papers 1.1.0 → 1.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +11 -0
  3. data/README.md +8 -4
  4. data/lib/papers/configuration.rb +3 -0
  5. data/lib/papers/dependency_specification.rb +2 -1
  6. data/lib/papers/dependency_specification/gem.rb +3 -1
  7. data/lib/papers/version.rb +1 -1
  8. data/spec/papers_spec.rb +79 -68
  9. metadata +3 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: d38f6dd8a9213870b3198c533cb7a54731d8d15b
4
- data.tar.gz: 460c188a68833bd4d67522e36163037a1c65e073
3
+ metadata.gz: a3dbc559e575243918efffa385aac928d327a56d
4
+ data.tar.gz: d3ef809f5a3d9593a82ff4039bd821d58aabf038
5
5
  SHA512:
6
- metadata.gz: a90556c81b2d76635c8ee185c9da05952c75d49762f3731eeb4af79297e929e8491b499d2900978915ad18282df9be4000841f836e46f795c93c68adaa7ddbe9
7
- data.tar.gz: 55573fadd64de745cedfe761eb48c6eea4ab2a0a23012a3b57f95e1f37b57735c7a82de5329350b2145459d906932730c4da57c11ed02316dd1cb5abd72c653b
6
+ metadata.gz: fe00245204a6bdc2116983f15f43af78500c14dbc8a67910bcba588c58cff579f58d3c44573c0997e033ca064cc54f9e8619bc71ba8bf253eb89dec44aaedfcb
7
+ data.tar.gz: 5a2067a1aec1942ecb6a2a5170c7f32e43c1f70f9e9ad2f75a1f78c6d26e9c01b030af9d67611665cf16fded5f126f5616ec43e12dd0fd644bb18ca0df5d347c
data/CHANGELOG.md ADDED
@@ -0,0 +1,11 @@
1
+ # Changelog
2
+
3
+ ## 1.1.0 (Current release)
4
+
5
+ * Add support for validating the licenses of Bower components (thanks to [@Aughr](https://github.com/aughr))
6
+
7
+ ## 1.0.0 (Initial Release)
8
+
9
+ * Initial release of Papers. Support for validating the licenses of:
10
+ * Ruby Gems
11
+ * Javascript libraries and files
data/README.md CHANGED
@@ -66,7 +66,11 @@ Papers.configure do |config|
66
66
  # 'Manually Reviewed',
67
67
  # 'Unlicensed'
68
68
  # ]
69
- config.license_whitelist << 'New Relic'
69
+ # config.license_whitelist << 'New Relic'
70
+
71
+ # You can specify a single license that, when used, ignores the version. Defaults to nil.
72
+ # WARNING: You should only use this for software licensed in house.
73
+ # config.version_whitelisted_license = 'New Relic'
70
74
 
71
75
  # The location of your dependency manifest. Defaults to config/papers_manifest.yml
72
76
  config.manifest_file = File.join('config', 'papers_manifest.yml')
@@ -87,7 +91,7 @@ Papers.configure do |config|
87
91
 
88
92
  # Configures where Papers should look for bower components. Each component
89
93
  # must have a .bower.json file in its directory for Papers to see it.
90
- config.bower_components_path = 'vendor/assets/components'
94
+ # config.bower_components_path = 'vendor/assets/components'
91
95
  end
92
96
  ```
93
97
 
@@ -101,7 +105,7 @@ describe 'Papers License Validation' do
101
105
  subject(:validator) { Papers::LicenseValidator.new }
102
106
 
103
107
  it 'knows and is satisfied by all dependency licenses' do
104
- expect(validator).to be_valid, "License validator failed:\n#{validator.errors.join("\n")}"
108
+ expect(validator).to be_valid, -> { "License validation failed:\n#{validator.errors.join("\n")}" }
105
109
  end
106
110
  end
107
111
 
@@ -112,7 +116,7 @@ class PapersLicenseValidationTest < ActiveSupport::TestCase
112
116
  def test_know_and_be_satisfied_by_all_licenses
113
117
  validator = Papers::LicenseValidator.new
114
118
 
115
- assert validator.valid?, "License validator failed:\n#{validator.errors.join("\n")}"
119
+ assert validator.valid?, "License validation failed:\n#{validator.errors.join("\n")}"
116
120
  end
117
121
  end
118
122
  ```
data/lib/papers/configuration.rb CHANGED
@@ -1,6 +1,7 @@
1
1
  module Papers
2
2
  class Configuration
3
3
  attr_accessor :license_whitelist
4
+ attr_accessor :version_whitelisted_license
4
5
 
5
6
  attr_accessor :manifest_file
6
7
 
@@ -24,6 +25,8 @@ module Papers
24
25
  'Unlicensed'
25
26
  ]
26
27
 
28
+ @version_whitelisted_license = nil
29
+
27
30
  @manifest_file = File.join(Dir.pwd, 'config', 'papers_manifest.yml')
28
31
 
29
32
  @validate_gems = true
data/lib/papers/dependency_specification.rb CHANGED
@@ -15,7 +15,8 @@ module Papers
15
15
  end
16
16
 
17
17
  def acceptable_license?
18
- Papers.config.license_whitelist.include?(license)
18
+ Papers.config.license_whitelist.include?(license) ||
19
+ Papers.config.version_whitelisted_license == license
19
20
  end
20
21
 
21
22
  protected
data/lib/papers/dependency_specification/gem.rb CHANGED
@@ -11,9 +11,11 @@ module Papers
11
11
 
12
12
  def self.introspected
13
13
  Bundler.load.specs.map do |spec|
14
- # bundler versions aren't controlled by the Gemfile
14
+ # Bundler versions aren't controlled by the Gemfile
15
15
  if spec.name == 'bundler'
16
16
  spec.name
17
+ elsif spec.licenses.include?(Papers.config.version_whitelisted_license)
18
+ spec.name
17
19
  else
18
20
  "#{spec.name}-#{spec.version}"
19
21
  end
data/lib/papers/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  module Papers
2
2
  MAJOR = 1
3
- MINOR = 1
3
+ MINOR = 2
4
4
  PATCH = 0
5
5
 
6
6
  VERSION = [MAJOR, MINOR, PATCH].join('.')
data/spec/papers_spec.rb CHANGED
@@ -18,21 +18,16 @@ describe 'Papers' do
18
18
 
19
19
  it 'detects mismatched gems' do
20
20
  Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
21
- 'javascripts' => {},
22
- 'gems' => {
23
- 'foo-1.2' => {
24
- 'license' => 'MIT',
25
- 'license_url' => nil,
26
- 'project_url' => nil
27
- },
28
- 'baz-1.3' => {
29
- 'license' => 'BSD',
30
- 'license_url' => nil,
31
- 'project_url' => nil
32
- }
33
- }
34
- })
35
- Papers::Gem.stub(:introspected).and_return(['bar-1.2', 'baz-1.3'])
21
+ 'javascripts' => {},
22
+ 'gems' => {
23
+ 'foo-1.2' => { 'license' => 'MIT' },
24
+ 'baz-1.3' => { 'license' => 'BSD' }
25
+ }
26
+ })
27
+ Bundler.stub_chain(:load, :specs).and_return([
28
+ double(name: 'bar', version: '1.2', licenses: ['MIT']),
29
+ double(name: 'baz', version: '1.3', licenses: ['BSD'])
30
+ ])
36
31
 
37
32
  expect(validator.valid?).to be_false
38
33
 
@@ -50,19 +45,14 @@ describe 'Papers' do
50
45
  Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
51
46
  'javascripts' => {},
52
47
  'gems' => {
53
- 'foo-1.2' => {
54
- 'license' => 'MIT',
55
- 'license_url' => nil,
56
- 'project_url' => nil
57
- },
58
- 'baz-1.3' => {
59
- 'license' => 'BSD',
60
- 'license_url' => nil,
61
- 'project_url' => nil
62
- }
48
+ 'foo-1.2' => { 'license' => 'MIT' },
49
+ 'baz-1.3' => { 'license' => 'BSD' }
63
50
  }
64
51
  })
65
- Papers::Gem.stub(:introspected).and_return(['foo-1.2', 'baz-1.2'])
52
+ Bundler.stub_chain(:load, :specs).and_return([
53
+ double(name: 'foo', version: '1.2', licenses: ['MIT']),
54
+ double(name: 'baz', version: '1.2', licenses: ['BSD'])
55
+ ])
66
56
 
67
57
  expect(validator.valid?).to be_false
68
58
 
@@ -73,73 +63,94 @@ describe 'Papers' do
73
63
  validator.valid?
74
64
  end
75
65
 
66
+ it 'detects omitted gem versions' do
67
+ Papers::Configuration.any_instance.stub(:validate_javascript?).and_return(false)
68
+
69
+ Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
70
+ 'javascripts' => {},
71
+ 'gems' => {
72
+ 'foo' => { 'license' => 'MIT' },
73
+ 'baz-1.2' => { 'license' => 'BSD' }
74
+ }
75
+ })
76
+ Bundler.stub_chain(:load, :specs).and_return([
77
+ double(name: 'foo', version: '1.2', licenses: ['MIT']),
78
+ double(name: 'baz', version: '1.2', licenses: ['BSD'])
79
+ ])
80
+
81
+ expect(validator).not_to be_valid
82
+
83
+ expect(validator.errors).to eq([
84
+ 'foo-1.2 is included in the application, but not in the manifest',
85
+ 'foo is included in the manifest, but not in the application'
86
+ ])
87
+ validator.valid?
88
+ end
89
+
76
90
  it 'is OK with matching gem sets' do
77
91
  Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
78
92
  'javascripts' => {},
79
93
  'gems' => {
80
- 'foo-1.2' => {
81
- 'license' => 'MIT',
82
- 'license_url' => nil,
83
- 'project_url' => nil
84
- },
85
- 'baz-1.3' => {
86
- 'license' => 'BSD',
87
- 'license_url' => nil,
88
- 'project_url' => nil
89
- }
90
- },
94
+ 'foo-1.2' => { 'license' => 'MIT' },
95
+ 'baz-1.2' => { 'license' => 'BSD' }
96
+ }
91
97
  })
92
- Papers::Gem.stub(:introspected).and_return(['foo-1.2', 'baz-1.3'])
98
+ Bundler.stub_chain(:load, :specs).and_return([
99
+ double(name: 'foo', version: '1.2', licenses: ['MIT']),
100
+ double(name: 'baz', version: '1.2', licenses: ['BSD'])
101
+ ])
93
102
 
94
103
  expect(validator.valid?).to be_true
95
104
  end
96
105
 
106
+ it 'is OK with whitelisting gem versions on a specific license' do
107
+ Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
108
+ 'javascripts' => {},
109
+ 'gems' => {
110
+ 'foo' => { 'license' => 'MIT' },
111
+ 'baz' => { 'license' => 'BSD' }
112
+ }
113
+ })
114
+ Bundler.stub_chain(:load, :specs).and_return([
115
+ double(name: 'foo', version: '1.2', licenses: ['MIT']),
116
+ double(name: 'baz', version: '1.2', licenses: ['BSD'])
117
+ ])
118
+ Papers::Configuration.any_instance.stub(:version_whitelisted_license).and_return('MIT')
119
+
120
+ expect(validator).not_to be_valid
121
+ expect(validator.errors).to eq([
122
+ 'baz-1.2 is included in the application, but not in the manifest',
123
+ 'baz is included in the manifest, but not in the application'
124
+ ])
125
+ end
126
+
97
127
  it 'is OK with matching gem sets but complain about a license issue' do
98
128
  Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
99
129
  'javascripts' => {},
100
130
  'gems' => {
101
- 'foo-1.2' => {
102
- 'license' => 'MIT',
103
- 'license_url' => nil,
104
- 'project_url' => nil
105
- },
106
- 'baz-1.3' => {
107
- 'license' => 'GPL',
108
- 'license_url' => nil,
109
- 'project_url' => nil
110
- }
111
- },
131
+ 'foo-1.2' => { 'license' => 'MIT' },
132
+ 'baz-1.3' => { 'license' => 'GPL' }
133
+ }
112
134
  })
113
- Papers::Gem.stub(:introspected).and_return(['foo-1.2', 'baz-1.3'])
135
+ Bundler.stub_chain(:load, :specs).and_return([
136
+ double(name: 'foo', version: '1.2', licenses: ['MIT']),
137
+ double(name: 'baz', version: '1.3', licenses: ['GPL'])
138
+ ])
114
139
 
115
- expect(validator.valid?).to be_false
140
+ expect(validator).not_to be_valid
116
141
 
117
142
  expect(validator.errors).to eq([
118
143
  'baz-1.3 is licensed under GPL, which is not whitelisted'
119
144
  ])
120
-
121
- validator.valid?
122
145
  end
123
146
 
124
147
  it 'displays gem licenses in a pretty format without versions' do
125
148
  Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
126
149
  'javascripts' => {},
127
150
  'gems' => {
128
- 'foo-1.2' => {
129
- 'license' => 'MIT',
130
- 'license_url' => nil,
131
- 'project_url' => nil
132
- },
133
- 'baz-1.3' => {
134
- 'license' => 'BSD',
135
- 'license_url' => nil,
136
- 'project_url' => nil
137
- },
138
- 'with-hyphens-1.4' => {
139
- 'license' => 'MIT',
140
- 'license_url' => nil,
141
- 'project_url' => nil
142
- }
151
+ 'foo-1.2' => { 'license' => 'MIT' },
152
+ 'baz-1.3' => { 'license' => 'BSD' },
153
+ 'with-hyphens-1.4' => { 'license' => 'MIT' }
143
154
  },
144
155
  })
145
156
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: papers
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.0
4
+ version: 1.2.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ralph Bodenner
@@ -12,7 +12,7 @@ authors:
12
12
  autorequire:
13
13
  bindir: bin
14
14
  cert_chain: []
15
- date: 2014-01-23 00:00:00.000000000 Z
15
+ date: 2014-02-04 00:00:00.000000000 Z
16
16
  dependencies:
17
17
  - !ruby/object:Gem::Dependency
18
18
  name: rake
@@ -53,6 +53,7 @@ extensions: []
53
53
  extra_rdoc_files: []
54
54
  files:
55
55
  - ".gitignore"
56
+ - CHANGELOG.md
56
57
  - Gemfile
57
58
  - MIT-LICENSE
58
59
  - README.md