licensed 3.4.4 → 3.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/docs/configuration/customizing_licensee.md +13 -0
- data/docs/configuration.md +1 -1
- data/docs/sources/npm.md +1 -1
- data/lib/licensed/commands/cache.rb +28 -0
- data/lib/licensed/version.rb +1 -1
- data/licensed.gemspec +1 -1
- metadata +5 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d2fafd3b11ba6f63760979021e1628aa1d4ae0e0cd5b0b413b06c6163a1b64fd
|
|
4
|
+
data.tar.gz: d5fe530e59e0091b44f0ae08403f72707f6dc4db391a6d7e39e4b620c01b1da9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: a2b691823b7cbc692fb155bc672772fea156932a3d7d38111634927a0babf427343f992eded7d219041575e64e698a9821fdf1e9e12390f8e29a2c95a42e340a
|
|
7
|
+
data.tar.gz: 61872b213231ead8c7ce5d209af8332964e8562e8809dbbf7c3e5fd95b84cfffcc7b9c4391f0e81d6e094325293bbe61520458d4cc1233072f4b0c41b04cd165
|
data/CHANGELOG.md
CHANGED
|
@@ -6,6 +6,14 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|
|
6
6
|
|
|
7
7
|
## [Unreleased]
|
|
8
8
|
|
|
9
|
+
## 3.5.0
|
|
10
|
+
|
|
11
|
+
2022-02-24
|
|
12
|
+
|
|
13
|
+
### Added
|
|
14
|
+
|
|
15
|
+
- [Licensee](https://github.com/licensee/licensee) confidence thresholds can be configured in the licensed configuration file (https://github.com/github/licensed/pull/455)
|
|
16
|
+
|
|
9
17
|
## 3.4.4
|
|
10
18
|
|
|
11
19
|
2022-02-07
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
# Customize Licensee's behavior
|
|
2
|
+
|
|
3
|
+
Licensed uses [Licensee](https://github.com/licensee/licensee) to detect and evaluate OSS licenses for project dependencies found during source enumeration. Licensed can optionally [customize Licensee's behavior](https://github.com/licensee/licensee/blob/jonabc-patch-1/docs/customizing.md#customizing-licensees-behavior) based on options set in the configuration file.
|
|
4
|
+
|
|
5
|
+
**NOTE** Matching licenses based on package manager metadata and README references is always enabled and cannot currently be configured.
|
|
6
|
+
|
|
7
|
+
```yml
|
|
8
|
+
licensee:
|
|
9
|
+
# the confidence threshold is an integer between 1 and 100. the value represents
|
|
10
|
+
# the minimum percentage confidence that Licensee must have to report a matched license
|
|
11
|
+
# https://github.com/licensee/licensee/blob/jonabc-patch-1/docs/customizing.md#adjusting-the-confidence-threshold
|
|
12
|
+
confidence_threshold: 90 # default value: 98
|
|
13
|
+
```
|
data/docs/configuration.md
CHANGED
|
@@ -4,7 +4,7 @@ A configuration file specifies the details of enumerating and operating on licen
|
|
|
4
4
|
|
|
5
5
|
Configuration can be specified in either YML or JSON formats, with examples given in YML. The example
|
|
6
6
|
below describes common configuration values and their purposes. See [configuration options documentation](./configuration)
|
|
7
|
-
for in depth information.
|
|
7
|
+
for in depth information.
|
|
8
8
|
|
|
9
9
|
Additionally, some dependency sources have their own specific configuration options. See the [source documentation](./sources) for details.
|
|
10
10
|
|
data/docs/sources/npm.md
CHANGED
|
@@ -4,7 +4,7 @@ The npm source will detect dependencies `package.json` is found at an apps `sour
|
|
|
4
4
|
|
|
5
5
|
### Including development dependencies
|
|
6
6
|
|
|
7
|
-
By default, the npm source will exclude all
|
|
7
|
+
By default, the npm source will exclude all development dependencies. To include development or test dependencies, set `production_only: false` in the licensed configuration.
|
|
8
8
|
|
|
9
9
|
```yml
|
|
10
10
|
npm:
|
|
@@ -29,6 +29,18 @@ module Licensed
|
|
|
29
29
|
files.clear
|
|
30
30
|
end
|
|
31
31
|
|
|
32
|
+
# Run the command for an application configurations.
|
|
33
|
+
# Applies a licensee configuration for the duration of the operation.
|
|
34
|
+
#
|
|
35
|
+
# report - A Licensed::Report object for this command
|
|
36
|
+
#
|
|
37
|
+
# Returns whether the command succeeded
|
|
38
|
+
def run_app(app, report)
|
|
39
|
+
with_licensee_configuration(app, report) do
|
|
40
|
+
super
|
|
41
|
+
end
|
|
42
|
+
end
|
|
43
|
+
|
|
32
44
|
# Run the command for all enumerated dependencies found in a dependency source,
|
|
33
45
|
# recording results in a report.
|
|
34
46
|
# Enumerating dependencies in the source is skipped if a :sources option
|
|
@@ -136,6 +148,22 @@ module Licensed
|
|
|
136
148
|
def files
|
|
137
149
|
@files ||= Set.new
|
|
138
150
|
end
|
|
151
|
+
|
|
152
|
+
# Configure licensee for the duration of a yielded operation
|
|
153
|
+
def with_licensee_configuration(app, report)
|
|
154
|
+
licensee_configuration = app["licensee"]
|
|
155
|
+
return yield unless licensee_configuration
|
|
156
|
+
|
|
157
|
+
report["licensee"] = licensee_configuration
|
|
158
|
+
|
|
159
|
+
if new_threshold = licensee_configuration["confidence_threshold"]
|
|
160
|
+
old_threshold, Licensee.confidence_threshold = Licensee.confidence_threshold, new_threshold
|
|
161
|
+
end
|
|
162
|
+
|
|
163
|
+
yield
|
|
164
|
+
ensure
|
|
165
|
+
Licensee.confidence_threshold = old_threshold if old_threshold
|
|
166
|
+
end
|
|
139
167
|
end
|
|
140
168
|
end
|
|
141
169
|
end
|
data/lib/licensed/version.rb
CHANGED
data/licensed.gemspec
CHANGED
|
@@ -23,7 +23,7 @@ Gem::Specification.new do |spec|
|
|
|
23
23
|
|
|
24
24
|
spec.required_ruby_version = ">= 2.3.0"
|
|
25
25
|
|
|
26
|
-
spec.add_dependency "licensee", ">= 9.
|
|
26
|
+
spec.add_dependency "licensee", ">= 9.15.2", "< 10.0.0"
|
|
27
27
|
spec.add_dependency "thor", ">= 0.19"
|
|
28
28
|
spec.add_dependency "pathname-common_prefix", "~> 0.0.1"
|
|
29
29
|
spec.add_dependency "tomlrb", ">= 1.2", "< 3.0"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: licensed
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- GitHub
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-02-
|
|
11
|
+
date: 2022-02-24 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: licensee
|
|
@@ -16,7 +16,7 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 9.
|
|
19
|
+
version: 9.15.2
|
|
20
20
|
- - "<"
|
|
21
21
|
- !ruby/object:Gem::Version
|
|
22
22
|
version: 10.0.0
|
|
@@ -26,7 +26,7 @@ dependencies:
|
|
|
26
26
|
requirements:
|
|
27
27
|
- - ">="
|
|
28
28
|
- !ruby/object:Gem::Version
|
|
29
|
-
version: 9.
|
|
29
|
+
version: 9.15.2
|
|
30
30
|
- - "<"
|
|
31
31
|
- !ruby/object:Gem::Version
|
|
32
32
|
version: 10.0.0
|
|
@@ -261,6 +261,7 @@ files:
|
|
|
261
261
|
- docs/configuration/application_source.md
|
|
262
262
|
- docs/configuration/configuration_root.md
|
|
263
263
|
- docs/configuration/configuring_multiple_apps.md
|
|
264
|
+
- docs/configuration/customizing_licensee.md
|
|
264
265
|
- docs/configuration/dependency_source_enumerators.md
|
|
265
266
|
- docs/configuration/ignoring_dependencies.md
|
|
266
267
|
- docs/configuration/metadata_cache.md
|