spandx 0.1.3 → 0.1.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 68bd7e9482a8b509227140a30cbe6de687251055de0e5a044dac742facc416f8
-  data.tar.gz: aeaf6153a9e3032a2d8040a9c6f3f06031c55ab5c9d1931b55cf297eab1f8292
+  metadata.gz: d69d6fb64c5305d1fa1131f35369cfb1d30003ec838da0098dd345fbad434024
+  data.tar.gz: a97bc7e6243841a4fe0bddfd5c9141c533474840c91cf4b84961d5a9f327ad90
 SHA512:
-  metadata.gz: 52fc3d7dd8a2c8fb1a24b189d5bdd736f997dbf062d82e96cf4df10b6a125effb9dd6084264fff4f7d037bd33c63d4f876ba907c440377fceee4d2de56455a4e
-  data.tar.gz: 7815f0b62b4e2ada1b4b6798754af29f1313a96755642c9405de5feeb8aae7677a63d55ff555c67db415105d96332aacfc1abd9cdfdd2fc556b70f75abca98b8
+  metadata.gz: 06ce13d505da615593595b72ed44d0c0d409315eefdbbb69af9ea092a1d7230659c9a34d5492430bd748b4dfc0555a0b1ae28d7b2395172e202591efac2259c2
+  data.tar.gz: cc6e3ab63d93668286ff133fc46c3c7fcaa41498c0d44ae1d92b362839d4faaa010d25d4f4b7d5d566f164b295db2f776e98a23c0a3b6cbc476f1033bd92e8eb

data/CHANGELOG.md

@@ -1,4 +1,4 @@
-Version 0.1.3
+Version 0.1.4
 
 # Changelog
 All notable changes to this project will be documented in this file.
@@ -7,7 +7,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
-- nil
+### Added
+
+## [0.1.4] - 2020-01-22
+### Added
+- Add dependency on bundler
+- Scan nuget `packages.config` files
+- Scan dotnet `*.csproj` files
+- Pull ruby gem license info from rubygems.org API V2.
 
 ## [0.1.3] - 2020-01-16
 ### Added
@@ -24,7 +31,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 - Provide ruby API to the latest SPDX catalogue.
 
-[Unreleased]: https://github.com/mokhan/spandx/compare/v0.1.3...HEAD
+[Unreleased]: https://github.com/mokhan/spandx/compare/v0.1.4...HEAD
+[0.1.3]: https://github.com/mokhan/spandx/compare/v0.1.3...v0.1.4
 [0.1.3]: https://github.com/mokhan/spandx/compare/v0.1.2...v0.1.3
 [0.1.2]: https://github.com/mokhan/spandx/compare/v0.1.1...v0.1.2
 [0.1.1]: https://github.com/mokhan/spandx/compare/v0.1.0...v0.1.1

data/lib/spandx/commands/scan.rb

@@ -14,7 +14,10 @@ module Spandx
         if lockfile.nil?
           output.puts 'OK'
         else
-          report = Parsers.for(lockfile).parse(lockfile)
+          report = Report.new
+          Parsers.for(lockfile).parse(lockfile).each do |dependency|
+            report.add(dependency)
+          end
           output.puts report.to_json
         end
       end

data/lib/spandx/dependency.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+module Spandx
+  class Dependency
+    attr_reader :name, :version, :licenses
+
+    def initialize(name:, version:, licenses: [])
+      @name = name
+      @version = version
+      @licenses = licenses
+    end
+
+    def to_h
+      {
+        name: name,
+        version: version,
+        licenses: licenses.map(&:id)
+      }
+    end
+  end
+end

data/lib/spandx/gateways/nuget.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+module Spandx
+  module Gateways
+    # https://api.nuget.org/v3-flatcontainer/#{name}/#{version}/#{name}.nuspec
+    # https://api.nuget.org/v3-flatcontainer/#{package.name}/index.json
+    # https://docs.microsoft.com/en-us/nuget/api/package-base-address-resource
+    class Nuget
+      def initialize(http: Spandx.http)
+        @http = http
+      end
+
+      def licenses_for(name, version)
+        document = nuspec_for(name, version)
+
+        exact_licenses_from(document) ||
+          guess_licenses_from(document)
+      end
+
+      private
+
+      attr_reader :http
+
+      def nuspec_url_for(name, version)
+        "https://api.nuget.org/v3-flatcontainer/#{name}/#{version}/#{name}.nuspec"
+      end
+
+      def nuspec_for(name, version)
+        from_xml(http.get(nuspec_url_for(name, version)).body)
+      end
+
+      def guess_license_in(content)
+        Licensee::ProjectFiles::LicenseFile.new(content).license.key.upcase
+      end
+
+      def from_xml(xml)
+        Nokogiri::XML(xml).tap(&:remove_namespaces!)
+      end
+
+      def exact_licenses_from(document)
+        if (licenses = document.search('//package/metadata/license')).any?
+          return licenses.map(&:text)
+        end
+
+        nil
+      end
+
+      def guess_licenses_from(document)
+        document
+          .search('//package/metadata/licenseUrl')
+          .map { |node| guess_license_in(Spandx.http.get(node.text).body) }
+      end
+    end
+  end
+end

data/lib/spandx/gateways/rubygems.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+module Spandx
+  module Gateways
+    # https://guides.rubygems.org/rubygems-org-api-v2/
+    class Rubygems
+      def initialize(http: Spandx.http)
+        @http = http
+      end
+
+      def licenses_for(name, version)
+        details_on(name, version).fetch('licenses', [])
+      end
+
+      private
+
+      attr_reader :http
+
+      def details_on(name, version)
+        url = "https://rubygems.org/api/v2/rubygems/#{name}/versions/#{version}.json"
+        response = http.get(url, default: {})
+        http.ok?(response) ? parse(response.body) : {}
+      end
+
+      def parse(json)
+        JSON.parse(json)
+      end
+    end
+  end
+end

data/lib/spandx/parsers/csproj.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+module Spandx
+  module Parsers
+    class Csproj < Base
+      def self.matches?(filename)
+        filename.match?(/.*\.csproj/)
+      end
+
+      def parse(lockfile)
+        document = from_xml(IO.read(lockfile))
+        document.search('//PackageReference').map do |node|
+          name = attribute_for('Include', node)
+          version = attribute_for('Version', node)
+          Dependency.new(
+            name: name,
+            version: version,
+            licenses: nuget.licenses_for(name, version).map { |x| catalogue[x] }
+          )
+        end
+      end
+
+      private
+
+      def from_xml(xml)
+        Nokogiri::XML(xml)
+      end
+
+      def attribute_for(key, node)
+        node.attribute(key)&.value&.strip ||
+          node.at_xpath("./#{key}")&.content&.strip
+      end
+
+      def nuget
+        @nuget ||= Gateways::Nuget.new
+      end
+    end
+  end
+end

data/lib/spandx/parsers/gemfile_lock.rb

@@ -3,31 +3,40 @@
 module Spandx
   module Parsers
     class GemfileLock < Base
+      STRIP_BUNDLED_WITH = /^BUNDLED WITH$(\r?\n)   (?<major>\d+)\.\d+\.\d+/m.freeze
+
       def self.matches?(filename)
-        filename.match?(/Gemfile.*\.lock/)
+        filename.match?(/Gemfile.*\.lock/) ||
+          filename.match?(/gems.*\.lock/)
       end
 
       def parse(lockfile)
-        report = Report.new
-        dependencies_from(lockfile) do |dependency|
-          spec = dependency.to_spec
-          report.add(
-            name: dependency.name,
-            version: spec.version.to_s,
-            licenses: [catalogue[spec.license]]
+        content = IO.read(lockfile)
+        dependencies_from(content).map do |specification|
+          Dependency.new(
+            name: specification.name,
+            version: specification.version.to_s,
+            licenses: licenses_for(specification)
           )
         end
-        report
       end
 
       private
 
-      def dependencies_from(lockfile)
+      def dependencies_from(content)
         ::Bundler::LockfileParser
-          .new(IO.read(lockfile))
-          .dependencies.each do |_key, dependency|
-          yield dependency
-        end
+          .new(content.sub(STRIP_BUNDLED_WITH, ''))
+          .specs
+      end
+
+      def licenses_for(specification)
+        rubygems
+          .licenses_for(specification.name, specification.version.to_s)
+          .map { |x| catalogue[x] }
+      end
+
+      def rubygems
+        @rubygems ||= Gateways::Rubygems.new
       end
     end
   end

data/lib/spandx/parsers/packages_config.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Spandx
+  module Parsers
+    class PackagesConfig < Base
+      def self.matches?(filename)
+        filename.match?(/packages\.config/)
+      end
+
+      def parse(lockfile)
+        Nokogiri::XML(IO.read(lockfile))
+          .search('//package')
+          .map { |node| map_from(node) }
+      end
+
+      private
+
+      def map_from(node)
+        name = attribute_for('id', node)
+        version = attribute_for('version', node)
+        Dependency.new(
+          name: name,
+          version: version,
+          licenses: nuget.licenses_for(name, version).map { |x| catalogue[x] }
+        )
+      end
+
+      def attribute_for(key, node)
+        node.attribute(key)&.value&.strip || node.at_xpath("./#{key}")&.content&.strip
+      end
+
+      def nuget
+        @nuget ||= Gateways::Nuget.new
+      end
+    end
+  end
+end

data/lib/spandx/parsers/pipfile_lock.rb

@@ -8,15 +8,15 @@ module Spandx
       end
 
       def parse(lockfile)
-        report = Report.new
+        results = []
         dependencies_from(lockfile) do |x|
-          report.add(
+          results << Dependency.new(
             name: x[:name],
             version: x[:version],
             licenses: x[:licenses]
           )
         end
-        report
+        results
       end
 
       private

data/lib/spandx/parsers.rb

@@ -1,18 +1,26 @@
 # frozen_string_literal: true
 
 require 'spandx/parsers/base'
+require 'spandx/parsers/csproj'
 require 'spandx/parsers/gemfile_lock'
+require 'spandx/parsers/packages_config'
 require 'spandx/parsers/pipfile_lock'
 
 module Spandx
   module Parsers
+    UNKNOWN = Class.new do
+      def self.parse(*_args)
+        []
+      end
+    end
+
     class << self
       def for(path, catalogue: Spandx::Catalogue.latest)
         result = ::Spandx::Parsers::Base.find do |x|
           x.matches?(File.basename(path))
         end
 
-        result&.new(catalogue: catalogue)
+        result&.new(catalogue: catalogue) || UNKNOWN
       end
     end
   end

data/lib/spandx/report.rb

@@ -6,12 +6,8 @@ module Spandx
       @report = report
     end
 
-    def add(name:, version:, licenses: [])
-      @report[:packages].push(
-        name: name,
-        version: version,
-        licenses: licenses.map(&:id)
-      )
+    def add(dependency)
+      @report[:packages].push(dependency.to_h)
     end
 
     def to_h

data/lib/spandx/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Spandx
-  VERSION = '0.1.3'
+  VERSION = '0.1.4'
 end

data/lib/spandx.rb

@@ -1,13 +1,19 @@
 # frozen_string_literal: true
 
+require 'bundler'
 require 'forwardable'
 require 'json'
+require 'licensee'
 require 'net/hippie'
+require 'nokogiri'
 require 'pathname'
 
 require 'spandx/catalogue'
+require 'spandx/dependency'
 require 'spandx/gateways/http'
+require 'spandx/gateways/nuget'
 require 'spandx/gateways/pypi'
+require 'spandx/gateways/rubygems'
 require 'spandx/gateways/spdx'
 require 'spandx/license'
 require 'spandx/parsers'

data/spandx.gemspec

@@ -19,22 +19,26 @@ Gem::Specification.new do |spec|
   spec.metadata['source_code_uri'] = 'https://github.com/mokhan/spandx'
   spec.metadata['changelog_uri'] = 'https://github.com/mokhan/spandx/blob/master/CHANGELOG.md'
 
-  # Specify which files should be added to the gem when it is released.
-  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
   spec.files = Dir.chdir(File.expand_path(__dir__)) do
-    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+    Dir.glob('exe/*') +
+      Dir.glob('lib/**/**/*.{rb}') +
+      Dir.glob('*.{md,gemspec,txt}')
   end
+
   spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
 
