papers 1.3.0 → 1.3.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +7 -0
- data/lib/papers/configuration.rb +11 -0
- data/lib/papers/dependency_specification/npm_package.rb +41 -0
- data/lib/papers/license_validator.rb +6 -0
- data/lib/papers/manifest_generator.rb +13 -1
- data/lib/papers/version.rb +1 -1
- data/spec/npm_package_spec.rb +93 -0
- data/spec/papers_spec.rb +47 -0
- data/spec/support/package.json +10 -0
- data/spec/support/package_with_error.json +11 -0
- metadata +9 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8b479439cba7ef8f166e55d48d8b93ff23c03163
|
|
4
|
+
data.tar.gz: 17e3b3b2ce0e29fdb3374d1204915ff5bb1df325
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 936e52964c04812d06e480f6bd17be2b177acf37be576eba220481f64cd457c69ad10929b42ea05b4bec207135e093e428622a96af5336896508884bade0a366
|
|
7
|
+
data.tar.gz: 195bcdbba896629fda6d65c0763b5a696f9e5eb489610b2a87e1db2d9cfa8d33b7d0955d274752ced76265549faeac42932da71e8ca1d7ae25ab2d1c59cd6d16
|
data/README.md
CHANGED
|
@@ -92,6 +92,13 @@ Papers.configure do |config|
|
|
|
92
92
|
# Configures where Papers should look for bower components. Each component
|
|
93
93
|
# must have a .bower.json file in its directory for Papers to see it.
|
|
94
94
|
# config.bower_components_path = 'vendor/assets/components'
|
|
95
|
+
|
|
96
|
+
# Configures Papers to validate licenses for NPM dependencies. Defaults to false.
|
|
97
|
+
config.validate_npm_packages = false
|
|
98
|
+
|
|
99
|
+
# Configures where Papers should look for the package.json file. Defaults to:
|
|
100
|
+
# package.json in the root directory of the project
|
|
101
|
+
config.npm_package_json_path = File.join(Dir.pwd, 'package.json')
|
|
95
102
|
end
|
|
96
103
|
```
|
|
97
104
|
|
data/lib/papers/configuration.rb
CHANGED
|
@@ -8,9 +8,11 @@ module Papers
|
|
|
8
8
|
attr_accessor :validate_gems
|
|
9
9
|
attr_accessor :validate_javascript
|
|
10
10
|
attr_accessor :validate_bower_components
|
|
11
|
+
attr_accessor :validate_npm_packages
|
|
11
12
|
|
|
12
13
|
attr_accessor :javascript_paths
|
|
13
14
|
attr_accessor :bower_components_path
|
|
15
|
+
attr_accessor :npm_package_json_path
|
|
14
16
|
|
|
15
17
|
def initialize
|
|
16
18
|
@license_whitelist = [
|
|
@@ -32,6 +34,8 @@ module Papers
|
|
|
32
34
|
@validate_gems = true
|
|
33
35
|
@validate_javascript = true
|
|
34
36
|
@validate_bower_components = false
|
|
37
|
+
@validate_npm_packages = false
|
|
38
|
+
|
|
35
39
|
|
|
36
40
|
@javascript_paths = [
|
|
37
41
|
File.join(Dir.pwd, 'app', 'assets', 'javascripts'),
|
|
@@ -40,6 +44,8 @@ module Papers
|
|
|
40
44
|
]
|
|
41
45
|
|
|
42
46
|
@bower_components_path = File.join(Dir.pwd, 'vendor', 'assets', 'components')
|
|
47
|
+
|
|
48
|
+
@npm_package_json_path = File.join(Dir.pwd, 'package.json')
|
|
43
49
|
end
|
|
44
50
|
|
|
45
51
|
def validate_gems?
|
|
@@ -53,5 +59,10 @@ module Papers
|
|
|
53
59
|
def validate_bower_components?
|
|
54
60
|
!!@validate_bower_components
|
|
55
61
|
end
|
|
62
|
+
|
|
63
|
+
def validate_npm_packages?
|
|
64
|
+
!!@validate_npm_packages
|
|
65
|
+
end
|
|
66
|
+
|
|
56
67
|
end
|
|
57
68
|
end
|
|
@@ -0,0 +1,41 @@
|
|
|
1
|
+
require 'json'
|
|
2
|
+
|
|
3
|
+
module Papers
|
|
4
|
+
class NpmPackage < DependencySpecification
|
|
5
|
+
def self.introspected
|
|
6
|
+
full_introspected_entries.map {|e| "#{e['name']}-#{e['version']}"}
|
|
7
|
+
end
|
|
8
|
+
|
|
9
|
+
def self.full_introspected_entries
|
|
10
|
+
packages = (package['dependencies'] || {}).merge((package['devDependencies'] || {}))
|
|
11
|
+
packages.map do |name, version|
|
|
12
|
+
version.sub!(/^\D+/, '')
|
|
13
|
+
{
|
|
14
|
+
'name' => name,
|
|
15
|
+
'version' => version
|
|
16
|
+
}
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
def pretty_hash
|
|
21
|
+
{
|
|
22
|
+
name: name_without_version,
|
|
23
|
+
license: license,
|
|
24
|
+
license_url: @license_url,
|
|
25
|
+
project_url: @project_url
|
|
26
|
+
}
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def self.manifest_key
|
|
30
|
+
"npm_packages"
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
private
|
|
34
|
+
|
|
35
|
+
def self.package
|
|
36
|
+
pkg = File.read(Papers.config.npm_package_json_path)
|
|
37
|
+
JSON.parse(pkg)
|
|
38
|
+
end
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
@@ -4,6 +4,7 @@ require 'papers/dependency_specification'
|
|
|
4
4
|
require 'papers/dependency_specification/gem'
|
|
5
5
|
require 'papers/dependency_specification/javascript'
|
|
6
6
|
require 'papers/dependency_specification/bower_component'
|
|
7
|
+
require 'papers/dependency_specification/npm_package'
|
|
7
8
|
|
|
8
9
|
module Papers
|
|
9
10
|
class LicenseValidator
|
|
@@ -19,6 +20,7 @@ module Papers
|
|
|
19
20
|
validate_spec_type(Gem) if Papers.config.validate_gems?
|
|
20
21
|
validate_spec_type(Javascript) if Papers.config.validate_javascript?
|
|
21
22
|
validate_spec_type(BowerComponent) if Papers.config.validate_bower_components?
|
|
23
|
+
validate_spec_type(NpmPackage) if Papers.config.validate_npm_packages?
|
|
22
24
|
|
|
23
25
|
@errors.empty?
|
|
24
26
|
end
|
|
@@ -39,6 +41,10 @@ module Papers
|
|
|
39
41
|
BowerComponent.all_from_manifest(manifest).map(&:pretty_hash)
|
|
40
42
|
end
|
|
41
43
|
|
|
44
|
+
def pretty_npm_package_list
|
|
45
|
+
NpmPackage.all_from_manifest(manifest).map(&:pretty_hash)
|
|
46
|
+
end
|
|
47
|
+
|
|
42
48
|
private
|
|
43
49
|
|
|
44
50
|
def validate_spec_type(spec_type)
|
|
@@ -40,7 +40,8 @@ module Papers
|
|
|
40
40
|
manifest = {
|
|
41
41
|
"gems" => get_installed_gems,
|
|
42
42
|
"javascripts" => get_installed_javascripts,
|
|
43
|
-
"bower_components" => get_installed_bower_components
|
|
43
|
+
"bower_components" => get_installed_bower_components,
|
|
44
|
+
"npm_packages" => get_npm_packages
|
|
44
45
|
}
|
|
45
46
|
return manifest
|
|
46
47
|
end
|
|
@@ -91,6 +92,17 @@ module Papers
|
|
|
91
92
|
components.empty? ? nil : components
|
|
92
93
|
end
|
|
93
94
|
|
|
95
|
+
def get_npm_packages
|
|
96
|
+
packages = {}
|
|
97
|
+
NpmPackage.full_introspected_entries.each do |entry|
|
|
98
|
+
packages[entry['name']] = {
|
|
99
|
+
'license' => 'Unknown',
|
|
100
|
+
'license_url' => nil,
|
|
101
|
+
'project_url' => nil
|
|
102
|
+
}
|
|
103
|
+
end
|
|
104
|
+
end
|
|
105
|
+
|
|
94
106
|
def manifest_exists?
|
|
95
107
|
!!File.exist?(@manifest_path)
|
|
96
108
|
end
|
data/lib/papers/version.rb
CHANGED
|
@@ -0,0 +1,93 @@
|
|
|
1
|
+
require 'bundler/setup'
|
|
2
|
+
require 'rspec'
|
|
3
|
+
require_relative '../lib/papers'
|
|
4
|
+
|
|
5
|
+
describe 'NpmPackageSpecification' do
|
|
6
|
+
describe '#full_introspected_entries' do
|
|
7
|
+
it 'reads dependencies from the specified file' do
|
|
8
|
+
Papers::Configuration.any_instance.stub(:npm_package_json_path).and_return('spec/support/package.json')
|
|
9
|
+
|
|
10
|
+
expect(Papers::NpmPackage.full_introspected_entries).to eq([
|
|
11
|
+
{"name"=>"prod_dependency", "version"=>"3.2.0"},
|
|
12
|
+
{"name"=>"dev_dependency", "version"=>"1.2.3"}
|
|
13
|
+
])
|
|
14
|
+
end
|
|
15
|
+
|
|
16
|
+
it "raises an error when package.json is not found" do
|
|
17
|
+
expect { Papers::NpmPackage.full_introspected_entries }.to raise_error Errno::ENOENT
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
it "raises an error when package.json does not parse properly" do
|
|
21
|
+
Papers::Configuration.any_instance.stub(:npm_package_json_path).and_return('spec/support/package_with_error.json')
|
|
22
|
+
expect { Papers::NpmPackage.full_introspected_entries }.to raise_error JSON::ParserError
|
|
23
|
+
end
|
|
24
|
+
|
|
25
|
+
it 'combines dependencies and devDependencies' do
|
|
26
|
+
Papers::NpmPackage.stub(:package)
|
|
27
|
+
.and_return({'dependencies' => {'prod_package' => '~> 1.2.3'},
|
|
28
|
+
'devDependencies' => {'dev_package' => '~> 1.2.0'}})
|
|
29
|
+
|
|
30
|
+
|
|
31
|
+
expect(Papers::NpmPackage.full_introspected_entries).to eq([
|
|
32
|
+
{ 'name' => 'prod_package', 'version' => '1.2.3' },
|
|
33
|
+
{ 'name' => 'dev_package', 'version' => '1.2.0' }
|
|
34
|
+
])
|
|
35
|
+
end
|
|
36
|
+
|
|
37
|
+
it 'returns dependencies when devDependencies is not defined' do
|
|
38
|
+
Papers::NpmPackage.stub(:package)
|
|
39
|
+
.and_return({'dependencies' => {'npm_package' => '1.2.3'}})
|
|
40
|
+
|
|
41
|
+
expect(Papers::NpmPackage.full_introspected_entries).to eq([{
|
|
42
|
+
'name' => 'npm_package',
|
|
43
|
+
'version' => '1.2.3'
|
|
44
|
+
}])
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
it 'returns devDependencies when dependencies is not defined' do
|
|
48
|
+
Papers::NpmPackage.stub(:package)
|
|
49
|
+
.and_return({'devDependencies' => {'npm_package' => '1.2.3'}})
|
|
50
|
+
|
|
51
|
+
expect(Papers::NpmPackage.full_introspected_entries).to eq([{
|
|
52
|
+
'name' => 'npm_package',
|
|
53
|
+
'version' => '1.2.3'
|
|
54
|
+
}])
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
it 'removes leading non-digits from the version' do
|
|
58
|
+
Papers::NpmPackage.stub(:package)
|
|
59
|
+
.and_return({'dependencies' => {'npm_package' => '~> 1.2.3'}})
|
|
60
|
+
|
|
61
|
+
expect(Papers::NpmPackage.full_introspected_entries).to eq([{
|
|
62
|
+
'name' => 'npm_package',
|
|
63
|
+
'version' => '1.2.3'
|
|
64
|
+
}])
|
|
65
|
+
end
|
|
66
|
+
|
|
67
|
+
it 'returns an empty array when the dependencies and devDependencies keys are not defined' do
|
|
68
|
+
Papers::NpmPackage.stub(:package)
|
|
69
|
+
.and_return({})
|
|
70
|
+
|
|
71
|
+
expect(Papers::NpmPackage.full_introspected_entries).to eq([])
|
|
72
|
+
end
|
|
73
|
+
end
|
|
74
|
+
|
|
75
|
+
describe "#introspected" do
|
|
76
|
+
it "returns an array of name-version strings" do
|
|
77
|
+
Papers::NpmPackage.stub(:full_introspected_entries)
|
|
78
|
+
.and_return([{
|
|
79
|
+
'name' => 'npm_package',
|
|
80
|
+
'version' => '1.2.3'
|
|
81
|
+
}])
|
|
82
|
+
|
|
83
|
+
expect(Papers::NpmPackage.introspected).to eq(["npm_package-1.2.3"])
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
it "returns an empty array when the dependencies key is not defined" do
|
|
87
|
+
Papers::NpmPackage.stub(:full_introspected_entries)
|
|
88
|
+
.and_return([])
|
|
89
|
+
|
|
90
|
+
expect(Papers::NpmPackage.introspected).to eq([])
|
|
91
|
+
end
|
|
92
|
+
end
|
|
93
|
+
end
|
data/spec/papers_spec.rb
CHANGED
|
@@ -256,6 +256,53 @@ describe 'Papers' do
|
|
|
256
256
|
])
|
|
257
257
|
end
|
|
258
258
|
|
|
259
|
+
it 'displays npm package licenses in a pretty format without versions' do
|
|
260
|
+
Papers::Configuration.any_instance.stub(:validate_npm_packages?).and_return(true)
|
|
261
|
+
|
|
262
|
+
Papers::LicenseValidator.any_instance.stub(:manifest).and_return({
|
|
263
|
+
'javascripts' => {},
|
|
264
|
+
'gems' => {},
|
|
265
|
+
'npm_packages' => {
|
|
266
|
+
'foo-1.2' => {
|
|
267
|
+
'license' => 'MIT',
|
|
268
|
+
'license_url' => nil,
|
|
269
|
+
'project_url' => nil
|
|
270
|
+
},
|
|
271
|
+
'baz-1.3' => {
|
|
272
|
+
'license' => 'BSD',
|
|
273
|
+
'license_url' => nil,
|
|
274
|
+
'project_url' => nil
|
|
275
|
+
},
|
|
276
|
+
'with-hyphens-1.4' => {
|
|
277
|
+
'license' => 'MIT',
|
|
278
|
+
'license_url' => nil,
|
|
279
|
+
'project_url' => nil
|
|
280
|
+
}
|
|
281
|
+
},
|
|
282
|
+
})
|
|
283
|
+
|
|
284
|
+
expect(validator.pretty_npm_package_list).to eq([
|
|
285
|
+
{
|
|
286
|
+
name: 'baz',
|
|
287
|
+
license: 'BSD',
|
|
288
|
+
license_url: nil,
|
|
289
|
+
project_url: nil
|
|
290
|
+
},
|
|
291
|
+
{
|
|
292
|
+
name: 'foo',
|
|
293
|
+
license: 'MIT',
|
|
294
|
+
license_url: nil,
|
|
295
|
+
project_url: nil
|
|
296
|
+
},
|
|
297
|
+
{
|
|
298
|
+
name: 'with-hyphens',
|
|
299
|
+
license: 'MIT',
|
|
300
|
+
license_url: nil,
|
|
301
|
+
project_url: nil
|
|
302
|
+
}
|
|
303
|
+
])
|
|
304
|
+
end
|
|
305
|
+
|
|
259
306
|
it 'displays the gem name when the gemspec does not specify a version' do
|
|
260
307
|
gemspec = Papers::Gem.new(name: 'foo')
|
|
261
308
|
expect('foo').to eq(gemspec.name_without_version)
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: papers
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.3.
|
|
4
|
+
version: 1.3.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Ralph Bodenner
|
|
@@ -12,7 +12,7 @@ authors:
|
|
|
12
12
|
autorequire:
|
|
13
13
|
bindir: bin
|
|
14
14
|
cert_chain: []
|
|
15
|
-
date: 2014-06-
|
|
15
|
+
date: 2014-06-17 00:00:00.000000000 Z
|
|
16
16
|
dependencies:
|
|
17
17
|
- !ruby/object:Gem::Dependency
|
|
18
18
|
name: rake
|
|
@@ -67,11 +67,15 @@ files:
|
|
|
67
67
|
- lib/papers/dependency_specification/bower_component.rb
|
|
68
68
|
- lib/papers/dependency_specification/gem.rb
|
|
69
69
|
- lib/papers/dependency_specification/javascript.rb
|
|
70
|
+
- lib/papers/dependency_specification/npm_package.rb
|
|
70
71
|
- lib/papers/license_validator.rb
|
|
71
72
|
- lib/papers/manifest_generator.rb
|
|
72
73
|
- lib/papers/version.rb
|
|
73
74
|
- papers.gemspec
|
|
75
|
+
- spec/npm_package_spec.rb
|
|
74
76
|
- spec/papers_spec.rb
|
|
77
|
+
- spec/support/package.json
|
|
78
|
+
- spec/support/package_with_error.json
|
|
75
79
|
homepage: http://github.com/newrelic/papers
|
|
76
80
|
licenses:
|
|
77
81
|
- MIT
|
|
@@ -97,5 +101,8 @@ signing_key:
|
|
|
97
101
|
specification_version: 4
|
|
98
102
|
summary: Validate the licenses of software dependencies you use
|
|
99
103
|
test_files:
|
|
104
|
+
- spec/npm_package_spec.rb
|
|
100
105
|
- spec/papers_spec.rb
|
|
106
|
+
- spec/support/package.json
|
|
107
|
+
- spec/support/package_with_error.json
|
|
101
108
|
has_rdoc:
|