licensed 4.0.3 → 4.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +14 -1
  3. data/Gemfile.lock +112 -0
  4. data/docs/configuration/README.md +1 -0
  5. data/docs/configuration/additional_terms.md +41 -0
  6. data/docs/configuration.md +7 -0
  7. data/docs/sources/pnpm.md +18 -0
  8. data/lib/licensed/configuration.rb +6 -0
  9. data/lib/licensed/dependency.rb +27 -0
  10. data/lib/licensed/sources/pnpm.rb +52 -0
  11. data/lib/licensed/sources/source.rb +8 -1
  12. data/lib/licensed/sources.rb +4 -3
  13. data/lib/licensed/version.rb +1 -1
  14. data/licensed.gemspec +14 -14
  15. metadata +56 -52
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9b570c99aa05e69aae2e75f5e661f1cb307c2031e30e0df440d1387f504cbb22
4
- data.tar.gz: d5976f503706900355565f95edb7d0aa8502b2e1cde65d351d3b9bce5257a6c7
3
+ metadata.gz: 7606d0b5e5f3755ee329a1963cda970c021deab08680c619731ed6fb3ba547da
4
+ data.tar.gz: 668a2d87d8019284b6ce02bccdda851ad186f03cc7d389fbdd659473affc08cf
5
5
  SHA512:
6
- metadata.gz: bda6cf9e2df1df8854493763a70bbb876c40b070bec8dd30a8323e89435920ad6109616fb353720aa8d0c1533d9815c3476ca71ae43ff1883868fe162babb10a
7
- data.tar.gz: 65f70a20f64c63c469a159d36d45dbc17d8c235bac9e2ceda8519227531ba37efb0aec5e1a0d298e71729f5f91a37e00fec35801e67de0398489d72bb5b96343
6
+ metadata.gz: '064129baadae7345b5c05e2635cc1850b8ce8321f1e2df803b5fc6d6704556a1337c7d1561024775801cf5cb4158b6c25657b06a0a9baf5ccac7a7453f35fa53'
7
+ data.tar.gz: b3c6ba7179d7b777665f29b5cace4536181a428a5995c5e7d1d168b4ba6012fd333d191eb6ce23ab7b971a9cb8231dbfb999743c72bf91a1efe78ddec78223b7
data/CHANGELOG.md CHANGED
@@ -6,6 +6,19 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## 4.1.0
10
+
11
+ ### Added
12
+
13
+ - Custom license terms can be added to dependencies via new configuration options (https://github.com/github/licensed/pull/624)
14
+ - Licensed is now integrated with pnpm to enumerate dependencies (https://github.com/github/licensed/pull/626)
15
+
16
+ ## 4.0.4
17
+
18
+ ### Changed
19
+
20
+ - Dependency version requirements are more relaxed (https://github.com/github/licensed/pull/619)
21
+
9
22
  ## 4.0.3
10
23
 
11
24
  ### Changed
@@ -700,4 +713,4 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
700
713
 
