licensed 3.4.4 → 3.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/docs/configuration/customizing_licensee.md +13 -0
- data/docs/configuration.md +1 -1
- data/docs/sources/npm.md +1 -1
- data/lib/licensed/commands/cache.rb +28 -0
- data/lib/licensed/version.rb +1 -1
- data/licensed.gemspec +1 -1
- metadata +5 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d2fafd3b11ba6f63760979021e1628aa1d4ae0e0cd5b0b413b06c6163a1b64fd
|
|
4
|
+
data.tar.gz: d5fe530e59e0091b44f0ae08403f72707f6dc4db391a6d7e39e4b620c01b1da9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a2b691823b7cbc692fb155bc672772fea156932a3d7d38111634927a0babf427343f992eded7d219041575e64e698a9821fdf1e9e12390f8e29a2c95a42e340a
|
|
7
|
+
data.tar.gz: 61872b213231ead8c7ce5d209af8332964e8562e8809dbbf7c3e5fd95b84cfffcc7b9c4391f0e81d6e094325293bbe61520458d4cc1233072f4b0c41b04cd165
|
data/CHANGELOG.md
CHANGED
|
@@ -6,6 +6,14 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|
|
6
6
|
|
|
7
7
|
## [Unreleased]
|
|
8
8
|
|
|
9
|
+
## 3.5.0
|
|
10
|
+
|
|
11
|
+
2022-02-24
|
|
12
|
+
|
|
13
|
+
### Added
|
|
14
|
+
|
|
15
|
+
- [Licensee](https://github.com/licensee/licensee) confidence thresholds can be configured in the licensed configuration file (https://github.com/github/licensed/pull/455)
|
|
16
|
+
|
|
9
17
|
## 3.4.4
|
|
10
18
|
|
|
11
19
|
2022-02-07
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
# Customize Licensee's behavior
|
|
2
|
+
|
|
3
|
+
Licensed uses [Licensee](https://github.com/licensee/licensee) to detect and evaluate OSS licenses for project dependencies found during source enumeration. Licensed can optionally [customize Licensee's behavior](https://github.com/licensee/licensee/blob/jonabc-patch-1/docs/customizing.md#customizing-licensees-behavior) based on options set in the configuration file.
|
|
4
|
+
|
|
5
|
+
**NOTE** Matching licenses based on package manager metadata and README references is always enabled and cannot currently be configured.
|
|
6
|
+
|
|
7
|
+
```yml
|
|
8
|
+
licensee:
|
|
9
|
+
# the confidence threshold is an integer between 1 and 100. the value represents
|
|
10
|
+
# the minimum percentage confidence that Licensee must have to report a matched license
|
|
11
|
+
# https://github.com/licensee/licensee/blob/jonabc-patch-1/docs/customizing.md#adjusting-the-confidence-threshold
|
|
12
|
+
confidence_threshold: 90 # default value: 98
|
|
13
|
+
```
|
data/docs/configuration.md
CHANGED
|
@@ -4,7 +4,7 @@ A configuration file specifies the details of enumerating and operating on licen
|
|
|
4
4
|
|
|
5
5
|
Configuration can be specified in either YML or JSON formats, with examples given in YML. The example
|
|
6
6
|
below describes common configuration values and their purposes. See [configuration options documentation](./configuration)
|
|
7
|
-
for in depth information.
|
|
7
|
+
for in depth information.
|
|
8
8
|
|
|
9
9
|
Additionally, some dependency sources have their own specific configuration options. See the [source documentation](./sources) for details.
|
|
10
10
|
|
data/docs/sources/npm.md
CHANGED
|
@@ -4,7 +4,7 @@ The npm source will detect dependencies `package.json` is found at an apps `sour
|
|
|
4
4
|
|
|
5
5
|
### Including development dependencies
|
|
6
6
|
|
|
7
|
-
By default, the npm source will exclude all
|
|
7
|
+
By default, the npm source will exclude all development dependencies. To include development or test dependencies, set `production_only: false` in the licensed configuration.
|
|
8
8
|
|
|
9
9
|
```yml
|
|
10
10
|
npm:
|
|
@@ -29,6 +29,18 @@ module Licensed
|
|
|
29
29
|
files.clear
|
|
30
30
|
end
|
|
31
31
|
|
|
32
|
+
# Run the command for an application configurations.
|
|
33
|
+
# Applies a licensee configuration for the duration of the operation.
|
|
34
|
+
#
|
|
35
|
+
# report - A Licensed::Report object for this command
|
|
36
|
+
#
|
|
37
|
+
# Returns whether the command succeeded
|
|
38
|
+
def run_app(app, report)
|
|
39
|
+
with_licensee_configuration(app, report) do
|
|
40
|
+
super
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
32
44
|
# Run the command for all enumerated dependencies found in a dependency source,
|
|
33
45
|
# recording results in a report.
|
|
34
46
|
# Enumerating dependencies in the source is skipped if a :sources option
|
|
@@ -136,6 +148,22 @@ module Licensed
|
|
|
136
148
|
def files
|
|
137
149
|
@files ||= Set.new
|
|
138
150
|
end
|
|
151
|
+
|
|
152
|
+
# Configure licensee for the duration of a yielded operation
|
|
153
|
+
def with_licensee_configuration(app, report)
|
|
154
|
+
licensee_configuration = app["licensee"]
|
|
155
|
+
return yield unless licensee_configuration
|
|
156
|
+
|
|
157
|
+
report["licensee"] = licensee_configuration
|
|
158
|
+
|
|
159
|
+
if new_threshold = licensee_configuration["confidence_threshold"]
|
|
160
|
+
old_threshold, Licensee.confidence_threshold = Licensee.confidence_threshold, new_threshold
|
|
161
|
+
end
|
|
162
|
+
|
|
163
|
+
yield
|
|
164
|
+
ensure
|
|
165
|
+
Licensee.confidence_threshold = old_threshold if old_threshold
|
|
166
|
+
end
|
|
139
167
|
end
|
|
140
168
|
end
|
|
141
169
|
end
|
data/lib/licensed/version.rb
CHANGED
data/licensed.gemspec
CHANGED
|
@@ -23,7 +23,7 @@ Gem::Specification.new do |spec|
|
|
|
23
23
|
|
|
24
24
|
spec.required_ruby_version = ">= 2.3.0"
|
|
25
25
|
|
|
26
|
-
spec.add_dependency "licensee", ">= 9.
|
|
26
|
+
spec.add_dependency "licensee", ">= 9.15.2", "< 10.0.0"
|
|
27
27
|
spec.add_dependency "thor", ">= 0.19"
|
|
28
28
|
spec.add_dependency "pathname-common_prefix", "~> 0.0.1"
|
|
29
29
|
spec.add_dependency "tomlrb", ">= 1.2", "< 3.0"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: licensed
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- GitHub
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-02-
|
|
11
|
+
date: 2022-02-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: licensee
|
|
@@ -16,7 +16,7 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 9.
|
|
19
|
+
version: 9.15.2
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
22
|
version: 10.0.0
|
|
@@ -26,7 +26,7 @@ dependencies:
|
|
|
26
26
|
requirements:
|
|
27
27
|
- - ">="
|
|
28
28
|
- !ruby/object:Gem::Version
|
|
29
|
-
version: 9.
|
|
29
|
+
version: 9.15.2
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
32
|
version: 10.0.0
|
|
@@ -261,6 +261,7 @@ files:
|
|
|
261
261
|
- docs/configuration/application_source.md
|
|
262
262
|
- docs/configuration/configuration_root.md
|
|
263
263
|
- docs/configuration/configuring_multiple_apps.md
|
|
264
|
+
- docs/configuration/customizing_licensee.md
|
|
264
265
|
- docs/configuration/dependency_source_enumerators.md
|
|
265
266
|
- docs/configuration/ignoring_dependencies.md
|
|
266
267
|
- docs/configuration/metadata_cache.md
|