organization_license_audit 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/MIT-LICENSE +20 -0
- data/bin/organization-license-audit +35 -0
- data/lib/organization_license_audit.rb +140 -0
- data/lib/organization_license_audit/version.rb +3 -0
- metadata +97 -0
- metadata.gz.sig +1 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 5bddd806ad923e0021c5c5b07a36f158ca441e4a
|
4
|
+
data.tar.gz: aea6b5b9d57b337239176447d26af60740c3ee4d
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 8150765f1816d56a28c010ebc6f5d6eeba25a0de372c08ab40d08e6fc2845eb3b6f9ed81d9b88011ffe7be11b639e1816b4068ef927f6e3f9dd23ff28a3e8831
|
7
|
+
data.tar.gz: 8e3b2df4f8b2869d1ff8b5f7abcd79e12f6575d6f3df10ca70468d2a54895546d850586639a4145444b41936f7ed1e6dc572d8753f5c46933ea7df2f99afb6c7
|
checksums.yaml.gz.sig
ADDED
Binary file
|
data.tar.gz.sig
ADDED
Binary file
|
data/MIT-LICENSE
ADDED
@@ -0,0 +1,20 @@
|
|
1
|
+
Copyright (C) 2013 Michael Grosser <michael@grosser.it>
|
2
|
+
|
3
|
+
Permission is hereby granted, free of charge, to any person obtaining
|
4
|
+
a copy of this software and associated documentation files (the
|
5
|
+
"Software"), to deal in the Software without restriction, including
|
6
|
+
without limitation the rights to use, copy, modify, merge, publish,
|
7
|
+
distribute, sublicense, and/or sell copies of the Software, and to
|
8
|
+
permit persons to whom the Software is furnished to do so, subject to
|
9
|
+
the following conditions:
|
10
|
+
|
11
|
+
The above copyright notice and this permission notice shall be
|
12
|
+
included in all copies or substantial portions of the Software.
|
13
|
+
|
14
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
15
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
16
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
17
|
+
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
|
18
|
+
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
|
19
|
+
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
|
20
|
+
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
@@ -0,0 +1,35 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
require "rubygems"
|
3
|
+
require "optparse"
|
4
|
+
|
5
|
+
$LOAD_PATH << File.join(File.dirname(__FILE__), '..', 'lib')
|
6
|
+
require "organization_license_audit"
|
7
|
+
|
8
|
+
def git_config(thing)
|
9
|
+
result = `git config #{thing}`.strip
|
10
|
+
result.empty? ? nil : result
|
11
|
+
end
|
12
|
+
|
13
|
+
options = {
|
14
|
+
:ignore => [],
|
15
|
+
:user => git_config("github.user"),
|
16
|
+
:whitelist => []
|
17
|
+
}
|
18
|
+
OptionParser.new do |parser|
|
19
|
+
parser.banner = <<BANNER
|
20
|
+
Audit all licenses used by your github organization/user
|
21
|
+
|
22
|
+
Usage:
|
23
|
+
organization-license-audit your-user-name
|
24
|
+
|
25
|
+
Options:
|
26
|
+
BANNER
|
27
|
+
OrganizationAudit.optparse(parser, options)
|
28
|
+
parser.on("--csv", "Dump a csv summary") { options[:csv] = true }
|
29
|
+
parser.on("--ignore-gems", "Ignore repos that have a %{repo}.gemspec") { options[:ignore_gems] = true }
|
30
|
+
parser.on("-w", "--whitelist=LICENSES", String, "Comma separated list of licenses") { |whitelist| options[:whitelist] = whitelist.split(",") }
|
31
|
+
parser.on("-h", "--help", "Show this.") { puts parser; exit }
|
32
|
+
parser.on("-v", "--version", "Show Version"){ puts OrganizationLicenseAudit::VERSION; exit}
|
33
|
+
end.parse!
|
34
|
+
|
35
|
+
exit OrganizationLicenseAudit.run(options)
|
@@ -0,0 +1,140 @@
|
|
1
|
+
require "organization_license_audit/version"
|
2
|
+
require "tmpdir"
|
3
|
+
require "organization_audit"
|
4
|
+
|
5
|
+
module OrganizationLicenseAudit
|
6
|
+
BUNDLE_PATH = "vendor/bundle"
|
7
|
+
RESULT_LINE = /(^[a-z_\d-]+), ([^,]+), (.+)/
|
8
|
+
APPROVAL_HEADING = "Dependencies that need approval"
|
9
|
+
|
10
|
+
class << self
|
11
|
+
def run(options)
|
12
|
+
bad = find_bad(options)
|
13
|
+
if bad.any?
|
14
|
+
$stderr.puts "Failed:"
|
15
|
+
|
16
|
+
errors = bad.map { |repo, output| [repo, extract_error(output)] }
|
17
|
+
|
18
|
+
errors.each do |repo, unapproved|
|
19
|
+
puts "#{describe_error(unapproved)} -- #{repo}"
|
20
|
+
end
|
21
|
+
|
22
|
+
if options[:csv]
|
23
|
+
puts
|
24
|
+
puts "CSV:"
|
25
|
+
puts csv(errors)
|
26
|
+
end
|
27
|
+
|
28
|
+
1
|
29
|
+
else
|
30
|
+
0
|
31
|
+
end
|
32
|
+
end
|
33
|
+
|
34
|
+
private
|
35
|
+
|
36
|
+
def describe_error(unapproved)
|
37
|
+
if unapproved
|
38
|
+
unapproved.map(&:last).flatten.uniq.sort.join(", ")
|
39
|
+
else
|
40
|
+
"Unknown error"
|
41
|
+
end
|
42
|
+
end
|
43
|
+
|
44
|
+
def csv(errors)
|
45
|
+
require "csv"
|
46
|
+
CSV.generate do |csv|
|
47
|
+
csv << ["repo", "dependency", "license"]
|
48
|
+
errors.each do |repo, errors|
|
49
|
+
if errors
|
50
|
+
errors.each do |gem, license|
|
51
|
+
csv << [repo.url, gem, license]
|
52
|
+
end
|
53
|
+
else
|
54
|
+
csv << [repo.url, "Unknown error"]
|
55
|
+
end
|
56
|
+
end
|
57
|
+
end
|
58
|
+
end
|
59
|
+
|
60
|
+
def extract_error(output)
|
61
|
+
if output.include?(APPROVAL_HEADING)
|
62
|
+
output = output.split("\n")
|
63
|
+
output.reject! { |l| l.include?(APPROVAL_HEADING) || l.strip == "" }
|
64
|
+
output.map do |line|
|
65
|
+
if line =~ RESULT_LINE
|
66
|
+
[$1, $3]
|
67
|
+
else
|
68
|
+
["unparsable-line", line] # do not swallow the unknown or we might hide an error
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
74
|
+
def download_file(repo, file)
|
75
|
+
return unless content = repo.content(file)
|
76
|
+
File.write(file, content)
|
77
|
+
end
|
78
|
+
|
79
|
+
def find_bad(options)
|
80
|
+
OrganizationAudit.all(options).map do |repo|
|
81
|
+
next if options[:ignore_gems] and repo.gem?