701
714
  Initial release :tada:
702
715
 
703
- [Unreleased]: https://github.com/github/licensed/compare/4.0.3...HEAD
716
+ [Unreleased]: https://github.com/github/licensed/compare/4.1.0...HEAD
data/Gemfile.lock ADDED
@@ -0,0 +1,112 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ licensed (4.1.0)
5
+ json (~> 2.6)
6
+ licensee (~> 9.16)
7
+ parallel (~> 1.22)
8
+ pathname-common_prefix (~> 0.0.1)
9
+ reverse_markdown (~> 2.1)
10
+ ruby-xxHash (~> 0.4.0)
11
+ thor (~> 1.2)
12
+ tomlrb (~> 2.0)
13
+
14
+ GEM
15
+ remote: https://rubygems.org/
16
+ specs:
17
+ activesupport (7.0.4.2)
18
+ concurrent-ruby (~> 1.0, >= 1.0.2)
19
+ i18n (>= 1.6, < 2)
20
+ minitest (>= 5.1)
21
+ tzinfo (~> 2.0)
22
+ addressable (2.8.1)
23
+ public_suffix (>= 2.0.2, < 6.0)
24
+ ast (2.4.2)
25
+ byebug (11.1.3)
26
+ concurrent-ruby (1.2.0)
27
+ dotenv (2.8.1)
28
+ faraday (2.7.4)
29
+ faraday-net_http (>= 2.0, < 3.1)
30
+ ruby2_keywords (>= 0.0.4)
31
+ faraday-net_http (3.0.2)
32
+ i18n (1.12.0)
33
+ concurrent-ruby (~> 1.0)
34
+ json (2.6.3)
35
+ licensee (9.16.0)
36
+ dotenv (~> 2.0)
37
+ octokit (>= 4.20, < 7.0)
38
+ reverse_markdown (>= 1, < 3)
39
+ rugged (>= 0.24, < 2.0)
40
+ thor (>= 0.19, < 2.0)
41
+ mini_portile2 (2.8.1)
42
+ minitest (5.17.0)
43
+ mocha (2.0.2)
44
+ ruby2_keywords (>= 0.0.5)
45
+ nokogiri (1.14.0)
46
+ mini_portile2 (~> 2.8.0)
47
+ racc (~> 1.4)
48
+ octokit (6.0.1)
49
+ faraday (>= 1, < 3)
50
+ sawyer (~> 0.9)
51
+ parallel (1.22.1)
52
+ parser (3.2.0.0)
53
+ ast (~> 2.4.1)
54
+ pathname-common_prefix (0.0.1)
55
+ public_suffix (5.0.1)
56
+ racc (1.6.2)
57
+ rack (3.0.4.1)
58
+ rainbow (3.1.1)
59
+ rake (13.0.6)
60
+ regexp_parser (2.6.2)
61
+ reverse_markdown (2.1.1)
62
+ nokogiri
63
+ rexml (3.2.5)
64
+ rubocop (1.44.1)
65
+ json (~> 2.3)
66
+ parallel (~> 1.10)
67
+ parser (>= 3.2.0.0)
68
+ rainbow (>= 2.2.2, < 4.0)
69
+ regexp_parser (>= 1.8, < 3.0)
70
+ rexml (>= 3.2.5, < 4.0)
71
+ rubocop-ast (>= 1.24.1, < 2.0)
72
+ ruby-progressbar (~> 1.7)
73
+ unicode-display_width (>= 2.4.0, < 3.0)
74
+ rubocop-ast (1.24.1)
75
+ parser (>= 3.1.1.0)
76
+ rubocop-github (0.20.0)
77
+ rubocop (>= 1.37)
78
+ rubocop-performance (>= 1.15)
79
+ rubocop-rails (>= 2.17)
80
+ rubocop-performance (1.15.2)
81
+ rubocop (>= 1.7.0, < 2.0)
82
+ rubocop-ast (>= 0.4.0)
83
+ rubocop-rails (2.17.4)
84
+ activesupport (>= 4.2.0)
85
+ rack (>= 1.1)
86
+ rubocop (>= 1.33.0, < 2.0)
87
+ ruby-progressbar (1.11.0)
88
+ ruby-xxHash (0.4.0.2)
89
+ ruby2_keywords (0.0.5)
90
+ rugged (1.5.1)
91
+ sawyer (0.9.2)
92
+ addressable (>= 2.3.5)
93
+ faraday (>= 0.17.3, < 3)
94
+ thor (1.2.1)
95
+ tomlrb (2.0.3)
96
+ tzinfo (2.0.5)
97
+ concurrent-ruby (~> 1.0)
98
+ unicode-display_width (2.4.2)
99
+
100
+ PLATFORMS
101
+ ruby
102
+
103
+ DEPENDENCIES
104
+ byebug (~> 11.1)
105
+ licensed!
106
+ minitest (~> 5.17)
107
+ mocha (~> 2.0)
108
+ rake (~> 13.0)
109
+ rubocop-github (~> 0.20)
110
+
111
+ BUNDLED WITH
112
+ 2.3.26
data/docs/configuration/README.md CHANGED
@@ -9,3 +9,4 @@
9
9
  1. [Allowed licenses](./allowed_licenses.md)
10
10
  1. [Ignoring dependencies](./ignoring_dependencies.md)
11
11
  1. [Reviewing dependencies](./reviewing_dependencies.md)
12
+ 1. [Additional license terms](./additional_terms.md)
data/docs/configuration/additional_terms.md ADDED
@@ -0,0 +1,41 @@
1
+ # Additional terms
2
+
3
+ The `additional_terms` configuration option is used to specify paths to files containing extra licensing terms that do not ship with the dependency package. All files specified are expected to be plain text.
4
+
5
+ Files containing additional content can be located anywhere on disk that is accessible to licensed. File paths can be specified as a string or array and can contain glob values to simplify configuration inputs. All file paths are evaluated from the [configuration root](./configuration_root.md).
6
+
7
+ ## Examples
8
+
9
+ **Note** The examples below specify paths to additional files under the `.licenses` folder. This is a logical place to store files containing license terms, but be careful not to store files under paths managed by licensed like `.licenses/<source type>/...`. Running `licensed cache` in the future will delete any files under licensed managed paths that licensed did not create. This is why the below examples use paths like `.licenses/amendments/bundler/...` instead of not `.licenses/bundler/amendments/...`.
10
+
11
+ ### With a string
12
+
13
+ ```yaml
14
+ additional_terms:
15
+ # specify the type of dependency
16
+ bundler:
17
+ # specify the dependency name and path to an additional file
18
+ <gem-name>: .licenses/amendments/bundler/<gem-name>/terms.txt
19
+ ```
20
+
21
+ ### With a glob string
22
+
23
+ ```yaml
24
+ additional_terms:
25
+ # specify the type of dependency
26
+ bundler:
27
+ # specify the dependency name and one or more additional files with a glob pattern
28
+ <gem-name>: .licenses/amendments/bundler/<gem-name>/*.txt
29
+ ```
30
+
31
+ ### With an array of strings
32
+
33
+ ```yaml
34
+ additional_terms:
35
+ # specify the type of dependency
36
+ bundler:
37
+ # specify the dependency name and array of paths to additional files
38
+ <gem-name>:
39
+ - .licenses/amendments/bundler/<gem-name>/terms-1.txt
40
+ - .licenses/amendments/bundler/<gem-name>/terms-2.txt
41
+ ```
data/docs/configuration.md CHANGED
@@ -67,6 +67,13 @@ reviewed:
67
67
  - classlist # public domain
68
68
  - octicons
69
69
 
