papers 1.0.1

checksums.yaml

@@ -0,0 +1,15 @@
+---
+!binary "U0hBMQ==":
+  metadata.gz: !binary |-
+    MjJiMDlhOTlmYjAzNjcwNDE1N2QxN2IyOGU2MTllOGNhNjVlMDI3Yg==
+  data.tar.gz: !binary |-
+    MDBlNGZjZTRmMGQ5NTQ2Mjg4YWNjYzM0Y2M1MzNlM2RiMWY2NTBiYw==
+SHA512:
+  metadata.gz: !binary |-
+    NGFhMTE2ZDg5MTg4ZDQ4NThhMDZjZTE3MzVkNDUwMDE4YzA0YzhhNDY3NWJk
+    ZDYwNGQzM2ExZWM1ZGU3ZmJjODgzNGM2NzRlYzBjMjhlOWFkYjI5OGFmODI4
+    NzQzZjI0ZWYxMzcyZDM1M2QyMmE3ZDgyOWFkMDQ3ZWUyNzg5NTU=
+  data.tar.gz: !binary |-
+    OWRkODEwYmFmNTRkZjE5OTg3OGUwZjU0MTJiNTVhNWVkZTgxMGIwNDc1MTEw
+    YzU1ZGU0ZGIyODQ0ZDNjODllZjBkYWM2MjdhMDJlYmI5ZWNiNWU1MzQ5ZDZm
+    YWUzZDBlM2Q0ZjBlNzA1YjE4YjRmNWMxMzgxYTI1ZDg3ZmQ4ZDY=

data/.gitignore

@@ -0,0 +1,5 @@
+config/*
+.DS_Store
+Guardfile
+*.swp
+Gemfile.lock

data/Gemfile

@@ -0,0 +1,3 @@
+source 'http://rubygems.org'
+
+gemspec

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2013 New Relic
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,163 @@
+# Papers
+
+> "Papers, please."
+
+Check that your Ruby/Rails project's dependencies are licensed with only the licenses you specify.  **Papers** will validate that your gems and JavaScript files conform to a whitelist of software licenses. Don't get caught flat-footed by the GPL.
+
+# Contents
+ * [Usage](#usage)
+ * [Validations](#validations)
+ * [Configuration](#configuration)
+ * [Structure of Dependency Manifest](#dependency-manifest-structure)
+ * [License](#license)
+ * [Contributing](#contributing)
+
+
+# Usage
+
+tl;dr -- add gem, generate dependency manifest, run spec
+
+### 0. Add gem to Gemfile
+
+```
+gem 'papers'
+```
+### 1. Generate Dependency Manifest from your bundled gems and JS
+
+```
+$ papers
+```
+### 2. Create [Validation Spec](#testing-with-rspec)
+
+### 3. Run the specs
+
+```
+$ rake spec spec/integration/papers_license_validation_spec.rb
+...
+Failures:
+
+  1) Papers License Validation finds no errors during license validation
+     Failure/Error: expect(validator.errors).to eq([])
+
+       expected: []
+            got: ["sass-3.2.12 is licensed under GPL, which is not whitelisted"]
+
+       (compared using ==)
+     # ./spec/integration/papers_license_validation_spec.rb:14:in `block (2 levels) in <top (required)>'
+
+  2) Papers License Validation knows and is satisfied by all dependency licenses
+     Failure/Error: expect(validator.valid?).to be_true
+       expected: true value
+            got: false
+     # ./spec/integration/papers_license_validation_spec.rb:9:in `block (2 levels) in <top (required)>'
+
+Finished in 0.01043 seconds
+2 examples, 2 failures
+...
+```
+
+# Validations
+
+## testing with RSpec
+
+```
+# => spec/integration/papers_license_validation_spec.rb
+
+require 'spec_helper'
+require 'papers'
+
+describe 'Papers License Validation' do
+
+  let(:validator) { Papers::LicenseValidator.new }
+
+  it 'knows and is satisfied by all dependency licenses' do
+    expect(validator.valid?).to be_true
+  end
+
+  it 'finds no errors during license validation' do
+    validator.valid?
+    expect(validator.errors).to eq([])
+  end
+end
+```
+
+## testing with MiniTest
+
+```
+# => test/integration/papers_license_validation_test.rb
+
+require 'test_helper'
+require 'papers'
+
+class PapersLicenseValidationTest < ActiveSupport::TestCase
+  def test_know_and_be_satisfied_by_all_licenses
+    validator = Papers::LicenseValidator.new
+
+    assert validator.valid?, "License validator failed:\n#{validator.errors.join("\n")}"
+
+    assert_equal validator.errors, []
+  end
+end
+```
+
+# Configuration
+
+The default whitelist allows for permissive licensing for proprietary or commercial usage while avoiding strong copyleft licenses.
+
+```
+@license_whitelist = [
+  'MIT',
+  'BSD',
+  'Apache 2.0',
+  'Apache-2.0',
+  'LGPLv2.1',
+  'LGPLv3',
+  'Ruby',
+  'Manually Reviewed',
+  'Unlicensed'
+]
+```
+
+## Available configuration options
+
+To configure the Papers gem, pass options to ```Papers.configure``` before initialization of LicenseValidator:
+
+```
+Papers.configure do |c|
+  c.license_whitelist << 'New Relic'
+  c.manifest_file = File.join('some','other','dependency_manifest.yml')
+  c.validate_gems = true
+  c.validate_javascript = true
+  c.javascript_paths << File.join('some','other','javascripts')
+end
+
+validator = Papers::LicenseValidator.new
+...
+```
+
+# Dependency Manifest structure
+
+```
+# => config/papers_manifest.yml
+---
+gems:
+  sqlite3-1.3.7:
+    license: MIT
+    license_url: https://github.com/luislavena/sqlite3-ruby
+    project_url: https://github.com/luislavena/sqlite3-ruby/blob/master/LICENSE
+...
+
+javascripts:
+  app/assets/javascripts/application.js:
+    license: New Relic
+    license_url: http://newrelic.com
+    project_url: http://newrelic.com
+```
+
+# License
+
+The Papers Gem is licensed under the __MIT License__.  See [MIT-LICENSE](https://github.com/newrelic/papers/blob/master/MIT-LICENSE) for full text.
+
+# Contributing
+
+You are welcome to send pull requests to us - however, by doing so you agree that you are granting New Relic a non-exclusive, non-revokable, no-cost license to use the code, algorithms, patents, and ideas in that code in our products if we so choose. You also agree the code is provided as-is and you provide no warranties as to its fitness or correctness for any purpose.

