licensed 2.2.0 → 2.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ee8b9896bf3a7728b539c308822b7613b70ddc62
4
- data.tar.gz: e3c4f581c2a1982b426a82dfd7c5217ca98d2838
3
+ metadata.gz: fb25b0f6171f25264970c95ae18b301c44400343
4
+ data.tar.gz: 945252932681b87f622fb9d065afae70af33ca0d
5
5
  SHA512:
6
- metadata.gz: 05bc23396c71a8d445412965cc9decf5abb6d5a6ebc450060e318266a3504368abb257649092ffe1eae615a93b6e69e24f9192a7ed475c39ff9e943332db2cb4
7
- data.tar.gz: 2fa140721c4e3fbfe22fe91048c8cac718ae6e918efc675cb800ea606d260de6383d977fa13ce1cd309b81c36275245183bbbbeca0b1f2ccfb81c812fb0f06a8
6
+ metadata.gz: d771ab002291e816f84b43eb66dc011f62ac6e3e0e4de2dfa82b869b19d60a3f584bc1cefbdd99798e14dec14310f7a447a522ff4ab0efbf6d73c9a661295811
7
+ data.tar.gz: 56877626264a91d6afd66740818b010655c1f9d5b0e9eb757c559f7092c3b2ef7962b12ed9d8284f4363e7e2ea7040199a86bd5cff855417b3243acebcb871d0
data/.gitignore CHANGED
@@ -24,6 +24,7 @@ test/fixtures/cabal/*
24
24
  test/fixtures/git_submodule/*
25
25
  !test/fixtures/git_submodule/README
26
26
  test/fixtures/pip/venv
27
+ test/fixtures/pipenv/Pipfile.lock
27
28
  !test/fixtures/migrations/**/*
28
29
 
29
30
  vendor/licenses
@@ -73,20 +73,26 @@ matrix:
73
73
 
74
74
  # python 2.7 tests
75
75
  - language: python
76
- python:
77
- - "2.7"
76
+ python: 2.7
78
77
  before_script: ./script/source-setup/pip
79
78
  script: ./script/test pip
80
79
  env: NAME="pip"
81
80
 
82
81
  # python 3.6 tests
83
82
  - language: python
84
- python:
85
- - "3.6"
83
+ python: 3.6
86
84
  before_script: ./script/source-setup/pip
87
85
  script: ./script/test pip
88
86
  env: NAME="pip"
89
87
 
88
+ - language: python
89
+ python: 3.6
90
+ before_script:
91
+ - pip install pipenv
92
+ - ./script/source-setup/pipenv
93
+ script: ./script/test pipenv
94
+ env: NAME="pipenv"
95
+
90
96
  - language: ruby
91
97
  rvm: 2.4.0
92
98
  before_script: ./script/source-setup/git_submodule
@@ -6,6 +6,11 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## 2.1.0 - 2019-04-16
10
+
11
+ ### Added
12
+ - New Pipenv dependency source enumerator (:tada: @krzysztof-pawlik-gat https://github.com/github/licensed/pull/167)
13
+
9
14
  ## 2.2.0 - 2019-05-11
10
15
 
11
16
  ### Added
@@ -162,4 +167,4 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
162
167
 
163
168
  Initial release :tada:
164
169
 
165
- [Unreleased]: https://github.com/github/licensed/compare/2.2.0...HEAD
170
+ [Unreleased]: https://github.com/github/licensed/compare/2.3.0...HEAD
data/README.md CHANGED
@@ -87,7 +87,8 @@ Dependencies will be automatically detected for all of the following sources by
87
87
  6. [Manifest lists (manifests)](./docs/sources/manifests.md)
88
88
  7. [NPM (npm)](./docs/sources/npm.md)
89
89
  8. [Pip (pip)](./docs/sources/pip.md)
90
- 9. [Git Submodules (git_submodule)](./docs/sources/git_submodule.md)
90
+ 9. [Pipenv (pipenv)](./docs/sources/pipenv.md)
91
+ 10. [Git Submodules (git_submodule)](./docs/sources/git_submodule.md)
91
92
 
92
93
  You can disable any of them in the configuration file:
93
94
 
@@ -0,0 +1,5 @@
1
+ # Pipenv
2
+
3
+ The pipenv source uses `pipenv` CLI command to enumerate dependencies and properties.
4
+
5
+ Be sure to run `pipenv update` (or `pipenv sync`) before running `licensed` so all required packages are properly installed.
@@ -83,12 +83,16 @@ module Licensed
83
83
  .grep(LEGAL_FILES_PATTERN)
84
84
  .select { |path| File.file?(path) }
85
85
  .sort # sorted by the path
86
- .map { |path| { "sources" => normalize_source_path(path), "text" => File.read(path).rstrip } }
86
+ .map { |path| { "sources" => normalize_source_path(path), "text" => read_file_with_encoding_check(path) } }
87
87
  .select { |notice| notice["text"].length > 0 } # files with content only
88
88
  end
89
89
 