70
+ # Specify additional license terms that have been obtained from a dependency's owner
71
+ # which apply to the dependency's license
72
+ additional_terms:
73
+ bundler:
74
+ bcrypt-ruby:
75
+ - .licenses/amendments/bundler/bcrypt-ruby/amendment.txt
76
+
70
77
  # A single configuration file can be used to enumerate dependencies for multiple
71
78
  # projects. Each configuration is referred to as an "application" and must include
72
79
  # a source path, at a minimum
data/docs/sources/pnpm.md ADDED
@@ -0,0 +1,18 @@
1
+ # pnpm
2
+
3
+ The npm source will detect dependencies when `pnpm-lock.yaml` is found at an apps `source_path`. It uses `pnpm licenses list` to enumerate dependencies and metadata.
4
+
5
+ **NOTE** [pnpm licenses list](https://pnpm.io/cli/licenses) is an experimental CLI command and subject to change. If changes to pnpm result in unexpected or broken behavior in licensed please open an [issue](https://github.com/github/licensed/issues/new).
6
+
7
+ ## Including development dependencies
8
+
9
+ By default, the npm source will exclude all development dependencies. To include development or test dependencies, set `production_only: false` in the licensed configuration.
10
+
11
+ ```yml
12
+ pnpm:
13
+ production_only: false
14
+ ```
15
+
16
+ ## Using licensed with pnpm workspaces
17
+
18
+ Licensed will locate all dependencies from all pnpm workspaces and cannot enumerate dependencies from individual project workspaces. This is a limitation from the pnpm CLI.
data/lib/licensed/configuration.rb CHANGED
@@ -109,6 +109,12 @@ module Licensed
109
109
  self["allowed"] << license
110
110
  end
111
111
 
112
+ # Returns an array of paths to files containing additional license terms.
113
+ def additional_terms_for_dependency(dependency)
114
+ amendment_paths = Array(self.dig("additional_terms", dependency["type"], dependency["name"]))
115
+ amendment_paths.flat_map { |path| Dir.glob(self.root.join(path)) }
116
+ end
117
+
112
118
  private
113
119
 
114
120
  def any_list_pattern_matched?(list, dependency, match_version: false)
data/lib/licensed/dependency.rb CHANGED
@@ -9,6 +9,7 @@ module Licensed
9
9
  attr_reader :version
10
10
  attr_reader :errors
11
11
  attr_reader :path
12
+ attr_reader :additional_terms
12
13
 
13
14
  # Create a new project dependency
14
15
  #
@@ -28,6 +29,7 @@ module Licensed
28
29
  @errors = errors
29
30
  path = path.to_s
30
31
  @path = path
32
+ @additional_terms = []
31
33
 
32
34
  # enforcing absolute paths makes life much easier when determining
33
35
  # an absolute file path in #notices
@@ -80,6 +82,13 @@ module Licensed
80
82
  files.compact
81
83
  end
82
84
 
85
+
86
+ # Override the behavior of Licensee::Projects::FSProject#project_files to include
87
+ # additional license terms
88
+ def project_files
89
+ super + additional_license_terms_files
90
+ end
91
+
83
92
  # Returns legal notices found at the dependency path
84
93
  def notice_contents
85
94
  Dir.glob(dir_path.join("*"))
@@ -102,6 +111,7 @@ module Licensed
102
111
  def license_content_sources(files)
103
112
  paths = Array(files).map do |file|
104
113
  next file[:uri] if file[:uri]
114
+ next file[:source] if file[:source]
105
115
 
106
116
  path = dir_path.join(file[:dir], file[:name])
107
117
  normalize_source_path(path)
@@ -157,5 +167,22 @@ module Licensed
157
167
  "text" => text
158
168
  }
159
169
  end
170
+
171
+ # Returns an array of Licensee::ProjectFiles::LicenseFile created from
172
+ # this dependency's additional license terms
173
+ def additional_license_terms_files
174
+ @additional_license_terms_files ||= begin
175
+ files = additional_terms.map do |path|
176
+ next unless File.file?(path)
177
+
178
+ metadata = { dir: File.dirname(path), name: File.basename(path) }
179
+ Licensee::ProjectFiles::LicenseFile.new(
180
+ load_file(metadata),
181
+ { source: "License terms loaded from #{metadata[:name]}" }
182
+ )
183
+ end
184
+ files.compact
185
+ end
186
+ end
160
187
  end
161
188
  end
data/lib/licensed/sources/pnpm.rb ADDED
@@ -0,0 +1,52 @@
1
+ # frozen_string_literal: true
2
+ require "json"
3
+
4
+ module Licensed
5
+ module Sources
6
+ class PNPM < Source
7
+ # Returns true when pnpm is installed and a pnpm-lock.yaml file is found,
8
+ # otherwise false
9
+ def enabled?
10
+ return false unless Licensed::Shell.tool_available?("pnpm")
11
+ File.exist?(File.join(config.pwd, "pnpm-lock.yaml"))
12
+ end
13
+
14
+ def enumerate_dependencies
15
+ packages.map do |package|
16
+ name_with_version = "#{package["name"]}@#{package["version"]}"
17
+ Dependency.new(
18
+ name: name_with_version,
19
+ version: package["version"],
20
+ path: package["path"],
21
+ metadata: {
22
+ "type" => PNPM.type,
23
+ "name" => package["name"],
24
+ "summary" => package["description"],
25
+ "homepage" => package["homepage"]
26
+ }
27
+ )
28
+ end
29
+ end
30
+
31
+ # Returns package metadata returned from `pnpm licensed list`
32
+ def packages
33
+ JSON.parse(package_metadata_command).values.flatten
34
+ rescue JSON::ParserError => e
35
+ message = "Licensed was unable to parse the output from 'pnpm licenses list'. JSON Error: #{e.message}"
36
+ raise Licensed::Sources::Source::Error, message
37
+ end
38
+
39
+ # Returns the output from running `pnpm licenses list` to get package metadata
40
+ def package_metadata_command
41
+ args = %w(--json --long)
42
+ args << "--prod" unless include_non_production?
43
+ Licensed::Shell.execute("pnpm", "licenses", "list", *args, allow_failure: true)
44
+ end
45
+
46
+ # Returns whether to include non production dependencies based on the licensed configuration settings
47
+ def include_non_production?
48
+ config.dig("pnpm", "production_only") == false
49
+ end
50
+ end
51
+ end
52
+ end
data/lib/licensed/sources/source.rb CHANGED
@@ -69,7 +69,9 @@ module Licensed
69
69
  # Returns all dependencies that should be evaluated.
70
70
  # Excludes ignored dependencies.
71
71
  def dependencies
72
- cached_dependencies.reject { |d| ignored?(d) }
72
+ cached_dependencies
73
+ .reject { |d| ignored?(d) }
74
+ .each { |d| add_additional_terms_from_configuration(d) }
73
75
  end
74
76
 
75
77
  # Enumerate all source dependencies. Must be implemented by each source class.
@@ -88,6 +90,11 @@ module Licensed
88
90
  def cached_dependencies
89
91
  @dependencies ||= enumerate_dependencies.compact
90
92
  end
93
+
94
+ # Add any additional_terms for this dependency that have been added to the configuration
95
+ def add_additional_terms_from_configuration(dependency)
96
+ dependency.additional_terms.concat config.additional_terms_for_dependency("type" => self.class.type, "name" => dependency.name)
97
+ end
91
98
  end
92
99
  end
93
100
  end
data/lib/licensed/sources.rb CHANGED
@@ -6,19 +6,20 @@ module Licensed
6
6
  require "licensed/sources/bundler"
7
7
  require "licensed/sources/cabal"
8
8
  require "licensed/sources/cargo"
9
+ require "licensed/sources/cocoapods"
9
10
  require "licensed/sources/composer"
10
11
  require "licensed/sources/dep"
11
12
  require "licensed/sources/git_submodule"
12
13
  require "licensed/sources/go"
14
+ require "licensed/sources/gradle"
13
15
  require "licensed/sources/manifest"
16
+ require "licensed/sources/mix"
14
17
  require "licensed/sources/npm"
15
18
  require "licensed/sources/nuget"
16
19
  require "licensed/sources/pip"
17
20
  require "licensed/sources/pipenv"
21
+ require "licensed/sources/pnpm"
18
22
  require "licensed/sources/swift"
19
- require "licensed/sources/gradle"
20
- require "licensed/sources/mix"
21
23
  require "licensed/sources/yarn"
22
- require "licensed/sources/cocoapods"
23
24
  end
24
25
  end
data/lib/licensed/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
  module Licensed
3
- VERSION = "4.0.3".freeze
3
+ VERSION = "4.1.0".freeze
4
4
 
5
5
  def self.previous_major_versions
6
6
  major_version = Gem::Version.new(Licensed::VERSION).segments.first
data/licensed.gemspec CHANGED
@@ -23,19 +23,19 @@ Gem::Specification.new do |spec|
23
23
 
24
24
  spec.required_ruby_version = ">= 2.6.0"
25
25
 
26
- spec.add_dependency "licensee", "9.16.0"
27
- spec.add_dependency "thor", "1.2.1"
28
- spec.add_dependency "pathname-common_prefix", "0.0.1"
29
- spec.add_dependency "tomlrb", "2.0.3"
30
- spec.add_dependency "ruby-xxHash", "0.4.0.2"
31
- spec.add_dependency "parallel", "1.22.1"
32
- spec.add_dependency "reverse_markdown", "2.1.1"
33
- spec.add_dependency "json", "2.6.3"
34
- # spec.add_dependency "cocoapods-core", "1.11.3"
26
+ spec.add_dependency "licensee", "~> 9.16"
27
+ spec.add_dependency "thor", "~> 1.2"
28
+ spec.add_dependency "pathname-common_prefix", "~> 0.0.1"
29
+ spec.add_dependency "tomlrb", "~> 2.0"
30
+ spec.add_dependency "ruby-xxHash", "~> 0.4.0"
31
+ spec.add_dependency "parallel", "~> 1.22"
32
+ spec.add_dependency "reverse_markdown", "~> 2.1"
33
+ spec.add_dependency "json", "~> 2.6"
34
+ # spec.add_dependency "cocoapods-core", "~> 1.11"
35
35
 
36
- spec.add_development_dependency "rake", "13.0.6"
37
- spec.add_development_dependency "minitest", "5.17.0"
38
- spec.add_development_dependency "mocha", "2.0.2"
39
- spec.add_development_dependency "rubocop-github", "0.20.0"
40
- spec.add_development_dependency "byebug", "11.1.3"
36
+ spec.add_development_dependency "rake", "~> 13.0"
37
+ spec.add_development_dependency "minitest", "~> 5.17"
38
+ spec.add_development_dependency "mocha", "~> 2.0"
39
+ spec.add_development_dependency "rubocop-github", "~> 0.20"
40
+ spec.add_development_dependency "byebug", "~> 11.1"
41
41
  end
metadata CHANGED
@@ -1,197 +1,197 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: licensed
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.0.3
4
+ version: 4.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-01-17 00:00:00.000000000 Z
11
+ date: 2023-02-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: licensee
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - '='
17
+ - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 9.16.0
19
+ version: '9.16'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - '='
24
+ - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 9.16.0
26
+ version: '9.16'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: thor
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '='
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 1.2.1
33
+ version: '1.2'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - '='
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 1.2.1
40
+ version: '1.2'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: pathname-common_prefix
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - '='
45
+ - - "~>"
46
46
  - !ruby/object:Gem::Version
47
47
  version: 0.0.1
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - '='
52
+ - - "~>"
53
53
  - !ruby/object:Gem::Version
54
54
  version: 0.0.1
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: tomlrb
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - '='
59
+ - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: 2.0.3
61
+ version: '2.0'
62
62
  type: :runtime
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - '='
66
+ - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: 2.0.3
68
+ version: '2.0'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: ruby-xxHash
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
- - - '='
73
+ - - "~>"
74
74
  - !ruby/object:Gem::Version
75
- version: 0.4.0.2
75
+ version: 0.4.0
76
76
  type: :runtime
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
- - - '='
80
+ - - "~>"
81
81
  - !ruby/object:Gem::Version
82
- version: 0.4.0.2
82
+ version: 0.4.0
83
83
  - !ruby/object:Gem::Dependency
84
84
  name: parallel
85
85
  requirement: !ruby/object:Gem::Requirement
86
86
  requirements:
87
- - - '='
87
+ - - "~>"
88
88
  - !ruby/object:Gem::Version
89
- version: 1.22.1
89
+ version: '1.22'
90
90
  type: :runtime
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
- - - '='
94
+ - - "~>"
95
95
  - !ruby/object:Gem::Version
96
- version: 1.22.1
96
+ version: '1.22'
97
97
  - !ruby/object:Gem::Dependency
98
98
  name: reverse_markdown
99
99
  requirement: !ruby/object:Gem::Requirement
100
100
  requirements:
101
- - - '='
101
+ - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 2.1.1
103
+ version: '2.1'
104
104
  type: :runtime
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
- - - '='
108
+ - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 2.1.1
110
+ version: '2.1'
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: json
113
113
  requirement: !ruby/object:Gem::Requirement
114
114
  requirements:
115
- - - '='
115
+ - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 2.6.3
117
+ version: '2.6'
118
118
  type: :runtime
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
- - - '='
122
+ - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 2.6.3
124
+ version: '2.6'
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: rake
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
- - - '='
129
+ - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 13.0.6
131
+ version: '13.0'
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
- - - '='
136
+ - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 13.0.6
138
+ version: '13.0'
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: minitest
141
141
  requirement: !ruby/object:Gem::Requirement
142
142
  requirements:
143
- - - '='
143
+ - - "~>"
144
144
  - !ruby/object:Gem::Version
145
- version: 5.17.0
145
+ version: '5.17'
146
146
  type: :development
147
147
  prerelease: false
148
148
  version_requirements: !ruby/object:Gem::Requirement
149
149
  requirements:
150
- - - '='
150
+ - - "~>"
151
151
  - !ruby/object:Gem::Version
152
- version: 5.17.0
152
+ version: '5.17'
153
153
  - !ruby/object:Gem::Dependency
154
154
  name: mocha
155
155
  requirement: !ruby/object:Gem::Requirement
156
156
  requirements:
157
- - - '='
157
+ - - "~>"
158
158
  - !ruby/object:Gem::Version
159
- version: 2.0.2
159
+ version: '2.0'
160
160
  type: :development
161
161
  prerelease: false
162
162
  version_requirements: !ruby/object:Gem::Requirement
163
163
  requirements:
164
- - - '='
164
+ - - "~>"
165
165
  - !ruby/object:Gem::Version
166
- version: 2.0.2
166
+ version: '2.0'
167
167
  - !ruby/object:Gem::Dependency
168
168
  name: rubocop-github
169
169
  requirement: !ruby/object:Gem::Requirement
170
170
  requirements:
171
- - - '='
171
+ - - "~>"
172
172
  - !ruby/object:Gem::Version
173
- version: 0.20.0
173
+ version: '0.20'
174
174
  type: :development
175
175
  prerelease: false
176
176
  version_requirements: !ruby/object:Gem::Requirement
177
177
  requirements:
178
- - - '='
178
+ - - "~>"
179
179
  - !ruby/object:Gem::Version
180
- version: 0.20.0
180
+ version: '0.20'
181
181
  - !ruby/object:Gem::Dependency
182
182
  name: byebug
183
183
  requirement: !ruby/object:Gem::Requirement
184
184
  requirements:
185
- - - '='
185
+ - - "~>"
186
186
  - !ruby/object:Gem::Version
187
- version: 11.1.3
187
+ version: '11.1'
188
188
  type: :development
189
189
  prerelease: false
190
190
  version_requirements: !ruby/object:Gem::Requirement
191
191
  requirements:
192
- - - '='
192
+ - - "~>"
193
193
  - !ruby/object:Gem::Version
194
- version: 11.1.3
194
+ version: '11.1'
195
195
  description: Licensed automates extracting and validating the licenses of dependencies.
196
196
  email:
197
197
  - opensource+licensed@github.com
@@ -204,6 +204,7 @@ files:
204
204
  - CODE_OF_CONDUCT.md
205
205
  - CONTRIBUTING.md
206
206
  - Gemfile
207
+ - Gemfile.lock
207
208
  - LICENSE
208
209
  - README.md
209
210
  - Rakefile
@@ -218,6 +219,7 @@ files:
218
219
  - docs/commands/version.md
219
220
  - docs/configuration.md
220
221
  - docs/configuration/README.md
222
+ - docs/configuration/additional_terms.md
221
223
  - docs/configuration/allowed_licenses.md
222
224
  - docs/configuration/application_name.md
223
225
  - docs/configuration/application_source.md
@@ -248,6 +250,7 @@ files:
248
250
  - docs/sources/nuget.md
249
251
  - docs/sources/pip.md
250
252
  - docs/sources/pipenv.md
253
+ - docs/sources/pnpm.md
251
254
  - docs/sources/stack.md
252
255
  - docs/sources/swift.md
253
256
  - docs/sources/yarn.md
@@ -297,6 +300,7 @@ files:
297
300
  - lib/licensed/sources/nuget.rb
298
301
  - lib/licensed/sources/pip.rb
299
302
  - lib/licensed/sources/pipenv.rb
303
+ - lib/licensed/sources/pnpm.rb
300
304
  - lib/licensed/sources/source.rb
301
305
  - lib/licensed/sources/swift.rb
302
306
  - lib/licensed/sources/yarn.rb