licensed 2.11.1 → 2.12.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 22d2a3480b9386c6041c7ab17c90ca28ffedfb58f802974c9e7a4aef6c017919
4
- data.tar.gz: c441684e72e0bdc85f55da6e34181758902226dd89f4abf844b6a8cb5c8c9907
3
+ metadata.gz: afbd8f703d5b7724edb93a6d0e3ceb9126093096bb89b030d4dffda4534edd21
4
+ data.tar.gz: 0f8c3628e2f3acaa95d5b473bad661114414ac913d5d4e3bbf5285022c53e0bb
5
5
  SHA512:
6
- metadata.gz: 11527ca53a55700ec9626fe8d625ada1539453e53482d4d75394ef8115d79f2ee697f93fbc200eed6dbb0f76dde2138b6874dfd5de7c01ff10fc78c669374b8b
7
- data.tar.gz: b24cedd6ab775e54c0fa503ca79e0ad93eef0f19ae15199aac3db66f891dbf8f71c98bc4fc58dff167e606be589ffee25ccf827da4ca5892b95ae25e356cdb5e
6
+ metadata.gz: 195e11d0186008c361a18b35230130b1b8b2b6e2b91551fb4939de9c505650145b99f070ea5c5c2371de5d3d2fb272bd99585d4695c47a38df300641cae9960c
7
+ data.tar.gz: b0761f05fe26cf972c4ec7497a317e109b91d5101006c9fad678b8917333f38784290953257a7e2f529d2c830c3bff004f614f272ed423685592cc90cc94f117
@@ -6,6 +6,15 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## 2.12.0
10
+ 2020-06-19
11
+
12
+ ### Added
13
+ - `--sources` argument for cache, list, status and notices commands to filter running sources (https://github.com/github/licensed/pull/287)
14
+
15
+ ### Fixed
16
+ - `cache` command will not remove files outside of enabled source cache paths (https://github.com/github/licensed/pull/287)
17
+
9
18
  ## 2.11.1
10
19
  2020-06-09
11
20
 
@@ -6,10 +6,14 @@ Run `licensed -h` to see help content for running licensed commands.
6
6
 
7
7
  Running the list command finds the dependencies for all sources in all configured applications. No additional actions are taken on each dependency.
8
8
 
9
+ An optional `--sources` flag can be given to limit which dependency sources are run. This is a filter over sources that are enabled via the licensed configuration file and cannot be used to run licensed with a disabled source.
10
+
9
11
  ## `cache`
10
12
 
11
13
  The cache command finds all dependencies and ensures that each dependency has an up-to-date cached record.
12
14
 
15
+ An optional `--sources` flag can be given to limit which dependency sources are run. This is a filter over sources that are enabled via the licensed configuration file and cannot be used to run licensed with a disabled source.
16
+
13
17
  Dependency records will be saved if:
14
18
  1. The `force` option is set
15
19
  2. No cached record is found
@@ -22,6 +26,8 @@ After the cache command is run, any cached records that don't match up to a curr
22
26
 
23
27
  The status command finds all dependencies and checks whether each dependency has a valid cached record.
24
28
 
29
+ An optional `--sources` flag can be given to limit which dependency sources are run. This is a filter over sources that are enabled via the licensed configuration file and cannot be used to run licensed with a disabled source.
30
+
25
31
  A dependency will fail the status checks if:
26
32
  1. No cached record is found
27
33
  2. The cached record's version is different than the current dependency's version
@@ -35,6 +41,8 @@ A dependency will fail the status checks if:
35
41
 
36
42
  Outputs license and notice text for all dependencies in each app into a `NOTICE` file in the app's `cache_path`. If an app uses a shared cache path, the file name will contain the app name as well, e.g. `NOTICE.my_app`.
37
43
 
44
+ An optional `--sources` flag can be given to limit which dependency sources are run. This is a filter over sources that are enabled via the licensed configuration file and cannot be used to run licensed with a disabled source.
45
+
38
46
  The `NOTICE` file contents are retrieved from cached records, with the assumption that cached records have already been reviewed in a compliance workflow.
39
47
 
40
48
  ## `env`
@@ -10,29 +10,41 @@ module Licensed
10
10
  desc: "Overwrite licenses even if version has not changed."
11
11
  method_option :config, aliases: "-c", type: :string,
12
12
  desc: "Path to licensed configuration file"
13
+ method_option :sources, aliases: "-s", type: :array,
14
+ desc: "Individual source(s) to evaluate. Must also be enabled via configuration."
13
15
  def cache
14
- run Licensed::Commands::Cache.new(config: config), force: options[:force]
16
+ run Licensed::Commands::Cache.new(config: config),
17
+ { force: options[:force], sources: options[:sources] }
15
18
  end
16
19
 
17
20
  desc "status", "Check status of dependencies' cached licenses"
18
21
  method_option :config, aliases: "-c", type: :string,
19
22
  desc: "Path to licensed configuration file"
23
+ method_option :sources, aliases: "-s", type: :array,
24
+ desc: "Individual source(s) to evaluate. Must also be enabled via configuration."
20
25
  def status
21
- run Licensed::Commands::Status.new(config: config)
26
+ run Licensed::Commands::Status.new(config: config),
27
+ { sources: options[:sources] }
22
28
  end
23
29
 
24
30
  desc "list", "List dependencies"
25
31
  method_option :config, aliases: "-c", type: :string,
26
32
  desc: "Path to licensed configuration file"
33
+ method_option :sources, aliases: "-s", type: :array,
34
+ desc: "Individual source(s) to evaluate. Must also be enabled via configuration."
27
35
  def list
28
- run Licensed::Commands::List.new(config: config)
36
+ run Licensed::Commands::List.new(config: config),
37
+ { sources: options[:sources] }
29
38
  end
30
39
 
31
40
  desc "notices", "Generate a NOTICE file from cached records"
32
41
  method_option :config, aliases: "-c", type: :string,
33
42
  desc: "Path to licensed configuration file"
43
+ method_option :sources, aliases: "-s", type: :array,
44
+ desc: "Individual source(s) to evaluate. Must also be enabled via configuration."
34
45
  def notices
35
- run Licensed::Commands::Notices.new(config: config)
46
+ run Licensed::Commands::Notices.new(config: config),
47
+ { sources: options[:sources] }
36
48
  end
37
49
 
38
50
  map "-v" => :version
@@ -32,19 +32,26 @@ module Licensed
32
32
 
33
33
  protected
34
34
 
35
- # Run the command for all enabled sources for an application configuration,
35
+ # Run the command for all enumerated dependencies found in a dependency source,
36
36
  # recording results in a report.
37
+ # Enumerating dependencies in the source is skipped if a :sources option
38
+ # is provided and the evaluated `source.class.type` is not in the :sources values
37
39
  #
38
- # app - An application configuration
40
+ # app - The application configuration for the source
41
+ # source - A dependency source enumerator
39
42
  #
40
- # Returns whether the command succeeded for the application.
41
- def run_app(app)
42
- result = super
43
-
44
- # add the full cache path to the list of cache paths evaluted during this run
45
- cache_paths << app.cache_path
43
+ # Returns whether the command succeeded for the dependency source enumerator
44
+ def run_source(app, source)
45
+ super do |report|
46
+ if Array(options[:sources]).any? && !options[:sources].include?(source.class.type)
47
+ report.warnings << "skipped source"
48
+ next :skip
49
+ end
46
50
 
47
- result
51
+ # add the full cache path to the list of cache paths
52
+ # that should be cleaned up after the command run
53
+ cache_paths << app.cache_path.join(source.class.type)
54
+ end
48
55
  end
49
56
 
50
57
  # Cache dependency record data.
@@ -21,7 +21,9 @@ module Licensed
21
21
  begin
22
22
  result = reporter.report_run(self) do |report|
23
23
  # allow additional report data to be given by commands
24
- yield report if block_given?
24
+ if block_given?
25
+ next if (yield report) == :skip
26
+ end
25
27
 
26
28
  config.apps.sort_by { |app| app["name"] }
27
29
  .map { |app| run_app(app) }
@@ -57,7 +59,9 @@ module Licensed
57
59
  Dir.chdir app.source_path do
58
60
  begin
59
61
  # allow additional report data to be given by commands
60
- yield report if block_given?
62
+ if block_given?
63
+ next if (yield report) == :skip
64
+ end
61
65
 
62
66
  app.sources.select(&:enabled?)
63
67
  .sort_by { |source| source.class.type }
@@ -81,7 +85,9 @@ module Licensed
81
85
  reporter.report_source(source) do |report|
82
86
  begin
83
87
  # allow additional report data to be given by commands
84
- yield report if block_given?
88
+ if block_given?
89
+ next if (yield report) == :skip
90
+ end
85
91
 
86
92
  source.dependencies.sort_by { |dependency| dependency.name }
87
93
  .map { |dependency| run_dependency(app, source, dependency) }
@@ -114,7 +120,9 @@ module Licensed
114
120
 
115
121
  begin
116
122
  # allow additional report data to be given by commands
117
- yield report if block_given?
123
+ if block_given?
124
+ next if (yield report) == :skip
125
+ end
118
126
 
119
127
  evaluate_dependency(app, source, dependency, report)
120
128
  rescue Licensed::Shell::Error => err
@@ -13,6 +13,25 @@ module Licensed
13
13
 
14
14
  protected
15
15
 
16
+ # Run the command for all enumerated dependencies found in a dependency source,
17
+ # recording results in a report.
18
+ # Enumerating dependencies in the source is skipped if a :sources option
19
+ # is provided and the evaluated `source.class.type` is not in the :sources values
20
+ #
21
+ # app - The application configuration for the source
22
+ # source - A dependency source enumerator
23
+ #
24
+ # Returns whether the command succeeded for the dependency source enumerator
25
+ def run_source(app, source)
26
+ super do |report|
27
+ next if Array(options[:sources]).empty?
28
+ next if options[:sources].include?(source.class.type)
29
+
30
+ report.warnings << "skipped source"
31
+ :skip
32
+ end
33
+ end
34
+
16
35
  # Listing dependencies requires no extra work.
17
36
  #
18
37
  # app - The application configuration for the dependency
@@ -13,6 +13,25 @@ module Licensed
13
13
 
14
14
  protected
15
15
 
16
+ # Run the command for all enumerated dependencies found in a dependency source,
17
+ # recording results in a report.
18
+ # Enumerating dependencies in the source is skipped if a :sources option
19
+ # is provided and the evaluated `source.class.type` is not in the :sources values
20
+ #
21
+ # app - The application configuration for the source
22
+ # source - A dependency source enumerator
23
+ #
24
+ # Returns whether the command succeeded for the dependency source enumerator
25
+ def run_source(app, source)
26
+ super do |report|
27
+ next if Array(options[:sources]).empty?
28
+ next if options[:sources].include?(source.class.type)
29
+
30
+ report.warnings << "skipped source"
31
+ :skip
32
+ end
33
+ end
34
+
16
35
  # Load stored dependency record data to add to the notices report.
17
36
  #
18
37
  # app - The application configuration for the dependency
@@ -25,7 +44,7 @@ module Licensed
25
44
  filename = app.cache_path.join(source.class.type, "#{dependency.name}.#{DependencyRecord::EXTENSION}")
26
45
  report["cached_record"] = Licensed::DependencyRecord.read(filename)
27
46
  if !report["cached_record"]
28
- report["warning"] = "expected cached record not found at #{filename}"
47
+ report.warnings << "expected cached record not found at #{filename}"
29
48
  end
30
49
 