90
90
  private
91
91
 
92
+ def read_file_with_encoding_check(file_path)
93
+ File.read(file_path).encode("UTF-16", invalid: :replace, replace: "?").encode("UTF-8").rstrip
94
+ end
95
+
92
96
  # Returns the sources for a group of license file contents
93
97
  #
94
98
  # Sources are returned as a single string with sources separated by ", "
@@ -11,6 +11,7 @@ module Licensed
11
11
  require "licensed/sources/manifest"
12
12
  require "licensed/sources/npm"
13
13
  require "licensed/sources/pip"
14
+ require "licensed/sources/pipenv"
14
15
  require "licensed/sources/gradle"
15
16
  end
16
17
  end
@@ -0,0 +1,46 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Licensed
4
+ module Sources
5
+ class Pipenv < Source
6
+ def enabled?
7
+ Licensed::Shell.tool_available?("pipenv") && File.exist?(@config.pwd.join("Pipfile.lock"))
8
+ end
9
+
10
+ def enumerate_dependencies
11
+ pakages_from_pipfile_lock.map do |package_name|
12
+ package = package_info(package_name)
13
+ location = File.join(package["Location"], package["Name"].gsub("-", "_") + "-" + package["Version"] + ".dist-info")
14
+ Dependency.new(
15
+ name: package["Name"],
16
+ version: package["Version"],
17
+ path: location,
18
+ metadata: {
19
+ "type" => Pipenv.type,
20
+ "summary" => package["Summary"],
21
+ "homepage" => package["Home-page"]
22
+ }
23
+ )
24
+ end
25
+ end
26
+
27
+ private
28
+
29
+ def pakages_from_pipfile_lock
30
+ Licensed::Shell.execute("pipenv", "run", "pip", "list")
31
+ .lines
32
+ .drop(2) # Header
33
+ .map { |line| line.strip.split.first.strip }
34
+ end
35
+
36
+ def package_info(package_name)
37
+ p_info = Licensed::Shell.execute("pipenv", "run", "pip", "--disable-pip-version-check", "show", package_name).lines
38
+ p_info.each_with_object(Hash.new(0)) { |pkg, a|
39
+ k, v = pkg.split(":", 2)
40
+ next if k.nil? || k.empty?
41
+ a[k.strip] = v&.strip
42
+ }
43
+ end
44
+ end
45
+ end
46
+ end
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
  module Licensed
3
- VERSION = "2.2.0".freeze
3
+ VERSION = "2.3.0".freeze
4
4
 
5
5
  def self.previous_major_versions
6
6
  major_version = Gem::Version.new(Licensed::VERSION).segments.first
@@ -0,0 +1,21 @@
1
+ #!/bin/bash
2
+ set -e
3
+
4
+ if [ -z "$(which pipenv)" ]; then
5
+ echo "A local pipenv installation is required for python development." >&2
6
+ exit 127
7
+ fi
8
+
9
+
10
+ # setup test fixtures
11
+ BASE_PATH="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
12
+ cd $BASE_PATH/test/fixtures/pipenv
13
+
14
+ # clean up any previous fixture venv that might have been created.
15
+ if [ "$1" == "-f" ]; then
16
+ echo "removing old fixture setup..."
17
+ pipenv --rm || true
18
+ fi
19
+
20
+ # set up a virtualenv and install the packages in the test requirements
21
+ pipenv update
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: licensed
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.2.0
4
+ version: 2.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2019-05-11 00:00:00.000000000 Z
11
+ date: 2019-05-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: licensee
@@ -221,6 +221,7 @@ files:
221
221
  - docs/sources/manifests.md
222
222
  - docs/sources/npm.md
223
223
  - docs/sources/pip.md
224
+ - docs/sources/pipenv.md
224
225
  - docs/sources/stack.md
225
226
  - exe/licensed
226
227
  - lib/licensed.rb
@@ -254,6 +255,7 @@ files:
254
255
  - lib/licensed/sources/manifest.rb
255
256
  - lib/licensed/sources/npm.rb
256
257
  - lib/licensed/sources/pip.rb
258
+ - lib/licensed/sources/pipenv.rb
257
259
  - lib/licensed/sources/source.rb
258
260
  - lib/licensed/ui/shell.rb
259
261
  - lib/licensed/version.rb
@@ -273,6 +275,7 @@ files:
273
275
  - script/source-setup/go
274
276
  - script/source-setup/npm
275
277
  - script/source-setup/pip
278
+ - script/source-setup/pipenv
276
279
  - script/test
277
280
  homepage: https://github.com/github/licensed
278
281
  licenses: