licensed 4.0.3 → 4.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 9b570c99aa05e69aae2e75f5e661f1cb307c2031e30e0df440d1387f504cbb22
4
- data.tar.gz: d5976f503706900355565f95edb7d0aa8502b2e1cde65d351d3b9bce5257a6c7
3
+ metadata.gz: 7606d0b5e5f3755ee329a1963cda970c021deab08680c619731ed6fb3ba547da
4
+ data.tar.gz: 668a2d87d8019284b6ce02bccdda851ad186f03cc7d389fbdd659473affc08cf
5
5
  SHA512:
6
- metadata.gz: bda6cf9e2df1df8854493763a70bbb876c40b070bec8dd30a8323e89435920ad6109616fb353720aa8d0c1533d9815c3476ca71ae43ff1883868fe162babb10a
7
- data.tar.gz: 65f70a20f64c63c469a159d36d45dbc17d8c235bac9e2ceda8519227531ba37efb0aec5e1a0d298e71729f5f91a37e00fec35801e67de0398489d72bb5b96343
6
+ metadata.gz: '064129baadae7345b5c05e2635cc1850b8ce8321f1e2df803b5fc6d6704556a1337c7d1561024775801cf5cb4158b6c25657b06a0a9baf5ccac7a7453f35fa53'
7
+ data.tar.gz: b3c6ba7179d7b777665f29b5cace4536181a428a5995c5e7d1d168b4ba6012fd333d191eb6ce23ab7b971a9cb8231dbfb999743c72bf91a1efe78ddec78223b7
data/CHANGELOG.md CHANGED
@@ -6,6 +6,19 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## 4.1.0
10
+
11
+ ### Added
12
+
13
+ - Custom license terms can be added to dependencies via new configuration options (https://github.com/github/licensed/pull/624)
14
+ - Licensed is now integrated with pnpm to enumerate dependencies (https://github.com/github/licensed/pull/626)
15
+
16
+ ## 4.0.4
17
+
18
+ ### Changed
19
+
20
+ - Dependency version requirements are more relaxed (https://github.com/github/licensed/pull/619)
21
+
9
22
  ## 4.0.3
10
23
 
11
24
  ### Changed
@@ -700,4 +713,4 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
700
713
 
701
714
  Initial release :tada:
702
715
 
703
- [Unreleased]: https://github.com/github/licensed/compare/4.0.3...HEAD
716
+ [Unreleased]: https://github.com/github/licensed/compare/4.1.0...HEAD
data/Gemfile.lock ADDED
@@ -0,0 +1,112 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ licensed (4.1.0)
5
+ json (~> 2.6)
6
+ licensee (~> 9.16)
7
+ parallel (~> 1.22)
8
+ pathname-common_prefix (~> 0.0.1)
9
+ reverse_markdown (~> 2.1)
10
+ ruby-xxHash (~> 0.4.0)
11
+ thor (~> 1.2)
12
+ tomlrb (~> 2.0)
13
+
14
+ GEM
15
+ remote: https://rubygems.org/
16
+ specs:
17
+ activesupport (7.0.4.2)
18
+ concurrent-ruby (~> 1.0, >= 1.0.2)
19
+ i18n (>= 1.6, < 2)
20
+ minitest (>= 5.1)
21
+ tzinfo (~> 2.0)
22
+ addressable (2.8.1)
23
+ public_suffix (>= 2.0.2, < 6.0)
24
+ ast (2.4.2)
25
+ byebug (11.1.3)
26
+ concurrent-ruby (1.2.0)
27
+ dotenv (2.8.1)
28
+ faraday (2.7.4)
29
+ faraday-net_http (>= 2.0, < 3.1)
30
+ ruby2_keywords (>= 0.0.4)
31
+ faraday-net_http (3.0.2)
32
+ i18n (1.12.0)
33
+ concurrent-ruby (~> 1.0)
34
+ json (2.6.3)
35
+ licensee (9.16.0)
36
+ dotenv (~> 2.0)
37
+ octokit (>= 4.20, < 7.0)
38
+ reverse_markdown (>= 1, < 3)
39
+ rugged (>= 0.24, < 2.0)
40
+ thor (>= 0.19, < 2.0)
41
+ mini_portile2 (2.8.1)
42
+ minitest (5.17.0)
43
+ mocha (2.0.2)
44
+ ruby2_keywords (>= 0.0.5)
45
+ nokogiri (1.14.0)
46
+ mini_portile2 (~> 2.8.0)
47
+ racc (~> 1.4)
48
+ octokit (6.0.1)
49
+ faraday (>= 1, < 3)
50
+ sawyer (~> 0.9)
51
+ parallel (1.22.1)
52
+ parser (3.2.0.0)
53
+ ast (~> 2.4.1)
54
+ pathname-common_prefix (0.0.1)
55
+ public_suffix (5.0.1)
56
+ racc (1.6.2)
57
+ rack (3.0.4.1)
58
+ rainbow (3.1.1)
59
+ rake (13.0.6)
60
+ regexp_parser (2.6.2)
61
+ reverse_markdown (2.1.1)
62
+ nokogiri
63
+ rexml (3.2.5)
64
+ rubocop (1.44.1)
65
+ json (~> 2.3)
66
+ parallel (~> 1.10)
67
+ parser (>= 3.2.0.0)
68
+ rainbow (>= 2.2.2, < 4.0)
69
+ regexp_parser (>= 1.8, < 3.0)
70
+ rexml (>= 3.2.5, < 4.0)
71
+ rubocop-ast (>= 1.24.1, < 2.0)
72
+ ruby-progressbar (~> 1.7)
73
+ unicode-display_width (>= 2.4.0, < 3.0)
74
+ rubocop-ast (1.24.1)
75
+ parser (>= 3.1.1.0)
76
+ rubocop-github (0.20.0)
77
+ rubocop (>= 1.37)
78
+ rubocop-performance (>= 1.15)
79
+ rubocop-rails (>= 2.17)
80
+ rubocop-performance (1.15.2)
81
+ rubocop (>= 1.7.0, < 2.0)
82
+ rubocop-ast (>= 0.4.0)
83
+ rubocop-rails (2.17.4)
84
+ activesupport (>= 4.2.0)
85
+ rack (>= 1.1)
86
+ rubocop (>= 1.33.0, < 2.0)
87
+ ruby-progressbar (1.11.0)
88
+ ruby-xxHash (0.4.0.2)
89
+ ruby2_keywords (0.0.5)
90
+ rugged (1.5.1)
91
+ sawyer (0.9.2)
92
+ addressable (>= 2.3.5)
93
+ faraday (>= 0.17.3, < 3)
94
+ thor (1.2.1)
95
+ tomlrb (2.0.3)
96
+ tzinfo (2.0.5)
97
+ concurrent-ruby (~> 1.0)
98
+ unicode-display_width (2.4.2)
99
+
100
+ PLATFORMS
101
+ ruby
102
+
103
+ DEPENDENCIES
104
+ byebug (~> 11.1)
105
+ licensed!
106
+ minitest (~> 5.17)
107
+ mocha (~> 2.0)
108
+ rake (~> 13.0)
109
+ rubocop-github (~> 0.20)
110
+
111
+ BUNDLED WITH
112
+ 2.3.26
@@ -9,3 +9,4 @@
9
9
  1. [Allowed licenses](./allowed_licenses.md)
10
10
  1. [Ignoring dependencies](./ignoring_dependencies.md)
11
11
  1. [Reviewing dependencies](./reviewing_dependencies.md)
12
+ 1. [Additional license terms](./additional_terms.md)
@@ -0,0 +1,41 @@
1
+ # Additional terms
2
+
3
+ The `additional_terms` configuration option is used to specify paths to files containing extra licensing terms that do not ship with the dependency package. All files specified are expected to be plain text.
4
+
5
+ Files containing additional content can be located anywhere on disk that is accessible to licensed. File paths can be specified as a string or array and can contain glob values to simplify configuration inputs. All file paths are evaluated from the [configuration root](./configuration_root.md).
6
+
7
+ ## Examples
8
+
9
+ **Note** The examples below specify paths to additional files under the `.licenses` folder. This is a logical place to store files containing license terms, but be careful not to store files under paths managed by licensed like `.licenses/<source type>/...`. Running `licensed cache` in the future will delete any files under licensed managed paths that licensed did not create. This is why the below examples use paths like `.licenses/amendments/bundler/...` instead of not `.licenses/bundler/amendments/...`.
10
+
11
+ ### With a string
12
+
13
+ ```yaml
14
+ additional_terms:
15
+ # specify the type of dependency
16
+ bundler:
17
+ # specify the dependency name and path to an additional file
18
+ <gem-name>: .licenses/amendments/bundler/<gem-name>/terms.txt
19
+ ```
20
+
21
+ ### With a glob string
22
+
23
+ ```yaml
24
+ additional_terms:
25
+ # specify the type of dependency
26
+ bundler:
27
+ # specify the dependency name and one or more additional files with a glob pattern
28
+ <gem-name>: .licenses/amendments/bundler/<gem-name>/*.txt
29
+ ```
30
+
31
+ ### With an array of strings
32
+
33
+ ```yaml
34
+ additional_terms:
35
+ # specify the type of dependency
36
+ bundler:
37
+ # specify the dependency name and array of paths to additional files
38
+ <gem-name>:
39
+ - .licenses/amendments/bundler/<gem-name>/terms-1.txt
40
+ - .licenses/amendments/bundler/<gem-name>/terms-2.txt
41
+ ```
@@ -67,6 +67,13 @@ reviewed:
67
67
  - classlist # public domain
68
68
  - octicons
69
69
 
70
+ # Specify additional license terms that have been obtained from a dependency's owner
71
+ # which apply to the dependency's license
72
+ additional_terms:
73
+ bundler:
74
+ bcrypt-ruby:
75
+ - .licenses/amendments/bundler/bcrypt-ruby/amendment.txt
76
+
70
77
  # A single configuration file can be used to enumerate dependencies for multiple
71
78
  # projects. Each configuration is referred to as an "application" and must include
72
79
  # a source path, at a minimum
@@ -0,0 +1,18 @@
1
+ # pnpm
2
+
3
+ The npm source will detect dependencies when `pnpm-lock.yaml` is found at an apps `source_path`. It uses `pnpm licenses list` to enumerate dependencies and metadata.
4
+
5
+ **NOTE** [pnpm licenses list](https://pnpm.io/cli/licenses) is an experimental CLI command and subject to change. If changes to pnpm result in unexpected or broken behavior in licensed please open an [issue](https://github.com/github/licensed/issues/new).
6
+
7
+ ## Including development dependencies
8
+
9
+ By default, the npm source will exclude all development dependencies. To include development or test dependencies, set `production_only: false` in the licensed configuration.
10
+
11
+ ```yml
12
+ pnpm:
13
+ production_only: false
14
+ ```
15
+
16
+ ## Using licensed with pnpm workspaces
17
+
18
+ Licensed will locate all dependencies from all pnpm workspaces and cannot enumerate dependencies from individual project workspaces. This is a limitation from the pnpm CLI.
@@ -109,6 +109,12 @@ module Licensed
109
109
  self["allowed"] << license
110
110
  end
111
111
 
112
+ # Returns an array of paths to files containing additional license terms.
113
+ def additional_terms_for_dependency(dependency)
114
+ amendment_paths = Array(self.dig("additional_terms", dependency["type"], dependency["name"]))
115
+ amendment_paths.flat_map { |path| Dir.glob(self.root.join(path)) }
116
+ end
117
+
112
118
  private
113
119
 
114
120
  def any_list_pattern_matched?(list, dependency, match_version: false)
@@ -9,6 +9,7 @@ module Licensed
9
9
  attr_reader :version
10
10
  attr_reader :errors
11
11
  attr_reader :path
12
+ attr_reader :additional_terms
12
13
 
13
14
  # Create a new project dependency
14
15
  #
@@ -28,6 +29,7 @@ module Licensed
28
29
  @errors = errors
29
30
  path = path.to_s
30
31
  @path = path
32
+ @additional_terms = []
31
33
 
32
34
  # enforcing absolute paths makes life much easier when determining
33
35
  # an absolute file path in #notices
@@ -80,6 +82,13 @@ module Licensed
80
82
  files.compact
81
83
  end
82
84
 
85
+
86
+ # Override the behavior of Licensee::Projects::FSProject#project_files to include
87
+ # additional license terms
88
+ def project_files
89
+ super + additional_license_terms_files
90
+ end
91
+
83
92
  # Returns legal notices found at the dependency path
84
93
  def notice_contents
85
94
  Dir.glob(dir_path.join("*"))
@@ -102,6 +111,7 @@ module Licensed
102
111
  def license_content_sources(files)
103
112
  paths = Array(files).map do |file|
104
113
  next file[:uri] if file[:uri]
114
+ next file[:source] if file[:source]
105
115
 
106
116
  path = dir_path.join(file[:dir], file[:name])
107
117
  normalize_source_path(path)
@@ -157,5 +167,22 @@ module Licensed
157
167
  "text" => text
158
168
  }
159
169
  end
170
+
171
+ # Returns an array of Licensee::ProjectFiles::LicenseFile created from
172
+ # this dependency's additional license terms
173
+ def additional_license_terms_files
174
+ @additional_license_terms_files ||= begin
175
+ files = additional_terms.map do |path|
176
+ next unless File.file?(path)
177
+
178
+ metadata = { dir: File.dirname(path), name: File.basename(path) }
179
+ Licensee::ProjectFiles::LicenseFile.new(
180
+ load_file(metadata),
181
+ { source: "License terms loaded from #{metadata[:name]}" }
182
+ )
183
+ end
184
+ files.compact
185
+ end
186
+ end
160
187
  end
161
188
  end
@@ -0,0 +1,52 @@
1
+ # frozen_string_literal: true
2
+ require "json"
3
+
4
+ module Licensed
5
+ module Sources
6
+ class PNPM < Source
7
+ # Returns true when pnpm is installed and a pnpm-lock.yaml file is found,
8
+ # otherwise false
9
+ def enabled?
10
+ return false unless Licensed::Shell.tool_available?("pnpm")
11
+ File.exist?(File.join(config.pwd, "pnpm-lock.yaml"))
12
+ end
13
+
14
+ def enumerate_dependencies
15
+ packages.map do |package|
16
+ name_with_version = "#{package["name"]}@#{package["version"]}"
17
+ Dependency.new(
18
+ name: name_with_version,
19
+ version: package["version"],
20
+ path: package["path"],
21
+ metadata: {
22
+ "type" => PNPM.type,
23
+ "name" => package["name"],
24
+ "summary" => package["description"],
25
+ "homepage" => package["homepage"]
26
+ }
27
+ )
28
+ end
29
+ end
30
+
31
+ # Returns package metadata returned from `pnpm licensed list`
32
+ def packages
33
+ JSON.parse(package_metadata_command).values.flatten
34
+ rescue JSON::ParserError => e
35
+ message = "Licensed was unable to parse the output from 'pnpm licenses list'. JSON Error: #{e.message}"
36
+ raise Licensed::Sources::Source::Error, message
37
+ end
38
+
39
+ # Returns the output from running `pnpm licenses list` to get package metadata
40
+ def package_metadata_command
41
+ args = %w(--json --long)
42
+ args << "--prod" unless include_non_production?
43
+ Licensed::Shell.execute("pnpm", "licenses", "list", *args, allow_failure: true)
44
+ end
45
+
46
+ # Returns whether to include non production dependencies based on the licensed configuration settings
47
+ def include_non_production?
48
+ config.dig("pnpm", "production_only") == false
49
+ end
50
+ end
51
+ end
52
+ end
@@ -69,7 +69,9 @@ module Licensed
69
69
  # Returns all dependencies that should be evaluated.
70
70
  # Excludes ignored dependencies.
71
71
  def dependencies
72
- cached_dependencies.reject { |d| ignored?(d) }
72
+ cached_dependencies
73
+ .reject { |d| ignored?(d) }
74
+ .each { |d| add_additional_terms_from_configuration(d) }
73
75
  end
74
76
 
75
77
  # Enumerate all source dependencies. Must be implemented by each source class.
@@ -88,6 +90,11 @@ module Licensed
88
90
  def cached_dependencies
89
91
  @dependencies ||= enumerate_dependencies.compact
90
92
  end
93
+
94
+ # Add any additional_terms for this dependency that have been added to the configuration
95
+ def add_additional_terms_from_configuration(dependency)
96
+ dependency.additional_terms.concat config.additional_terms_for_dependency("type" => self.class.type, "name" => dependency.name)
97
+ end
91
98
  end
92
99
  end
93
100
  end
@@ -6,19 +6,20 @@ module Licensed
6
6
  require "licensed/sources/bundler"
7
7
  require "licensed/sources/cabal"
8
8
  require "licensed/sources/cargo"
9
+ require "licensed/sources/cocoapods"
9
10
  require "licensed/sources/composer"
10
11
  require "licensed/sources/dep"
11
12
  require "licensed/sources/git_submodule"
12
13
  require "licensed/sources/go"
14
+ require "licensed/sources/gradle"
13
15
  require "licensed/sources/manifest"
16
+ require "licensed/sources/mix"
14
17
  require "licensed/sources/npm"
15
18
  require "licensed/sources/nuget"
16
19
  require "licensed/sources/pip"
17
20
  require "licensed/sources/pipenv"
21
+ require "licensed/sources/pnpm"
18
22
  require "licensed/sources/swift"
19
- require "licensed/sources/gradle"
20
- require "licensed/sources/mix"
21
23
  require "licensed/sources/yarn"
22
- require "licensed/sources/cocoapods"
23
24
  end
24
25
  end
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
  module Licensed
3
- VERSION = "4.0.3".freeze
3
+ VERSION = "4.1.0".freeze
4
4
 
5
5
  def self.previous_major_versions
6
6
  major_version = Gem::Version.new(Licensed::VERSION).segments.first
data/licensed.gemspec CHANGED
@@ -23,19 +23,19 @@ Gem::Specification.new do |spec|
23
23
 
24
24
  spec.required_ruby_version = ">= 2.6.0"
25
25
 
26
- spec.add_dependency "licensee", "9.16.0"
27
- spec.add_dependency "thor", "1.2.1"
28
- spec.add_dependency "pathname-common_prefix", "0.0.1"
29
- spec.add_dependency "tomlrb", "2.0.3"
30
- spec.add_dependency "ruby-xxHash", "0.4.0.2"
31
- spec.add_dependency "parallel", "1.22.1"
32
- spec.add_dependency "reverse_markdown", "2.1.1"
33
- spec.add_dependency "json", "2.6.3"
34
- # spec.add_dependency "cocoapods-core", "1.11.3"
26
+ spec.add_dependency "licensee", "~> 9.16"
27
+ spec.add_dependency "thor", "~> 1.2"
28
+ spec.add_dependency "pathname-common_prefix", "~> 0.0.1"
29
+ spec.add_dependency "tomlrb", "~> 2.0"
30
+ spec.add_dependency "ruby-xxHash", "~> 0.4.0"
31
+ spec.add_dependency "parallel", "~> 1.22"
32
+ spec.add_dependency "reverse_markdown", "~> 2.1"
33
+ spec.add_dependency "json", "~> 2.6"
34
+ # spec.add_dependency "cocoapods-core", "~> 1.11"
35
35
 
36
- spec.add_development_dependency "rake", "13.0.6"
37
- spec.add_development_dependency "minitest", "5.17.0"
38
- spec.add_development_dependency "mocha", "2.0.2"
39
- spec.add_development_dependency "rubocop-github", "0.20.0"
40
- spec.add_development_dependency "byebug", "11.1.3"
36
+ spec.add_development_dependency "rake", "~> 13.0"
37
+ spec.add_development_dependency "minitest", "~> 5.17"
38
+ spec.add_development_dependency "mocha", "~> 2.0"
39
+ spec.add_development_dependency "rubocop-github", "~> 0.20"
40
+ spec.add_development_dependency "byebug", "~> 11.1"
41
41
  end
metadata CHANGED
@@ -1,197 +1,197 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: licensed
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.0.3
4
+ version: 4.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-01-17 00:00:00.000000000 Z
11
+ date: 2023-02-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: licensee
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - '='
17
+ - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: 9.16.0
19
+ version: '9.16'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - '='
24
+ - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: 9.16.0
26
+ version: '9.16'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: thor
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '='
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
- version: 1.2.1
33
+ version: '1.2'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - '='
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
- version: 1.2.1
40
+ version: '1.2'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: pathname-common_prefix
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - '='
45
+ - - "~>"
46
46
  - !ruby/object:Gem::Version
47
47
  version: 0.0.1
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - '='
52
+ - - "~>"
53
53
  - !ruby/object:Gem::Version
54
54
  version: 0.0.1
55
55
  - !ruby/object:Gem::Dependency
56
56
  name: tomlrb
57
57
  requirement: !ruby/object:Gem::Requirement
58
58
  requirements:
59
- - - '='
59
+ - - "~>"
60
60
  - !ruby/object:Gem::Version
61
- version: 2.0.3
61
+ version: '2.0'
62
62
  type: :runtime
63
63
  prerelease: false
64
64
  version_requirements: !ruby/object:Gem::Requirement
65
65
  requirements:
66
- - - '='
66
+ - - "~>"
67
67
  - !ruby/object:Gem::Version
68
- version: 2.0.3
68
+ version: '2.0'
69
69
  - !ruby/object:Gem::Dependency
70
70
  name: ruby-xxHash
71
71
  requirement: !ruby/object:Gem::Requirement
72
72
  requirements:
73
- - - '='
73
+ - - "~>"
74
74
  - !ruby/object:Gem::Version
75
- version: 0.4.0.2
75
+ version: 0.4.0
76
76
  type: :runtime
77
77
  prerelease: false
78
78
  version_requirements: !ruby/object:Gem::Requirement
79
79
  requirements:
80
- - - '='
80
+ - - "~>"
81
81
  - !ruby/object:Gem::Version
82
- version: 0.4.0.2
82
+ version: 0.4.0
83
83
  - !ruby/object:Gem::Dependency
84
84
  name: parallel
85
85
  requirement: !ruby/object:Gem::Requirement
86
86
  requirements:
87
- - - '='
87
+ - - "~>"
88
88
  - !ruby/object:Gem::Version
89
- version: 1.22.1
89
+ version: '1.22'
90
90
  type: :runtime
91
91
  prerelease: false
92
92
  version_requirements: !ruby/object:Gem::Requirement
93
93
  requirements:
94
- - - '='
94
+ - - "~>"
95
95
  - !ruby/object:Gem::Version
96
- version: 1.22.1
96
+ version: '1.22'
97
97
  - !ruby/object:Gem::Dependency
98
98
  name: reverse_markdown
99
99
  requirement: !ruby/object:Gem::Requirement
100
100
  requirements:
101
- - - '='
101
+ - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 2.1.1
103
+ version: '2.1'
104
104
  type: :runtime
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
- - - '='
108
+ - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 2.1.1
110
+ version: '2.1'
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: json
113
113
  requirement: !ruby/object:Gem::Requirement
114
114
  requirements:
115
- - - '='
115
+ - - "~>"
116
116
  - !ruby/object:Gem::Version
117
- version: 2.6.3
117
+ version: '2.6'
118
118
  type: :runtime
119
119
  prerelease: false
120
120
  version_requirements: !ruby/object:Gem::Requirement
121
121
  requirements:
122
- - - '='
122
+ - - "~>"
123
123
  - !ruby/object:Gem::Version
124
- version: 2.6.3
124
+ version: '2.6'
125
125
  - !ruby/object:Gem::Dependency
126
126
  name: rake
127
127
  requirement: !ruby/object:Gem::Requirement
128
128
  requirements:
129
- - - '='
129
+ - - "~>"
130
130
  - !ruby/object:Gem::Version
131
- version: 13.0.6
131
+ version: '13.0'
132
132
  type: :development
133
133
  prerelease: false
134
134
  version_requirements: !ruby/object:Gem::Requirement
135
135
  requirements:
136
- - - '='
136
+ - - "~>"
137
137
  - !ruby/object:Gem::Version
138
- version: 13.0.6
138
+ version: '13.0'
139
139
  - !ruby/object:Gem::Dependency
140
140
  name: minitest
141
141
  requirement: !ruby/object:Gem::Requirement
142
142
  requirements:
143
- - - '='
143
+ - - "~>"
144
144
  - !ruby/object:Gem::Version
145
- version: 5.17.0
145
+ version: '5.17'
146
146
  type: :development
147
147
  prerelease: false
148
148
  version_requirements: !ruby/object:Gem::Requirement
149
149
  requirements:
150
- - - '='
150
+ - - "~>"
151
151
  - !ruby/object:Gem::Version
152
- version: 5.17.0
152
+ version: '5.17'
153
153
  - !ruby/object:Gem::Dependency
154
154
  name: mocha
155
155
  requirement: !ruby/object:Gem::Requirement
156
156
  requirements:
157
- - - '='
157
+ - - "~>"
158
158
  - !ruby/object:Gem::Version
159
- version: 2.0.2
159
+ version: '2.0'
160
160
  type: :development
161
161
  prerelease: false
162
162
  version_requirements: !ruby/object:Gem::Requirement
163
163
  requirements:
164
- - - '='
164
+ - - "~>"
165
165
  - !ruby/object:Gem::Version
166
- version: 2.0.2
166
+ version: '2.0'
167
167
  - !ruby/object:Gem::Dependency
168
168
  name: rubocop-github
169
169
  requirement: !ruby/object:Gem::Requirement
170
170
  requirements:
171
- - - '='
171
+ - - "~>"
172
172
  - !ruby/object:Gem::Version
173
- version: 0.20.0
173
+ version: '0.20'
174
174
  type: :development
175
175
  prerelease: false
176
176
  version_requirements: !ruby/object:Gem::Requirement
177
177
  requirements:
178
- - - '='
178
+ - - "~>"
179
179
  - !ruby/object:Gem::Version
180
- version: 0.20.0
180
+ version: '0.20'
181
181
  - !ruby/object:Gem::Dependency
182
182
  name: byebug
183
183
  requirement: !ruby/object:Gem::Requirement
184
184
  requirements:
185
- - - '='
185
+ - - "~>"
186
186
  - !ruby/object:Gem::Version
187
- version: 11.1.3
187
+ version: '11.1'
188
188
  type: :development
189
189
  prerelease: false
190
190
  version_requirements: !ruby/object:Gem::Requirement
191
191
  requirements:
192
- - - '='
192
+ - - "~>"
193
193
  - !ruby/object:Gem::Version
194
- version: 11.1.3
194
+ version: '11.1'
195
195
  description: Licensed automates extracting and validating the licenses of dependencies.
196
196
  email:
197
197
  - opensource+licensed@github.com
@@ -204,6 +204,7 @@ files:
204
204
  - CODE_OF_CONDUCT.md
205
205
  - CONTRIBUTING.md
206
206
  - Gemfile
207
+ - Gemfile.lock
207
208
  - LICENSE
208
209
  - README.md
209
210
  - Rakefile
@@ -218,6 +219,7 @@ files:
218
219
  - docs/commands/version.md
219
220
  - docs/configuration.md
220
221
  - docs/configuration/README.md
222
+ - docs/configuration/additional_terms.md
221
223
  - docs/configuration/allowed_licenses.md
222
224
  - docs/configuration/application_name.md
223
225
  - docs/configuration/application_source.md
@@ -248,6 +250,7 @@ files:
248
250
  - docs/sources/nuget.md
249
251
  - docs/sources/pip.md
250
252
  - docs/sources/pipenv.md
253
+ - docs/sources/pnpm.md
251
254
  - docs/sources/stack.md
252
255
  - docs/sources/swift.md
253
256
  - docs/sources/yarn.md
@@ -297,6 +300,7 @@ files:
297
300
  - lib/licensed/sources/nuget.rb
298
301
  - lib/licensed/sources/pip.rb
299
302
  - lib/licensed/sources/pipenv.rb
303
+ - lib/licensed/sources/pnpm.rb
300
304
  - lib/licensed/sources/source.rb
301
305
  - lib/licensed/sources/swift.rb
302
306
  - lib/licensed/sources/yarn.rb