|
82
|
+
success, output = audit_repo(repo, options)
|
83
|
+
$stderr.puts ""
|
84
|
+
[repo, output] unless success
|
85
|
+
end.compact
|
86
|
+
end
|
87
|
+
|
88
|
+
def audit_repo(repo, options)
|
89
|
+
$stderr.puts repo.name
|
90
|
+
in_temp_dir do
|
91
|
+
raise "Clone failed" unless sh("git clone #{repo.clone_url} --depth 1 --quiet").first
|
92
|
+
Dir.chdir repo.name do
|
93
|
+
with_clean_env do
|
94
|
+
bundled = File.exist?("Gemfile")
|
95
|
+
raise "Failed to bundle" if bundled && !sh("bundle --path #{BUNDLE_PATH} --quiet").first
|
96
|
+
options[:whitelist].each do |license|
|
97
|
+
raise "failed to approve #{license}" unless system("license_finder whitelist add '#{license}' >/dev/null")
|
98
|
+
end
|
99
|
+
sh("#{combined_gem_path if bundled}license_finder --quiet")
|
100
|
+
end
|
101
|
+
end
|
102
|
+
end
|
103
|
+
rescue Exception => e
|
104
|
+
raise if e.is_a?(Interrupt) # user interrupted
|
105
|
+
$stderr.puts "Error auditing #{repo.name} (#{e})"
|
106
|
+
true
|
107
|
+
end
|
108
|
+
|
109
|
+
# license_finder loads all gems in the target repo, which fails if they are not available in the current ruby installation
|
110
|
+
# so we have to add the gems in vendor/bundle to the gems currently available from this bundle
|
111
|
+
def combined_gem_path
|
112
|
+
"GEM_PATH=#{`gem env path`.strip}:#{BUNDLE_PATH}/ruby/* "
|
113
|
+
end
|
114
|
+
|
115
|
+
def in_temp_dir(&block)
|
116
|
+
Dir.mktmpdir { |dir| Dir.chdir(dir, &block) }
|
117
|
+
end
|
118
|
+
|
119
|
+
def with_clean_env(&block)
|
120
|
+
if defined?(Bundler)
|
121
|
+
Bundler.with_clean_env(&block)
|
122
|
+
else
|
123
|
+
yield
|
124
|
+
end
|
125
|
+
end
|
126
|
+
|
127
|
+
# http://grosser.it/2010/12/11/sh-without-rake
|
128
|
+
def sh(cmd)
|
129
|
+
output = ""
|
130
|
+
$stderr.puts cmd.sub(/GEM_PATH=[^ ]+ /, "")
|
131
|
+
IO.popen(cmd) do |pipe|
|
132
|
+
while str = pipe.gets
|
133
|
+
output << str
|
134
|
+
$stderr.puts str
|
135
|
+
end
|
136
|
+
end
|
137
|
+
[$?.success?, output]
|
138
|
+
end
|
139
|
+
end
|
140
|
+
end
|
metadata
ADDED
@@ -0,0 +1,97 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: organization_license_audit
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 1.0.0
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Michael Grosser
|
8
|
+
autorequire:
|
9
|
+
bindir: bin
|
10
|
+
cert_chain:
|
11
|
+
- |
|
12
|
+
-----BEGIN CERTIFICATE-----
|
13
|
+
MIIDMjCCAhqgAwIBAgIBADANBgkqhkiG9w0BAQUFADA/MRAwDgYDVQQDDAdtaWNo
|
14
|
+
YWVsMRcwFQYKCZImiZPyLGQBGRYHZ3Jvc3NlcjESMBAGCgmSJomT8ixkARkWAml0
|
15
|
+
MB4XDTEzMDIwMzE4MTMxMVoXDTE0MDIwMzE4MTMxMVowPzEQMA4GA1UEAwwHbWlj
|
16
|
+
aGFlbDEXMBUGCgmSJomT8ixkARkWB2dyb3NzZXIxEjAQBgoJkiaJk/IsZAEZFgJp
|
17
|
+
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMorXo/hgbUq97+kII9H
|
18
|
+
MsQcLdC/7wQ1ZP2OshVHPkeP0qH8MBHGg6eYisOX2ubNagF9YTCZWnhrdKrwpLOO
|
19
|
+
cPLaZbjUjljJ3cQR3B8Yn1veV5IhG86QseTBjymzJWsLpqJ1UZGpfB9tXcsFtuxO
|
20
|
+
6vHvcIHdzvc/OUkICttLbH+1qb6rsHUceqh+JrH4GrsJ5H4hAfIdyS2XMK7YRKbh
|
21
|
+
h+IBu6dFWJJByzFsYmV1PDXln3UBmgAt65cmCu4qPfThioCGDzbSJrGDGLmw/pFX
|
22
|
+
FPpVCm1zgYSb1v6Qnf3cgXa2f2wYGm17+zAVyIDpwryFru9yF/jJxE38z/DRsd9R
|
23
|
+
/88CAwEAAaM5MDcwCQYDVR0TBAIwADAdBgNVHQ4EFgQUsiNnXHtKeMYYcr4yJVmQ
|
24
|
+
WONL+IwwCwYDVR0PBAQDAgSwMA0GCSqGSIb3DQEBBQUAA4IBAQAlyN7kKo/NQCQ0
|
25
|
+
AOzZLZ3WAePvStkCFIJ53tsv5Kyo4pMAllv+BgPzzBt7qi605mFSL6zBd9uLou+W
|
26
|
+
Co3s48p1dy7CjjAfVQdmVNHF3MwXtfC2OEyvSQPi4xKR8iba8wa3xp9LVo1PuLpw
|
27
|
+
/6DsrChWw74HfsJN6qJOK684hJeT8lBYAUfiC3wD0owoPSg+XtyAAddisR+KV5Y1
|
28
|
+
NmVHuLtQcNTZy+gRht3ahJRMuC6QyLmkTsf+6MaenwAMkAgHdswGsJztOnNnBa3F
|
29
|
+
y0kCSWmK6D+x/SbfS6r7Ke07MRqziJdB9GuE1+0cIRuFh8EQ+LN6HXCKM5pon/GU
|
30
|
+
ycwMXfl0
|
31
|
+
-----END CERTIFICATE-----
|
32
|
+
date: 2013-12-20 00:00:00.000000000 Z
|
33
|
+
dependencies:
|
34
|
+
- !ruby/object:Gem::Dependency
|
35
|
+
name: organization_audit
|
36
|
+
requirement: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - '>='
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '0'
|
41
|
+
type: :runtime
|
42
|
+
prerelease: false
|
43
|
+
version_requirements: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - '>='
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '0'
|
48
|
+
- !ruby/object:Gem::Dependency
|
49
|
+
name: license_finder
|
50
|
+
requirement: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - '>='
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '0'
|
55
|
+
type: :runtime
|
56
|
+
prerelease: false
|
57
|
+
version_requirements: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - '>='
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
description:
|
63
|
+
email: michael@grosser.it
|
64
|
+
executables:
|
65
|
+
- organization-license-audit
|
66
|
+
extensions: []
|
67
|
+
extra_rdoc_files: []
|
68
|
+
files:
|
69
|
+
- MIT-LICENSE
|
70
|
+
- bin/organization-license-audit
|
71
|
+
- lib/organization_license_audit.rb
|
72
|
+
- lib/organization_license_audit/version.rb
|
73
|
+
homepage: http://github.com/grosser/organization_license_audit
|
74
|
+
licenses:
|
75
|
+
- MIT
|
76
|
+
metadata: {}
|
77
|
+
post_install_message:
|
78
|
+
rdoc_options: []
|
79
|
+
require_paths:
|
80
|
+
- lib
|
81
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
82
|
+
requirements:
|
83
|
+
- - '>='
|
84
|
+
- !ruby/object:Gem::Version
|
85
|
+
version: '0'
|
86
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
87
|
+
requirements:
|
88
|
+
- - '>='
|
89
|
+
- !ruby/object:Gem::Version
|
90
|
+
version: '0'
|
91
|
+
requirements: []
|
92
|
+
rubyforge_project:
|
93
|
+
rubygems_version: 2.0.14
|
94
|
+
signing_key:
|
95
|
+
specification_version: 4
|
96
|
+
summary: Audit all licenses used by your github organization/user
|
97
|
+
test_files: []
|
metadata.gz.sig
ADDED
@@ -0,0 +1 @@
|
|
1
|
+
:�`��y�)�JM�t�� X.5y~�������]G�X��M��Nq��9|�h�Wa{���C K*�^��h�ZP4!EMkf9�\wI�9pap�i7�w��|�N���h�.�������f^7��
|