31
50
  true
@@ -15,6 +15,25 @@ module Licensed
15
15
 
16
16
  protected
17
17
 
18
+ # Run the command for all enumerated dependencies found in a dependency source,
19
+ # recording results in a report.
20
+ # Enumerating dependencies in the source is skipped if a :sources option
21
+ # is provided and the evaluated `source.class.type` is not in the :sources values
22
+ #
23
+ # app - The application configuration for the source
24
+ # source - A dependency source enumerator
25
+ #
26
+ # Returns whether the command succeeded for the dependency source enumerator
27
+ def run_source(app, source)
28
+ super do |report|
29
+ next if Array(options[:sources]).empty?
30
+ next if options[:sources].include?(source.class.type)
31
+
32
+ report.warnings << "skipped source"
33
+ :skip
34
+ end
35
+ end
36
+
18
37
  # Verifies that a cached record exists, is up to date and
19
38
  # has license data that complies with the licensed configuration.
20
39
  #
@@ -28,6 +28,22 @@ module Licensed
28
28
  shell.info " #{source.class.type}"
29
29
  result = yield report
30
30
 
31
+ warning_reports = report.all_reports.select { |r| r.warnings.any? }.to_a
32
+ if warning_reports.any?
33
+ shell.newline
34
+ shell.warn " * Warnings:"
35
+ warning_reports.each do |r|
36
+ display_metadata = r.map { |k, v| "#{k}: #{v}" }.join(", ")
37
+
38
+ shell.warn " * #{r.name}"
39
+ shell.warn " #{display_metadata}" unless display_metadata.empty?
40
+ r.warnings.each do |warning|
41
+ shell.warn " - #{warning}"
42
+ end
43
+ shell.newline
44
+ end
45
+ end
46
+
31
47
  errored_reports = report.all_reports.select { |r| r.errors.any? }.to_a
32
48
  if errored_reports.any?
33
49
  shell.newline
@@ -33,6 +33,26 @@ module Licensed
33
33
  end
34
34
  end
35
35
 
36
+
37
+ # Reports on a dependency source enumerator in a notices command run.
38
+ # Shows warnings encountered during the run.
39
+ #
40
+ # source - A dependency source enumerator
41
+ #
42
+ # Returns the result of the yielded method
43
+ # Note - must be called from inside the `report_run` scope
44
+ def report_source(source)
45
+ super do |report|
46
+ result = yield report
47
+
48
+ report.warnings.each do |warning|
49
+ shell.warn "* #{report.name}: #{warning}"
50
+ end
51
+
52
+ result
53
+ end
54
+ end
55
+
36
56
  # Reports on a dependency in a notices command run.
37
57
  #
38
58
  # dependency - An application dependency
@@ -42,7 +62,9 @@ module Licensed
42
62
  def report_dependency(dependency)
43
63
  super do |report|
44
64
  result = yield report
45
- shell.warn "* #{report["warning"]}" if report["warning"]
65
+ report.warnings.each do |warning|
66
+ shell.warn "* #{report.name}: #{warning}"
67
+ end
46
68
  result
47
69
  end
48
70
  end
@@ -15,6 +15,23 @@ module Licensed
15
15
  result = yield report
16
16
 
17
17
  all_reports = report.all_reports
18
+
19
+ warning_reports = all_reports.select { |r| r.warnings.any? }.to_a
20
+ if warning_reports.any?
21
+ shell.newline
22
+ shell.warn "Warnings:"
23
+ warning_reports.each do |r|
24
+ display_metadata = r.map { |k, v| "#{k}: #{v}" }.join(", ")
25
+
26
+ shell.warn "* #{r.name}"
27
+ shell.warn " #{display_metadata}" unless display_metadata.empty?
28
+ r.warnings.each do |warning|
29
+ shell.warn " - #{warning}"
30
+ end
31
+ shell.newline
32
+ end
33
+ end
34
+
18
35
  errored_reports = all_reports.select { |r| r.errors.any? }.to_a
19
36
 
20
37
  dependency_count = all_reports.select { |r| r.target.is_a?(Licensed::Dependency) }.size
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
  module Licensed
3
- VERSION = "2.11.1".freeze
3
+ VERSION = "2.12.0".freeze
4
4
 
5
5
  def self.previous_major_versions
6
6
  major_version = Gem::Version.new(Licensed::VERSION).segments.first
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: licensed
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.11.1
4
+ version: 2.12.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-06-09 00:00:00.000000000 Z
11
+ date: 2020-06-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: licensee