data/Rakefile

@@ -0,0 +1,8 @@
+#!/usr/bin/env rake
+require 'rspec/core/rake_task'
+
+RSpec::Core::RakeTask.new(:spec) do |t|
+     t.rspec_opts = "-c"
+end
+
+task :default => :spec

data/bin/papers

@@ -0,0 +1,8 @@
+#!/usr/bin/env ruby
+# encoding: utf-8
+
+$LOAD_PATH.unshift(File.dirname(File.realpath(__FILE__)) + '/../lib')
+require 'papers'
+
+cli = Papers::CLI.new
+cli.run

data/lib/papers.rb

@@ -0,0 +1,25 @@
+require 'papers/configuration'
+require 'papers/license_validator'
+require 'papers/manifest_generator'
+require 'papers/cli'
+require 'papers/version'
+
+require 'papers/dependency_specification'
+require 'papers/dependency_specification/gem'
+require 'papers/dependency_specification/javascript'
+
+module Papers
+  def self.configure(&block)
+    yield configuration
+  end
+
+  def self.configuration
+    @config ||= Configuration.new
+  end
+
+  # alias
+  def self.config
+    configuration
+  end
+
+end

data/lib/papers/cli.rb

@@ -0,0 +1,41 @@
+require 'optparse'
+
+module Papers
+
+  class CLI
+
+    def run
+      if parse_options[:generate]
+        begin
+          generator = Papers::ManifestGenerator.new
+          generator.generate!
+        rescue Papers::FileExistsError => e
+          warn "Error: 'papers_manifest.yml' already exists at '#{e.message}'. Aborting..."
+        end
+      end
+    end
+
+    private
+
+    def parse_options
+      options = {}
+      OptionParser.new do |opts|
+        opts.banner = "Usage: papers [options]"
+
+        opts.on("-g", "--generate", "Generate papers_manifest.yml") do |v|
+          options[:generate] = v
+        end
+
+        opts.on_tail( '-h', '--help', 'Display this screen' ) do |v|
+          p opts
+          exit
+        end
+        @avail_opts = opts
+      end.parse!
+
+      p @avail_opts if options.empty?
+
+      return options
+    end
+  end
+end

data/lib/papers/configuration.rb

@@ -0,0 +1,46 @@
+module Papers
+  class Configuration
+    attr_accessor :license_whitelist
+
+    attr_accessor :manifest_file
+
+    attr_accessor :validate_gems
+
+    attr_accessor :validate_javascript
+
+    attr_accessor :javascript_paths
+
+    def initialize
+      @license_whitelist = [
+        'MIT',
+        'BSD',
+        'Apache 2.0',
+        'Apache-2.0',
+        'LGPLv2.1',
+        'LGPLv3',
+        'Ruby',
+        'Manually Reviewed',
+        'Unlicensed'
+      ]
+
+      @manifest_file = File.join(Dir.pwd, 'config', 'papers_manifest.yml')
+
+      @validate_gems       = true
+      @validate_javascript = true
+
+      @javascript_paths = [
+        File.join(Dir.pwd, 'app',    'assets', 'javascripts'),
+        File.join(Dir.pwd, 'lib',    'assets', 'javascripts'),
+        File.join(Dir.pwd, 'vendor', 'assets', 'javascripts')
+      ]
+    end
+
+    def validate_gems?
+      !!@validate_gems
+    end
+
+    def validate_javascript?
+      !!@validate_javascript
+    end
+  end
+end

data/lib/papers/dependency_specification.rb

@@ -0,0 +1,35 @@
+module Papers
+  class DependencySpecification
+    attr_accessor :name, :license, :license_url, :project_url
+
+    def initialize(options)
+      @name        = options[:name]
+      @license     = options[:license]
+      @license_url = options[:license_url]
+      @project_url = options[:project_url]
+    end
+
+    def acceptable_license?
+      Papers.config.license_whitelist.include?(license)
+    end
+
+    protected
+
+      def self.all_from_manifest(manifest)
+        (manifest[manifest_key] || []).map do |name, info|
+          license_url = info['license_url']
+          license = info['license']
+          project_url = info['project_url']
+          self.new(name: name, license: license, license_url: license_url, project_url: project_url)
+        end.sort { |a, b| a.name.downcase <=> b.name.downcase }
+      end
+
+      def self.missing_from_manifest(manifest)
+        introspected.to_set - all_from_manifest(manifest).map(&:name).to_set
+      end
+
+      def self.unknown_in_manifest(manifest)
+        all_from_manifest(manifest).map(&:name).to_set - introspected.to_set
+      end
+  end
+end

data/lib/papers/dependency_specification/gem.rb

@@ -0,0 +1,32 @@
+module Papers
+  class Gem < DependencySpecification
+    def pretty_hash
+      {
+        name: name_without_version,
+        license: license,
+        license_url: @license_url,
+        project_url: @project_url
+      }
+    end
+
+    def name_without_version
+      return @name unless @name.include?('-')
+      @name.split('-')[0..-2].join('-')
+    end
+
+    def self.introspected
+      Bundler.load.specs.map do |spec|
+        # bundler versions aren't controlled by the Gemfile
+        if spec.name == "bundler"
+          spec.name
+        else
+          "#{spec.name}-#{spec.version}"
+        end
+      end
+    end
+
+    def self.manifest_key
+      "gems"
+    end
+  end
+end

data/lib/papers/dependency_specification/javascript.rb

@@ -0,0 +1,24 @@
+module Papers
+  class Javascript < DependencySpecification
+    def pretty_hash
+      {
+        name: @name,
+        license: license,
+        license_url: @license_url,
+        project_url: @project_url
+      }
+    end
+
+    def self.introspected
+      dirs = Papers.config.javascript_paths
+
+      # TODO: add logic for determining rails. Is Rails.root better than Dir.pwd for such a case?
+      root_regexp = /^#{Regexp.escape Dir.pwd.to_s}\//
+      dirs.map { |dir| Dir["#{dir}/**/*.js"] }.flatten.map { |name| name.sub(root_regexp, '') }
+    end
+
+    def self.manifest_key
+      "javascripts"
+    end
+  end
+end

data/lib/papers/license_validator.rb

@@ -0,0 +1,62 @@
+require 'yaml'
+
+require 'papers/dependency_specification'
+require 'papers/dependency_specification/gem'
+require 'papers/dependency_specification/javascript'
+
+module Papers
+  class LicenseValidator
+    attr_reader :errors
+
+    def initialize
+      @errors = []
+    end
+
+    def valid?
+      @errors = []
+
+      validate_gems if Papers.config.validate_gems?
+      validate_js   if Papers.config.validate_javascript?
+
+      @errors.empty?
+    end
+
+    def manifest
+      @manifest ||= YAML.load_file(Papers.config.manifest_file)
+    end
+
+    def pretty_gem_list
+      Gem.all_from_manifest(manifest).map(&:pretty_hash)
+    end
+
+    def pretty_js_list
+      Javascript.all_from_manifest(manifest).map(&:pretty_hash)
+    end
+
+    private
+
+      def validate_spec_type(spec_type)
+        spec_type.missing_from_manifest(manifest).each do |name|
+          errors << "#{name} is included in the application, but not in the manifest"
+        end
+
+        spec_type.unknown_in_manifest(manifest).each do |name|
+          errors << "#{name} is included in the manifest, but not in the application"
+        end
+
+        spec_type.all_from_manifest(manifest).each do |spec|
+          unless spec.acceptable_license?
+            errors << "#{spec.name} is licensed under #{spec.license}, which is not whitelisted"
+          end
+        end
+      end
+
+      def validate_gems
+        validate_spec_type Gem
+      end
+
+      def validate_js
+        validate_spec_type Javascript
+      end
+  end
+end

data/lib/papers/manifest_generator.rb

@@ -0,0 +1,92 @@
+require 'bundler'
+require 'yaml'
+require 'fileutils'
+
+module Papers
+
+  class FileExistsError < StandardError;
+    attr_reader :manifest_path
+
+    def initialize(path)
+      @manifest_path = path
+      super
+    end
+  end
+
+  class ManifestGenerator
+
+    def generate!(args = ARGV)
+      @manifest_path = File.join('config','papers_manifest.yml')
+
+      raise Papers::FileExistsError.new(@manifest_path) if manifest_exists?
+
+      begin
+        if FileUtils.mkdir_p(File.dirname(@manifest_path))
+          File.open(@manifest_path, 'w') do |file|
+            file.write(build_header)
+            file.write(YAML.dump(build_manifest))
+          end
+          puts "Created #{@manifest_path}!"
+        end
+      rescue RuntimeError => e
+        warn "Failure! #{e}"
+      end
+    end
+
+    private
+
+    def build_manifest
+      manifest = {
+        "gems"        => get_installed_gems,
+        "javascripts" => get_installed_javascripts
+      }
+      return manifest
+    end
+
+    def get_installed_gems
+      gems = {}
+      Bundler.load.specs.each do |spec|
+        if spec.name == 'bundler'
+          name_and_version = spec.name
+        else
+          name_and_version = "#{spec.name}-#{spec.version}"
+        end
+
+        gems[name_and_version] = {
+          'license'     => spec.license || 'Unknown',
+          'license_url' => nil,
+          'project_url' => spec.homepage || nil
+          # TODO: add support for multiple licenses? some gemspecs have dual licensing
+        }
+      end
+      return gems
+    end
+
+    def get_installed_javascripts
+      js = {}
+      Javascript.introspected.each do |entry|
+        js[entry] = {
+          'license'     => 'Unknown',
+          'license_url' => nil,
+          'project_url' => nil
+        }
+      end
+      js.empty? ? nil : js
+    end
+
+    def manifest_exists?
+      !!File.exist?(@manifest_path)
+    end
+
+    def build_header
+      [
+        "# Dependency Manifest for the Papers gem",
+        "# Used to test your gems and javascript against license whitelist",
+        "#",
+        "# http://github.com/newrelic/papers\n"
+      ].join("\n")
+    end
+
+  end
+
+end

data/lib/papers/version.rb

@@ -0,0 +1,8 @@
+module Papers
+  MAJOR = 1
+  MINOR = 0
+  PATCH = 1
+
+  VERSION = [MAJOR, MINOR, PATCH].join('.')
+end
+

data/papers.gemspec

@@ -0,0 +1,32 @@
+# encoding: utf-8
+
+$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), 'lib'))
+
+require 'papers/version'
+
+Gem::Specification.new do |s|
+  s.name        = 'papers'
+  s.version     = Papers::VERSION
+  s.summary     = 'Validate the licenses of software dependencies you use'
+
+  s.description = <<-DESCRIPTION
+Validate that the licenses used by your Ruby project's dependencies (both gems
+and javascript libraries) conform to a software license whitelist. Don't get
+caught flat-footed by the GPL.
+  DESCRIPTION
+
+  s.authors     = ['Ralph Bodenner', 'Jade Rubick', 'Andrew Bloomgarden', 'Lucas Charles']
+  s.email       = 'support@newrelic.com'
+  s.license     = 'MIT'
+  s.homepage    = 'http://github.com/newrelic/papers'
+
+  s.files       = `git ls-files`.split($/)
+  s.test_files  = `git ls-files -- {test,spec,features}/*`.split($/)
+  s.executables = s.files.grep(/^bin\//) { |f| File.basename(f) }
+
+  s.require_paths = ['lib']
+
+  # dependencies
+  s.add_dependency 'rake', '~> 10.1'
+  s.add_development_dependency 'rspec', '~> 2.14'
+end

data/spec/papers_spec.rb

@@ -0,0 +1,206 @@
+require 'bundler/setup'
+require 'rspec'
+require_relative '../lib/papers'
+
+describe 'Papers' do
+
+  let(:validator) { Papers::LicenseValidator.new }
+
+  it 'validates a manifest with empty values and set of dependencies' do
+    Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
+      "javascripts" => {},
+      "gems" => {}
+    })
+    Papers::Gem.stub(:introspected).and_return([])
+
+    expect(validator.valid?).to be_true
+  end
+
+  it 'detects mismatched gems' do
+    Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
+        "javascripts" => {},
+        "gems" => {
+          "foo-1.2" => {
+            'license' => "MIT",
+            'license_url' => nil,
+            'project_url' => nil
+          },
+          "baz-1.3" => {
+            'license' => "BSD",
+            'license_url' => nil,
+            'project_url' => nil
+          }
+        }
+      })
+    Papers::Gem.stub(:introspected).and_return(["bar-1.2", "baz-1.3"])
+
+    expect(validator.valid?).to be_false
+
+    expect(validator.errors).to eq([
+      "bar-1.2 is included in the application, but not in the manifest",
+      "foo-1.2 is included in the manifest, but not in the application"
+    ])
+
+    validator.valid?
+  end
+
+  it 'detects mismatched gem versions' do
+    Papers::Configuration.any_instance.stub(:validate_javascript?).and_return(true)
+
+    expect(validator).to receive(:validate_js).at_least(:once)
+
+    Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
+      "javascripts" => {},
+      "gems" => {
+        "foo-1.2" => {
+          'license' => "MIT",
+          'license_url' => nil,
+          'project_url' => nil
+        },
+        "baz-1.3" => {
+          'license' => "BSD",
+          'license_url' => nil,
+          'project_url' => nil
+        }
+      }
+    })
+    Papers::Gem.stub(:introspected).and_return(["foo-1.2", "baz-1.2"])
+
+    expect(validator.valid?).to be_false
+
+    expect(validator.errors).to eq([
+      "baz-1.2 is included in the application, but not in the manifest",
+      "baz-1.3 is included in the manifest, but not in the application"
+    ])
+    validator.valid?
+  end
+
+  it 'is OK with matching gem sets' do
+    Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
+      "javascripts" => {},
+      "gems" => {
+        "foo-1.2" => {
+          'license' => "MIT",
+          'license_url' => nil,
+          'project_url' => nil
+        },
+        "baz-1.3" => {
+          'license' => "BSD",
+          'license_url' => nil,
+          'project_url' => nil
+        }
+      },
+    })
+    Papers::Gem.stub(:introspected).and_return(["foo-1.2", "baz-1.3"])
+
+    expect(validator.valid?).to be_true
+  end
+
+  it 'is OK with matching gem sets but complain about a license issue' do
+    Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
+      "javascripts" => {},
+      "gems" => {
+        "foo-1.2" => {
+          'license' => "MIT",
+          'license_url' => nil,
+          'project_url' => nil
+        },
+        "baz-1.3" => {
+          'license' => "GPL",
+          'license_url' => nil,
+          'project_url' => nil
+        }
+      },
+    })
+    Papers::Gem.stub(:introspected).and_return(["foo-1.2", "baz-1.3"])
+
+    expect(validator.valid?).to be_false
+
+    expect(validator.errors).to eq([
+      "baz-1.3 is licensed under GPL, which is not whitelisted"
+    ])
+
+    validator.valid?
+  end
+
+  it 'displays gem licenses in a pretty format without versions' do
+    Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
+      "javascripts" => {},
+      "gems" => {
+        "foo-1.2" => {
+          'license' => "MIT",
+          'license_url' => nil,
+          'project_url' => nil
+        },
+        "baz-1.3" => {
+          'license' => "BSD",
+          'license_url' => nil,
+          'project_url' => nil
+        },
+        "with-hyphens-1.4" => {
+          'license' => "MIT",
+          'license_url' => nil,
+          'project_url' => nil
+        }
+      },
+    })
+    expect(validator.pretty_gem_list).to eq([
+      {
+        :name=>"baz",
+        :license=>"BSD",
+        :license_url => nil,
+        :project_url => nil
+      },
+      {
+        :name=>"foo",
+        :license=>"MIT",
+        :license_url => nil,
+        :project_url => nil
+      },
+      {
+        :name=>"with-hyphens",
+        :license=>"MIT",
+        :license_url => nil,
+        :project_url => nil
+        }
+      ])
+  end
+
+  it 'displays JS libraries in a pretty format without versions' do
+    Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
+      "javascripts" => {
+        "/path/to/foo.js" => {
+          'license' => "MIT",
+          'license_url' => nil,
+          'project_url' => nil
+        },
+        "/path/to/newrelic.js" => {
+          'license' => "New Relic",
+          'license_url' => nil,
+          'project_url' => nil
+        }
+      },
+      "gems" => {}
+    })
+    expect(validator.pretty_js_list).to eq([
+      {
+        :name =>"/path/to/foo.js",
+        :license =>"MIT",
+        :license_url => nil,
+        :project_url => nil
+      },
+      {
+        :name =>"/path/to/newrelic.js",
+        :license =>"New Relic",
+        :license_url => nil,
+        :project_url => nil
+      }
+    ])
+  end
+
+  it 'displays the gem name when the gemspec does not specify a version' do
+    gemspec = Papers::Gem.new(name: 'foo')
+    expect('foo').to eq(gemspec.name_without_version)
+  end
+
+end

metadata

@@ -0,0 +1,101 @@
+--- !ruby/object:Gem::Specification
+name: papers
+version: !ruby/object:Gem::Version
+  version: 1.0.1
+platform: ruby
+authors:
+- Ralph Bodenner
+- Jade Rubick
+- Andrew Bloomgarden
+- Lucas Charles
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-12-10 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.1'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '10.1'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.14'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '2.14'
+description: ! 'Validate that the licenses used by your Ruby project''s dependencies
+  (both gems
+
+  and javascript libraries) conform to a software license whitelist. Don''t get
+
+  caught flat-footed by the GPL.
+
+'
+email: support@newrelic.com
+executables:
+- papers
+extensions: []
+extra_rdoc_files: []
+files:
+- .gitignore
+- Gemfile
+- MIT-LICENSE
+- README.md
+- Rakefile
+- bin/papers
+- lib/papers.rb
+- lib/papers/cli.rb
+- lib/papers/configuration.rb
+- lib/papers/dependency_specification.rb
+- lib/papers/dependency_specification/gem.rb
+- lib/papers/dependency_specification/javascript.rb
+- lib/papers/license_validator.rb
+- lib/papers/manifest_generator.rb
+- lib/papers/version.rb
+- papers.gemspec
+- spec/papers_spec.rb
+homepage: http://github.com/newrelic/papers
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.1.5
+signing_key: 
+specification_version: 4
+summary: Validate the licenses of software dependencies you use
+test_files:
+- spec/papers_spec.rb
+has_rdoc: