papers 2.3.0 → 2.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 04a56da48ddc413020f2fcd656e2db6e0e3b0ba8
-  data.tar.gz: 94f31684ae3f21f18b919cefbb167f024045f5ad
+  metadata.gz: a501ec1855e2771a832413f8c6f7e64ef0914be5
+  data.tar.gz: edf999ee812b0b0991628f0a0136f500a22f424d
 SHA512:
-  metadata.gz: e70b63d4c27b79bbc19a4144664738a933fbe31301d3a3c335bf5aae3e0bdae5ae6227034a41203b4cbb9772959b9977b66e3f31d71748966d15203c78520009
-  data.tar.gz: 5a3a99002c51bc3f0529d6593e5193dd005d495e6afa4cf1e5f99dc00eee7f569f70622bc52de5be032d087d08a2b90c01ff1d0086580fddbf5493bdfd20cc5a
+  metadata.gz: dd676cdb983c3ca29c5709c7ae375440dffc8842f2f2d6aa5352083e4b9045eaeb9f574d9f7612981ff7e2a97a8a5a4d2daa2c89ee516ed8dc3b8ff97fe78665
+  data.tar.gz: 275ac6f253cf2cb95b6cbad2c33550318b88439080c654815f62b117932861ce38d4ed1a9f1c2933810c8ab3de495837da425b4afc80e90b2486604ff0e0bfd0

data/.travis.yml

@@ -1,8 +1,9 @@
 language: ruby
 rvm:
-  - 1.9.3
   - 2.0.0
-  - 2.1.0
+  - 2.1.10
+  - 2.2.5
+  - 2.3.1
 script: bundle exec rspec
 notifications:
   email:

data/lib/papers.rb

@@ -1,6 +1,8 @@
 require 'papers/configuration'
 require 'papers/license_validator'
+require 'papers/manifest_command'
 require 'papers/manifest_generator'
+require 'papers/manifest_updater'
 require 'papers/cli'
 require 'papers/version'
 
@@ -22,4 +24,4 @@ module Papers
     configuration
   end
 
-end
+end

data/lib/papers/cli.rb

@@ -5,18 +5,25 @@ module Papers
   class CLI
 
     def run
-      if parse_options[:generate]
+      if options[:generate]
         begin
-          generator = Papers::ManifestGenerator.new
-          generator.generate!
+          Papers::ManifestGenerator.new.generate!
         rescue Papers::FileExistsError => e
           warn "Error: 'papers_manifest.yml' already exists at '#{e.message}'. Aborting..."
         end
       end
+
+      if options[:update]
+        Papers::ManifestUpdater.new.update!
+      end
     end
 
     private
 
+    def options
+      @options ||= parse_options
+    end
+
     def parse_options
       options = {}
       OptionParser.new do |opts|
@@ -26,6 +33,10 @@ module Papers
           options[:generate] = v
         end
 
+        opts.on("-u", "--update", "Update papers_manifest.yml for Rubygems") do |v|
+          options[:update] = v
+        end
+
         opts.on_tail( '-h', '--help', 'Display this screen' ) do |v|
           p opts
           exit
@@ -38,4 +49,4 @@ module Papers
       return options
     end
   end
-end
+end

data/lib/papers/manifest_command.rb

@@ -0,0 +1,97 @@
+module Papers
+  class ManifestCommand
+    def initialize(manifest_path = nil)
+      @manifest_path = manifest_path || File.join('config', 'papers_manifest.yml')
+    end
+
+    def manifest_exists?
+      File.exist?(@manifest_path)
+    end
+
+    def build_header
+      [
+        "# Dependency Manifest for the Papers gem",
+        "# Used to test your gems and javascript against license whitelist",
+        "#",
+        "# http://github.com/newrelic/papers\n"
+      ].join("\n")
+    end
+
+    def get_installed_gems
+      gems = {}
+      Bundler.load.specs.each do |spec|
+        gems[gem_name_and_version(spec)] = gem_entry(spec)
+      end
+      return gems
+    end
+
+    def get_installed_javascripts
+      js = {}
+      Javascript.introspected.each do |entry|
+        js[entry] = {
+          'license'     => 'Unknown',
+          'license_url' => nil,
+          'project_url' => nil
+        }
+      end
+      js.empty? ? nil : js
+    end
+
+    def get_installed_bower_components
+      components = {}
+      BowerComponent.full_introspected_entries.each do |entry|
+        components[entry['name']] = {
+          'license' => 'Unknown',
+          'license_url' => nil,
+          'project_url' => ensure_valid_url(entry['homepage'])
+        }
+      end
+      components.empty? ? nil : components
+    end
+
+    def get_installed_npm_packages
+      packages = {}
+      NpmPackage.full_introspected_entries.each do |entry|
+        packages[entry['name']] = {
+          'license' => 'Unknown',
+          'license_url' => nil,
+          'project_url' => nil
+        }
+      end
+      packages.empty? ? nil : packages
+    end
+
+    def gem_name_and_version(spec)
+      if spec.name == 'bundler'
+        name_and_version = spec.name
+      else
+        name_and_version = "#{spec.name}-#{spec.version}"
+      end
+    end
+
+    def gem_entry(spec)
+      gem_license     = blank?(spec.license) ? 'Unknown' : spec.license
+      gem_project_url = blank?(spec.homepage) ? nil : spec.homepage
+
+      {
+        'license'     => gem_license,
+        'license_url' => nil,
+        'project_url' => ensure_valid_url(gem_project_url)
+        # TODO: add support for multiple licenses? some gemspecs have dual licensing
+      }
+    end
+
+    def blank?(str)
+      str.to_s.empty?
+    end
+
+    def ensure_valid_url(url_string)
+      match_url = URI::regexp.match(url_string)
+      if match_url.nil?
+        nil
+      else
+        match_url[0]
+      end
+    end
+  end
+end

data/lib/papers/manifest_generator.rb

@@ -4,7 +4,6 @@ require 'fileutils'
 require 'uri'
 
 module Papers
-
   class FileExistsError < StandardError;
     attr_reader :manifest_path
 
@@ -14,11 +13,8 @@ module Papers
     end
   end
 
-  class ManifestGenerator
-
+  class ManifestGenerator < ManifestCommand
     def generate!(args = ARGV)
-      @manifest_path = File.join('config','papers_manifest.yml')
-
       raise Papers::FileExistsError.new(@manifest_path) if manifest_exists?
 
       begin
@@ -46,90 +42,6 @@ module Papers
       return manifest
     end
 
-    def get_installed_gems
-      gems = {}
-      Bundler.load.specs.each do |spec|
-        if spec.name == 'bundler'
-          name_and_version = spec.name
-        else
-          name_and_version = "#{spec.name}-#{spec.version}"
-        end
-
-        gem_license     = blank?(spec.license) ? 'Unknown' : spec.license
-        gem_project_url = blank?(spec.homepage) ? nil : spec.homepage
-
-        gems[name_and_version] = {
-          'license'     => gem_license,
-          'license_url' => nil,
-          'project_url' => ensure_valid_url(gem_project_url)
-          # TODO: add support for multiple licenses? some gemspecs have dual licensing
-        }
-      end
-      return gems
-    end
-
-    def get_installed_javascripts
-      js = {}
-      Javascript.introspected.each do |entry|
-        js[entry] = {
-          'license'     => 'Unknown',
-          'license_url' => nil,
-          'project_url' => nil
-        }
-      end
-      js.empty? ? nil : js
-    end
-
-    def get_installed_bower_components
-      components = {}
-      BowerComponent.full_introspected_entries.each do |entry|
-        components[entry['name']] = {
-          'license' => 'Unknown',
-          'license_url' => nil,
-          'project_url' => ensure_valid_url(entry['homepage'])
-        }
-      end
-      components.empty? ? nil : components
-    end
-
-    def get_installed_npm_packages
-      packages = {}
-      NpmPackage.full_introspected_entries.each do |entry|
-        packages[entry['name']] = {
-          'license' => 'Unknown',
-          'license_url' => nil,
-          'project_url' => nil
-        }
-      end
-      packages.empty? ? nil : packages
-    end
-
-    def manifest_exists?
-      !!File.exist?(@manifest_path)
-    end
-
-    def build_header
-      [
-        "# Dependency Manifest for the Papers gem",
-        "# Used to test your gems and javascript against license whitelist",
-        "#",
-        "# http://github.com/newrelic/papers\n"
-      ].join("\n")
-    end
-
-    def ensure_valid_url url_string
-      match_url = URI::regexp.match(url_string)
-      if match_url.nil?
-        nil
-      else
-        match_url[0]
-      end
-    end
-
-    def blank? str
-      str.respond_to?(:empty?) ? str.empty? : !str
-    end
-
   end
 
 end

data/lib/papers/manifest_updater.rb

@@ -0,0 +1,113 @@
+require 'bundler'
+require 'yaml'
+require 'fileutils'
+require 'uri'
+
+module Papers
+  class FileMissingError < StandardError
+    def initialize(file)
+      super("Manifest file #{file} missing, can't update.")
+    end
+  end
+
+  class ManifestUpdater < ManifestCommand
+    def update!
+      updated_content = update
+      File.open(@manifest_path, 'w') do |file|
+        file.write(updated_content)
+      end
+
+      puts "Updated #{@manifest_path}! Run your tests and check your diffs!"
+    end
+
+    def update
+      raise Papers::FileMissingError.new(@manifest_path) unless manifest_exists?
+
+      original_content = File.read(@manifest_path)
+      result = YAML.load(original_content)
+
+      update_gems(result)
+      update_javascript(result, "javascripts", get_installed_javascripts)
+      update_javascript(result, "bower_components", get_installed_bower_components)
+      update_javascript(result, "npm_packages", get_installed_npm_packages)
+
+      build_header + YAML.dump(result)
+    end
+
+    def update_gems(result)
+      result_gems = result["gems"]
+      return unless result_gems
+
+      manifest_names = manifest_names(result_gems)
+      gemspecs.each do |gemspec|
+        if manifest_gem_key = manifest_names[gemspec.name]
+          update_gem(result_gems, gemspec, manifest_gem_key)
+        else
+          new_gem(result_gems, gemspec)
+        end
+      end
+
+      delete_gems(result_gems, manifest_names)
+    end
+
+    def update_javascript(result, key, installed)
+      existing = result[key]
+      return unless existing && installed
+
+      removed = existing.keys - installed.keys
+
+      # Merge over new results from existing to keep edits
+      installed.merge!(existing)
+
+      # Remove things that aren't installed anymore
+      removed.each do |remove|
+        installed.delete(remove)
+      end
+
+      result[key] = installed
+    end
+
+    def update_gem(result_gems, gemspec, manifest_gem_key)
+      manifest_gem = result_gems.delete(manifest_gem_key)
+      if gemspec.license != manifest_gem["license"]
+        new_licenses = gemspec.licenses || []
+        new_licenses << gemspec.license
+        new_licenses.uniq!
+
+        manifest_gem["license"] = "License Change! Was '#{manifest_gem["license"]}', is now #{new_licenses}"
+      end
+
+      name = gem_name_and_version(gemspec)
+      name = gemspec.name if gemspec.name == manifest_gem_key
+      result_gems[name] = manifest_gem
+    end
+
+    def new_gem(result_gems, gemspec)
+      result_gems[gem_name_and_version(gemspec)] = gem_entry(gemspec)
+    end
+
+    def delete_gems(result_gems, manifest_names)
+      # Find removed gems
+      manifest_names.each do |(gem_name, gem_key)|
+        if gemspecs.none? { |gem| gem.name == gem_name }
+          result_gems.delete(gem_key)
+        end
+      end
+    end
+
+    def name_from_key(key)
+      key.include?("-") ? key.rpartition("-").first : key
+    end
+
+    def manifest_names(result_gems)
+      result_gems.reduce({}) do |hash, (key, _)|
+        hash[name_from_key(key)] = key
+        hash
+      end
+    end
+
+    def gemspecs
+      @gemspecs ||= Bundler.load.specs.dup
+    end
+  end
+end

data/lib/papers/version.rb

@@ -1,7 +1,7 @@
 module Papers
   class Version
     MAJOR = 2
-    MINOR = 3
+    MINOR = 4
     PATCH = 0
 
     def self.to_s

data/spec/manifest_updater_spec.rb

@@ -0,0 +1,163 @@
+require 'spec_helper'
+
+describe Papers::ManifestUpdater do
+  subject(:updater) { Papers::ManifestUpdater.new(path) }
+
+  let(:path) { "/config/papers_manifest.yml" }
+
+  let(:header) { <<EOS
+# Dependency Manifest for the Papers gem
+# Used to test your gems and javascript against license whitelist
+#
+# http://github.com/newrelic/papers
+---
+EOS
+  }
+
+  before do
+    allow(File).to receive(:read).and_call_original
+    allow(File).to receive(:read).with(path).and_return(original_content)
+
+    allow(File).to receive(:exist?).and_call_original
+    allow(File).to receive(:exist?).with(path).and_return(true)
+  end
+
+  describe "Ruby" do
+    let(:original_content) { <<EOS
+#{header.chomp}
+gems:
+  rails-4.2.0:
+    license: MIT
+    license_url: 
+    project_url: https://github.com/rails/rails
+  newrelic_rpm:
+    license: New Relic
+    license_url: 
+    project_url: https://github.com/newrelic/rpm
+EOS
+    }
+
+    let(:shoes_license) { <<EOS
+  shoes-4.0.0:
+    license: MIT
+    license_url: 
+    project_url: http://shoesrb.com
+EOS
+    }
+
+
+    it "avoids unnecessary updates" do
+      allow(updater).to receive(:gemspecs).and_return([
+        double(name: 'rails', version: '4.2.0', license: "MIT"),
+        double(name: 'newrelic_rpm', version: '3.16.2.321', license: "New Relic")
+      ])
+
+      expect(updater.update).to eq(original_content)
+    end
+
+    it "updates version in place" do
+      allow(updater).to receive(:gemspecs).and_return([
+        double(name: 'rails', version: '4.2.7.1', license: "MIT"),
+        double(name: 'newrelic_rpm', version: '3.16.2.321', license: "New Relic")
+      ])
+
+      expected = original_content.gsub(/rails-4.2.0/, "rails-4.2.7.1")
+      expect(updater.update).to eq(expected)
+    end
+
+    it "adds new gems" do
+      allow(updater).to receive(:gemspecs).and_return([
+        double(name: 'rails', version: '4.2.0', license: "MIT"),
+        double(name: 'newrelic_rpm', version: '3.16.2.321', license: "New Relic"),
+        double(name: 'shoes', version: '4.0.0', license: "MIT", homepage: "http://shoesrb.com")
+      ])
+
+      expected = original_content + shoes_license
+      expect(updater.update).to eq(expected)
+    end
+
+    it "deletes removed gems" do
+      allow(updater).to receive(:gemspecs).and_return([
+        double(name: 'shoes', version: '4.0.0', license: "MIT", homepage: "http://shoesrb.com")
+      ])
+
+      expected = "#{header}gems:\n#{shoes_license}"
+      expect(updater.update).to eq(expected)
+    end
+
+    it "warns on change to license" do
+      allow(updater).to receive(:gemspecs).and_return([
+        double(name: 'rails', version: '5.0.0', license: "NOT-MIT", licenses: ["NOT-MIT"]),
+        double(name: 'newrelic_rpm', version: '3.16.2.321', license: "New Relic", licenses: ["New Relic"]),
+      ])
+
+      expected = original_content.gsub(/rails-4.2.0/, "rails-5.0.0").
+        sub(/MIT/, "License Change! Was 'MIT', is now [\"NOT-MIT\"]")
+      expect(updater.update).to eq(expected)
+    end
+  end
+
+  describe "Javascript" do
+    let(:original_content) { <<EOS
+#{header.chomp}
+javascripts:
+  app/javascripts/instances/index.js:
+    license: New Relic
+    license_url: http://newrelic.com
+    project_url: http://newrelic.com
+  app/javascripts/instances/show.js:
+    license: Unknown
+    license_url: 
+    project_url: 
+bower_components:
+  angular:
+    license: MIT
+    license_url: 
+    project_url: 
+  lodash:
+    license: Unknown
+    license_url: 
+    project_url: 
+npm_packages:
+  react:
+    license: MIT
+    license_url: 
+    project_url: 
+  redux:
+    license: Unknown
+    license_url: 
+    project_url: 
+EOS
+    }
+
+    it "updates javascripts" do
+      allow(Papers::Javascript).to receive(:introspected).and_return([
+        "app/javascripts/instances/index.js",
+        "app/javascripts/instances/delete.js"
+      ])
+
+      expected = original_content.sub(%r{/instances/show.js}, "/instances/delete.js")
+      expect(updater.update).to eq(expected)
+    end
+
+    it "updates bower_components" do
+      allow(Papers::BowerComponent).to receive(:full_introspected_entries).and_return([
+        { "name" => "angular" },
+        { "name" => "bower" }
+      ])
+
+      expected = original_content.sub(/lodash/, "bower")
+      expect(updater.update).to eq(expected)
+    end
+
+    it "updates npm_packages" do
+      allow(Papers::NpmPackage).to receive(:full_introspected_entries).and_return([
+        { "name" => "react" },
+        { "name" => "flow" }
+      ])
+
+      expected = original_content.sub(/redux/, "flow")
+      expect(updater.update).to eq(expected)
+    end
+  end
+end

data/spec/npm_package_spec.rb

@@ -1,5 +1,3 @@
-require 'bundler/setup'
-require 'rspec'
 require_relative '../lib/papers'
 
 describe 'NpmPackageSpecification' do

data/spec/papers_spec.rb

@@ -1,6 +1,4 @@
-require 'bundler/setup'
-require 'rspec'
-require_relative '../lib/papers'
+require 'spec_helper'
 
 describe 'Papers' do
 

data/spec/spec_helper.rb

@@ -0,0 +1,3 @@
+require 'bundler/setup'
+require 'rspec'
+require_relative '../lib/papers'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: papers
 version: !ruby/object:Gem::Version
-  version: 2.3.0
+  version: 2.4.0
 platform: ruby
 authors:
 - Ralph Bodenner
@@ -12,7 +12,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-10-12 00:00:00.000000000 Z
+date: 2016-10-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -69,11 +69,15 @@ files:
 - lib/papers/dependency_specification/javascript.rb
 - lib/papers/dependency_specification/npm_package.rb
 - lib/papers/license_validator.rb
+- lib/papers/manifest_command.rb
 - lib/papers/manifest_generator.rb
+- lib/papers/manifest_updater.rb
 - lib/papers/version.rb
 - papers.gemspec
+- spec/manifest_updater_spec.rb
 - spec/npm_package_spec.rb
 - spec/papers_spec.rb
+- spec/spec_helper.rb
 - spec/support/package.json
 - spec/support/package_with_error.json
 homepage: http://github.com/newrelic/papers
@@ -96,12 +100,14 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.4.8
+rubygems_version: 2.6.2
 signing_key: 
 specification_version: 4
 summary: Validate the licenses of software dependencies you use
 test_files:
+- spec/manifest_updater_spec.rb
 - spec/npm_package_spec.rb
 - spec/papers_spec.rb
+- spec/spec_helper.rb
 - spec/support/package.json
 - spec/support/package_with_error.json