licensed 3.6.0 → 3.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +7 -1
- data/lib/licensed/sources/pip.rb +21 -11
- data/lib/licensed/sources/pipenv.rb +5 -33
- data/lib/licensed/sources/source.rb +7 -2
- data/lib/licensed/version.rb +1 -1
- data/licensed.gemspec +2 -2
- metadata +8 -8
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 2b28b00b1b23f91bc89a99928d3ae07396afe29700e06c4e22debe1e4f3b2d45
|
4
|
+
data.tar.gz: 5e8ccfb04df77cb4802bc51825562ec52a5f8368718e66434460b61e425a864f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 2b71b2fd45dcd9e61b425a08f0b2148ecd568ae4f3a0ffacd15213850fba8c313362783945cb3828592ef397f4d2ced750f890f6bf18447e6a32c02cbbb47795
|
7
|
+
data.tar.gz: aa587ef6d6e420761098ab2364aa485a36885cfdd6b09f9eec5ad838dbd108f759a91447818bc0279992b489513efad8a2381966dbbcf3f6fea3f3946069e676
|
data/CHANGELOG.md
CHANGED
@@ -6,6 +6,12 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|
6
6
|
|
7
7
|
## [Unreleased]
|
8
8
|
|
9
|
+
## 3.7.0
|
10
|
+
|
11
|
+
### Changed
|
12
|
+
|
13
|
+
- Pip and pipenv sources will find dependency licenses under `dist-info/license_files` when available (https://github.com/github/licensed/pull/504)
|
14
|
+
|
9
15
|
## 3.6.0
|
10
16
|
|
11
17
|
2022-03-17
|
@@ -597,4 +603,4 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|
597
603
|
|
598
604
|
Initial release :tada:
|
599
605
|
|
600
|
-
[Unreleased]: https://github.com/github/licensed/compare/3.
|
606
|
+
[Unreleased]: https://github.com/github/licensed/compare/3.7.0...HEAD
|
data/lib/licensed/sources/pip.rb
CHANGED
@@ -10,18 +10,17 @@ module Licensed
|
|
10
10
|
PACKAGE_INFO_SEPARATOR = "\n---\n"
|
11
11
|
|
12
12
|
def enabled?
|
13
|
-
|
13
|
+
!pip_command.empty? && Licensed::Shell.tool_available?(pip_command.join(""))
|
14
14
|
end
|
15
15
|
|
16
16
|
def enumerate_dependencies
|
17
17
|
packages.map do |package|
|
18
|
-
location = File.join(package["Location"], package["Name"].gsub("-", "_") + "-" + package["Version"] + ".dist-info")
|
19
18
|
Dependency.new(
|
20
19
|
name: package["Name"],
|
21
20
|
version: package["Version"],
|
22
|
-
path:
|
21
|
+
path: package_license_location(package),
|
23
22
|
metadata: {
|
24
|
-
"type" =>
|
23
|
+
"type" => self.class.type,
|
25
24
|
"summary" => package["Summary"],
|
26
25
|
"homepage" => package["Home-page"]
|
27
26
|
}
|
@@ -29,8 +28,24 @@ module Licensed
|
|
29
28
|
end
|
30
29
|
end
|
31
30
|
|
31
|
+
protected
|
32
|
+
|
33
|
+
# Returns the command to run pip
|
34
|
+
def pip_command
|
35
|
+
return [] unless virtual_env_dir
|
36
|
+
Array(File.join(virtual_env_dir, "bin", "pip"))
|
37
|
+
end
|
38
|
+
|
32
39
|
private
|
33
40
|
|
41
|
+
# Returns the location of license files in the package, checking for the inclusion of a new `license_files`
|
42
|
+
# folder per https://peps.python.org/pep-0639/
|
43
|
+
def package_license_location(package)
|
44
|
+
dist_info = File.join(package["Location"], package["Name"].gsub("-", "_") + "-" + package["Version"] + ".dist-info")
|
45
|
+
license_files = File.join(dist_info, "license_files")
|
46
|
+
return File.exist?(license_files) ? license_files : dist_info
|
47
|
+
end
|
48
|
+
|
34
49
|
# Returns parsed information for all packages used by the project,
|
35
50
|
# using `pip list` to determine what packages are used and `pip show`
|
36
51
|
# to gather package information
|
@@ -64,17 +79,12 @@ module Licensed
|
|
64
79
|
|
65
80
|
# Returns the output from `pip list --format=json`
|
66
81
|
def pip_list_command
|
67
|
-
Licensed::Shell.execute(
|
82
|
+
Licensed::Shell.execute(*pip_command, "--disable-pip-version-check", "list", "--format=json")
|
68
83
|
end
|
69
84
|
|
70
85
|
# Returns the output from `pip show <package> <package> ...`
|
71
86
|
def pip_show_command(packages)
|
72
|
-
Licensed::Shell.execute(
|
73
|
-
end
|
74
|
-
|
75
|
-
def virtual_env_pip
|
76
|
-
return unless virtual_env_dir
|
77
|
-
File.join(virtual_env_dir, "bin", "pip")
|
87
|
+
Licensed::Shell.execute(*pip_command, "--disable-pip-version-check", "show", *packages)
|
78
88
|
end
|
79
89
|
|
80
90
|
def virtual_env_dir
|
@@ -4,44 +4,16 @@ require "parallel"
|
|
4
4
|
|
5
5
|
module Licensed
|
6
6
|
module Sources
|
7
|
-
class Pipenv <
|
7
|
+
class Pipenv < Pip
|
8
8
|
def enabled?
|
9
9
|
Licensed::Shell.tool_available?("pipenv") && File.exist?(config.pwd.join("Pipfile.lock"))
|
10
10
|
end
|
11
11
|
|
12
|
-
|
13
|
-
Parallel.map(pakages_from_pipfile_lock, in_threads: Parallel.processor_count) do |package_name|
|
14
|
-
package = package_info(package_name)
|
15
|
-
location = File.join(package["Location"], package["Name"].gsub("-", "_") + "-" + package["Version"] + ".dist-info")
|
16
|
-
Dependency.new(
|
17
|
-
name: package["Name"],
|
18
|
-
version: package["Version"],
|
19
|
-
path: location,
|
20
|
-
metadata: {
|
21
|
-
"type" => Pipenv.type,
|
22
|
-
"summary" => package["Summary"],
|
23
|
-
"homepage" => package["Home-page"]
|
24
|
-
}
|
25
|
-
)
|
26
|
-
end
|
27
|
-
end
|
28
|
-
|
29
|
-
private
|
30
|
-
|
31
|
-
def pakages_from_pipfile_lock
|
32
|
-
Licensed::Shell.execute("pipenv", "run", "pip", "list")
|
33
|
-
.lines
|
34
|
-
.drop(2) # Header
|
35
|
-
.map { |line| line.strip.split.first.strip }
|
36
|
-
end
|
12
|
+
protected
|
37
13
|
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
k, v = pkg.split(":", 2)
|
42
|
-
next if k.nil? || k.empty?
|
43
|
-
a[k.strip] = v&.strip
|
44
|
-
}
|
14
|
+
# Returns the command to run pip
|
15
|
+
def pip_command
|
16
|
+
%w(pipenv run pip)
|
45
17
|
end
|
46
18
|
end
|
47
19
|
end
|
@@ -14,8 +14,13 @@ module Licensed
|
|
14
14
|
class << self
|
15
15
|
attr_reader :sources
|
16
16
|
def inherited(klass)
|
17
|
-
#
|
18
|
-
|
17
|
+
# register the inherited class as a source on the Licensed::Sources::Source class
|
18
|
+
Licensed::Sources::Source.register_source(klass)
|
19
|
+
end
|
20
|
+
|
21
|
+
def register_source(klass)
|
22
|
+
# add the source class to the known sources list
|
23
|
+
return unless klass < Licensed::Sources::Source
|
19
24
|
(@sources ||= []) << klass
|
20
25
|
end
|
21
26
|
|
data/lib/licensed/version.rb
CHANGED
data/licensed.gemspec
CHANGED
@@ -35,7 +35,7 @@ Gem::Specification.new do |spec|
|
|
35
35
|
spec.add_development_dependency "rake", ">= 12.3.3"
|
36
36
|
spec.add_development_dependency "minitest", "~> 5.8"
|
37
37
|
spec.add_development_dependency "mocha", "~> 1.0"
|
38
|
-
spec.add_development_dependency "rubocop", "~>
|
38
|
+
spec.add_development_dependency "rubocop", "~> 1.26", "< 1.27"
|
39
39
|
spec.add_development_dependency "rubocop-github", "~> 0.6"
|
40
|
-
spec.add_development_dependency "byebug", "~> 11.
|
40
|
+
spec.add_development_dependency "byebug", "~> 11.1.3"
|
41
41
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: licensed
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.
|
4
|
+
version: 3.7.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- GitHub
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-04-25 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: licensee
|
@@ -188,20 +188,20 @@ dependencies:
|
|
188
188
|
requirements:
|
189
189
|
- - "~>"
|
190
190
|
- !ruby/object:Gem::Version
|
191
|
-
version: '
|
191
|
+
version: '1.26'
|
192
192
|
- - "<"
|
193
193
|
- !ruby/object:Gem::Version
|
194
|
-
version: '1.
|
194
|
+
version: '1.27'
|
195
195
|
type: :development
|
196
196
|
prerelease: false
|
197
197
|
version_requirements: !ruby/object:Gem::Requirement
|
198
198
|
requirements:
|
199
199
|
- - "~>"
|
200
200
|
- !ruby/object:Gem::Version
|
201
|
-
version: '
|
201
|
+
version: '1.26'
|
202
202
|
- - "<"
|
203
203
|
- !ruby/object:Gem::Version
|
204
|
-
version: '1.
|
204
|
+
version: '1.27'
|
205
205
|
- !ruby/object:Gem::Dependency
|
206
206
|
name: rubocop-github
|
207
207
|
requirement: !ruby/object:Gem::Requirement
|
@@ -222,14 +222,14 @@ dependencies:
|
|
222
222
|
requirements:
|
223
223
|
- - "~>"
|
224
224
|
- !ruby/object:Gem::Version
|
225
|
-
version: 11.
|
225
|
+
version: 11.1.3
|
226
226
|
type: :development
|
227
227
|
prerelease: false
|
228
228
|
version_requirements: !ruby/object:Gem::Requirement
|
229
229
|
requirements:
|
230
230
|
- - "~>"
|
231
231
|
- !ruby/object:Gem::Version
|
232
|
-
version: 11.
|
232
|
+
version: 11.1.3
|
233
233
|
description: Licensed automates extracting and validating the licenses of dependencies.
|
234
234
|
email:
|
235
235
|
- opensource+licensed@github.com
|