npm"
+    require "licensed/sources/pip"
+  end
+end

data/lib/licensed/{source → sources}/bower.rb

@@ -2,33 +2,28 @@
 require "json"
 
 module Licensed
-  module Source
-    class Bower
-      def self.type
-        "bower"
-      end
-
-      def initialize(config)
-        @config = config
-      end
-
+  module Sources
+    class Bower < Source
       def enabled?
         [@config.pwd.join(".bowerrc"), @config.pwd.join("bower.json")].any? do |path|
           File.exist?(path)
         end
       end
 
-      def dependencies
-        @dependencies ||= Dir.glob(bower_path.join("*/.bower.json")).map do |file|
+      def enumerate_dependencies
+        Dir.glob(bower_path.join("*/.bower.json")).map do |file|
           package = JSON.parse(File.read(file))
           path = bower_path.join(file).dirname.to_path
-          Dependency.new(path, {
-            "type"     => Bower.type,
-            "name"     => package["name"],
-            "version"  => package["version"] || package["_release"],
-            "summary"  => package["description"],
-            "homepage" => package["homepage"]
-          })
+          Dependency.new(
+            name: package["name"],
+            version: package["version"] || package["_release"],
+            path: path,
+            metadata: {
+              "type"     => Bower.type,
+              "summary"  => package["description"],
+              "homepage" => package["homepage"]
+            }
+          )
         end
       end
 

data/lib/licensed/{source → sources}/bundler.rb

@@ -5,33 +5,62 @@ rescue LoadError
 end
 
 module Licensed
-  module Source
-    class Bundler
-      GEMFILES = %w{Gemfile gems.rb}.freeze
-      DEFAULT_WITHOUT_GROUPS = %i{development test}
+  module Sources
+    class Bundler < Source
+      class MissingSpecification < Gem::BasicSpecification
+        attr_reader :name, :requirement
+        alias_method :version, :requirement
+        def initialize(name:, requirement:)
+          @name = name
+          @requirement = requirement
+        end
 
-      def self.type
-        "rubygem"
-      end
+        def dependencies
+          []
+        end
+
+        def source
+          nil
+        end
+
+        def platform; end
+        def gem_dir; end
+        def gems_dir
+          Gem.dir
+        end
+        def summary; end
+        def homepage; end
 
-      def initialize(config)
-        @config = config
+        def error
+          "could not find #{name} (#{requirement}) in any sources"
+        end
       end
 
+      GEMFILES = %w{Gemfile gems.rb}.freeze
+      DEFAULT_WITHOUT_GROUPS = %i{development test}
+
       def enabled?
+        # running a ruby-packer-built licensed exe when ruby isn't available
+        # could lead to errors if the host ruby doesn't exist
+        return false if ruby_packer? && !Licensed::Shell.tool_available?("ruby")
         defined?(::Bundler) && lockfile_path && lockfile_path.exist?
       end
 
-      def dependencies
-        @dependencies ||= with_local_configuration do
+      def enumerate_dependencies
+        with_local_configuration do
           specs.map do |spec|
-            Licensed::Dependency.new(spec.gem_dir, {
-              "type"     => Bundler.type,
-              "name"     => spec.name,
-              "version"  => spec.version.to_s,
-              "summary"  => spec.summary,
-              "homepage" => spec.homepage
-            })
+            error = spec.error if spec.respond_to?(:error)
+            Licensed::Dependency.new(
+              name: spec.name,
+              version: spec.version.to_s,
+              path: spec.gem_dir,
+              errors: Array(error),
+              metadata: {
+                "type"     => Bundler.type,
+                "summary"  => spec.summary,
+                "homepage" => spec.homepage
+              }
+            )
           end
         end
       end
@@ -66,17 +95,16 @@ module Licensed
         results.merge recursive_specs(dependency_specs, results)
       end
 
-      # Returns the specs for dependencies that pass the checks in `include?`
-      # Raises an error if the specification isn't found
+      # Returns the specs for dependencies that pass the checks in `include?`.
+      # Returns a `MissingSpecification` if a gem specification isn't found.
       def specs_for_dependencies(dependencies, source)
         included_dependencies = dependencies.select { |d| include?(d, source) }
         included_dependencies.map do |dep|
-          gem_spec(dep) || raise("Unable to find a specification for #{dep.name} (#{dep.requirement}) in any sources")
+          gem_spec(dep) || MissingSpecification.new(name: dep.name, requirement: dep.requirement)
         end
       end
 
-      # Returns a Gem::Specification for the provided gem argument.  If a
-      # Gem::Specification isn't found, an error will be raised.
+      # Returns a Gem::Specification for the provided gem argument.
       def gem_spec(dependency)
         return unless dependency
 
@@ -137,9 +165,23 @@ module Licensed
         # `gem` must be available to run `gem specification`
         return unless Licensed::Shell.tool_available?("gem")
 
-        # use `gem specification` with a clean ENV to get gem specification YAML
-        yaml = ::Bundler.with_original_env { Licensed::Shell.execute(*ruby_command_args("gem", "specification", name)) }
-        Gem::Specification.from_yaml(yaml)
+        # use `gem specification` with a clean ENV and clean Gem.dir paths
+        # to get gem specification at the right directory
+        begin
+          ::Bundler.with_original_env do
+            ::Bundler.rubygems.clear_paths
+            yaml = Licensed::Shell.execute(*ruby_command_args("gem", "specification", name))
+            spec = Gem::Specification.from_yaml(yaml)
+            # this is horrible, but it will cache the gem_dir using the clean env
+            # so that it can be used outside of this block
+            spec.gem_dir
+            spec
+          end
+        rescue Licensed::Shell::Error
+          # return nil
+        ensure
+          ::Bundler.configure
+        end
       end
 
       # Build the bundler definition
@@ -158,8 +200,7 @@ module Licensed
       # Defaults to [:development, :test] + ::Bundler.settings[:without]
       def exclude_groups
         @exclude_groups ||= begin
-          exclude = Array(@config.dig("rubygem", "without"))
-          exclude = Array(@config.dig("rubygems", "without")) if exclude.empty? # :sad:
+          exclude = Array(@config.dig("bundler", "without"))
           exclude = DEFAULT_WITHOUT_GROUPS if exclude.empty?
           exclude.uniq.map(&:to_sym)
         end
@@ -180,7 +221,7 @@ module Licensed
       # Returns the configured bundler executable to use, or "bundle" by default.
       def bundler_exe
         @bundler_exe ||= begin
-          exe = @config.dig("rubygem", "bundler_exe")
+          exe = @config.dig("bundler", "bundler_exe")
           return "bundle" unless exe
           return exe if Licensed::Shell.tool_available?(exe)
           @config.root.join(exe)
@@ -209,25 +250,9 @@ module Licensed
           # from the host filesystem
           ENV["ENCLOSE_IO_RUBYC_1ST_PASS"] = "1"
           ruby_version = Gem::ConfigMap[:ruby_version]
-
-          if Licensed::Shell.tool_available?("ruby")
-            # set the ruby version in Gem::ConfigMap to the ruby version from the host.
-            # this helps Bundler find the correct spec sources and paths
-            Gem::ConfigMap[:ruby_version] = host_ruby_version
-          else
-            # running a ruby-packer-built licensed exe when ruby and bundler aren't available
-            # is possible but could lead to errors if the host ruby version doesn't
-            # match the built executable's ruby version
-            @config.ui.warn <<~WARNING
-              Ruby wasn't found when enumerating bundler
-              dependencies using the licensed executable.  This can cause a
-              ruby mismatch between licensed and bundled dependencies and a
-              failure to find gem specifications.
-
-              If licensed is unable to find gem specifications that you believe are present,
-              please ensure that ruby and bundler are available and try again.
-            WARNING
-          end
+          # set the ruby version in Gem::ConfigMap to the ruby version from the host.
+          # this helps Bundler find the correct spec sources and paths
+          Gem::ConfigMap[:ruby_version] = host_ruby_version
         end
 
         # reset all bundler configuration

data/lib/licensed/{source → sources}/cabal.rb

@@ -2,39 +2,50 @@
 require "English"
 
 module Licensed
-  module Source
-    class Cabal
+  module Sources
+    class Cabal < Source
       DEPENDENCY_REGEX = /\s*.+?\s*/.freeze
       DEFAULT_TARGETS = %w{executable library}.freeze
 
-      def self.type
-        "cabal"
-      end
-
-      def initialize(config)
-        @config = config
-      end
-
       def enabled?
         cabal_file_dependencies.any? && ghc?
       end
 
-      def dependencies
-        @dependencies ||= package_ids.map do |id|
-          package = package_info(id)
-
+      def enumerate_dependencies
+        packages.map do |package|
           path, search_root = package_docs_dirs(package)
-          Dependency.new(path, {
-            "type"     => Cabal.type,
-            "name"     => package["name"],
-            "version"  => package["version"],
-            "summary"  => package["synopsis"],
-            "homepage" => safe_homepage(package["homepage"]),
-            "search_root" => search_root
-          })
+          Dependency.new(
+            name: package["name"],
+            version: package["version"],
+            path: path,
+            search_root: search_root,
+            errors: Array(package["error"]),
+            metadata: {
+              "type"     => Cabal.type,
+              "summary"  => package["synopsis"],
+              "homepage" => safe_homepage(package["homepage"])
+            }
+          )
         end
       end
 
+      # Returns a list of all detected packages
+      def packages
+        missing = []
+        package_ids = Set.new
+        cabal_file_dependencies.each do |target|
+          name, version = target.split(/\s/, 2)
+          package_id = cabal_package_id(name)
+          if package_id.nil?
+            missing << { "name" => name, "version" => version, "error" => "package not found" }
+          else
+            recursive_dependencies([package_id], package_ids)
+          end
+        end
+
+        package_ids.map { |id| package_info(id) }.concat(missing)
+      end
+
       # Returns the packages document directory and search root directory
       # as an array
       def package_docs_dirs(package)
@@ -64,23 +75,17 @@ module Licensed
                 .gsub(/#[^?]*\z/, "")
       end
 
-      # Returns a `Set` of the package ids for all cabal dependencies
-      def package_ids
-        recursive_dependencies(cabal_file_dependency_ids)
-      end
-
       # Recursively finds the dependencies for each cabal package.
       # Returns a `Set` containing the package names for all dependencies
       def recursive_dependencies(package_names, results = Set.new)
         return [] if package_names.nil? || package_names.empty?
 
-        new_packages = Set.new(package_names) - results.to_a
+        new_packages = Set.new(package_names) - results
         return [] if new_packages.empty?
 
         results.merge new_packages
 
         dependencies = new_packages.flat_map { |n| package_dependencies(n) }
-                                   .compact
 
         return results if dependencies.empty?
 
@@ -89,23 +94,16 @@ module Licensed
 
       # Returns an array of dependency package names for the cabal package
       # given by `id`
-      def package_dependencies(id, full_id = true)
-        package_dependencies_command(id, full_id).gsub("depends:", "")
-                                                 .split
-                                                 .map(&:strip)
+      def package_dependencies(id)
+        package_dependencies_command(id).gsub("depends:", "").split.map(&:strip)
       end
 
       # Returns the output of running `ghc-pkg field depends` for a package id
       # Optionally allows for interpreting the given id as an
       # installed package id (`--ipid`)
-      def package_dependencies_command(id, full_id)
+      def package_dependencies_command(id)
         fields = %w(depends)
-
-        if full_id
-          ghc_pkg_field_command(id, fields, "--ipid")
-        else
-          ghc_pkg_field_command(id, fields)
-        end
+        ghc_pkg_field_command(id, fields, "--ipid")
       end
 
       # Returns package information as a hash for the given id
@@ -150,11 +148,7 @@ module Licensed
         path.gsub("<ghc_version>", ghc_version)
       end
 
-      # Returns a set containing the top-level dependencies found in cabal files
-      def cabal_file_dependency_ids
-        cabal_file_dependencies.map { |target| cabal_package_id(target) }.compact
-      end
-
+      # Returns a set of the top-level dependencies found in cabal files
       def cabal_file_dependencies
         @cabal_file_dependencies ||= cabal_files.each_with_object(Set.new) do |cabal_file, targets|
           content = File.read(cabal_file)
@@ -166,7 +160,7 @@ module Licensed
             # match[1] is a string of "," separated dependencies.
             # dependency packages might have a version specifier, remove them
             # to get the full id specifier for each package
-            dependencies = match[1].split(",").map { |dep| dep.strip.split(/\s/)[0] }
+            dependencies = match[1].split(",").map(&:strip)
             targets.merge(dependencies)
           end
         end

data/lib/licensed/{source → sources}/dep.rb

@@ -2,39 +2,27 @@
 require "tomlrb"
 
 module Licensed
-  module Source
-    class Dep
-      def self.type
-        "dep"
-      end
-
-      def initialize(config)
-        @config = config
-      end
-
+  module Sources
+    class Dep < Source
       def enabled?
         go_dep_available?
       end
 
-      def dependencies
-        @dependencies ||= begin
-          packages.map do |package|
-            package_dir = @config.pwd.join("vendor", package[:name])
-            search_root = @config.pwd.join("vendor", package[:project])
-
-            unless package_dir.exist?
-              next if @config.ignored?("type" => Dep.type, "name" => package[:name])
-              raise "couldn't find package for #{package[:name]}"
-            end
+      def enumerate_dependencies
+        packages.map do |package|
+          package_dir = @config.pwd.join("vendor", package[:name])
+          search_root = @config.pwd.join("vendor", package[:project])
 
-            Dependency.new(package_dir.to_s, {
+          Dependency.new(
+            name: package[:name],
+            version: package[:version],
+            path: package_dir.to_s,
+            search_root: search_root.to_s,
+            metadata: {
               "type"        => Dep.type,
-              "name"        => package[:name],
-              "homepage"    => "https://#{package[:name]}",
-              "search_root" => search_root.to_s,
-              "version"     => package[:version]
-            })
-          end
+              "homepage"    => "https://#{package[:name]}"
+            }
+          )
         end
       end