+  spec.add_dependency 'bundler', '>= 1.16', '< 3.0.0'
+  spec.add_dependency 'licensee', '~> 9.13'
   spec.add_dependency 'net-hippie', '~> 0.3'
+  spec.add_dependency 'nokogiri', '~> 1.10'
   spec.add_dependency 'thor', '~> 0.1'
-  spec.add_development_dependency 'bundler', '~> 2.0'
   spec.add_development_dependency 'bundler-audit', '~> 0.6'
   spec.add_development_dependency 'rake', '~> 13.0'
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'rubocop', '~> 0.52'
   spec.add_development_dependency 'rubocop-rspec', '~> 1.22'
+  spec.add_development_dependency 'vcr', '~> 5.0'
   spec.add_development_dependency 'webmock', '~> 3.7'
 end

metadata

@@ -1,15 +1,49 @@
 --- !ruby/object:Gem::Specification
 name: spandx
 version: !ruby/object:Gem::Version
-  version: 0.1.3
+  version: 0.1.4
 platform: ruby
 authors:
 - mo khan
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-01-17 00:00:00.000000000 Z
+date: 2020-01-23 00:00:00.000000000 Z
 dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.16'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '1.16'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 3.0.0
+- !ruby/object:Gem::Dependency
+  name: licensee
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '9.13'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '9.13'
 - !ruby/object:Gem::Dependency
   name: net-hippie
   requirement: !ruby/object:Gem::Requirement
@@ -25,33 +59,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0.3'
 - !ruby/object:Gem::Dependency
-  name: thor
+  name: nokogiri
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.1'
+        version: '1.10'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '0.1'
+        version: '1.10'
 - !ruby/object:Gem::Dependency
-  name: bundler
+  name: thor
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
-  type: :development
+        version: '0.1'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '0.1'
 - !ruby/object:Gem::Dependency
   name: bundler-audit
   requirement: !ruby/object:Gem::Requirement
@@ -122,6 +156,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.22'
+- !ruby/object:Gem::Dependency
+  name: vcr
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '5.0'
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
@@ -144,41 +192,29 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
-- ".github/workflows/ci.yml"
-- ".gitignore"
-- ".gitlab-ci.yml"
-- ".rspec"
-- ".rubocop.yml"
 - CHANGELOG.md
-- Gemfile
-- Gemfile.lock
 - LICENSE.txt
 - README.md
-- Rakefile
-- bin/cibuild
-- bin/console
-- bin/lint
-- bin/setup
-- bin/shipit
-- bin/test
 - exe/spandx
 - lib/spandx.rb
 - lib/spandx/catalogue.rb
 - lib/spandx/cli.rb
 - lib/spandx/command.rb
-- lib/spandx/commands/.gitkeep
 - lib/spandx/commands/scan.rb
+- lib/spandx/dependency.rb
 - lib/spandx/gateways/http.rb
+- lib/spandx/gateways/nuget.rb
 - lib/spandx/gateways/pypi.rb
+- lib/spandx/gateways/rubygems.rb
 - lib/spandx/gateways/spdx.rb
 - lib/spandx/license.rb
 - lib/spandx/parsers.rb
 - lib/spandx/parsers/base.rb
+- lib/spandx/parsers/csproj.rb
 - lib/spandx/parsers/gemfile_lock.rb
+- lib/spandx/parsers/packages_config.rb
 - lib/spandx/parsers/pipfile_lock.rb
 - lib/spandx/report.rb
-- lib/spandx/templates/.gitkeep
-- lib/spandx/templates/scan/.gitkeep
 - lib/spandx/version.rb
 - spandx.gemspec
 homepage: https://github.com/mokhan/spandx

data/.github/workflows/ci.yml

@@ -1,13 +0,0 @@
-name: ci
-on: [push]
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v1
-      - name: Set up Ruby 2.6
-        uses: actions/setup-ruby@v1
-        with:
-          ruby-version: 2.6.x
-      - name: Run cibuild
-        run: bin/cibuild

data/.gitignore

@@ -1,12 +0,0 @@
-/.bundle/
-/.yardoc
-/_yardoc/
-/coverage/
-/doc/
-/pkg/
-/spec/reports/
-/tmp/
-
-# rspec failure tracking
-.rspec_status
-*.log

data/.gitlab-ci.yml

@@ -1,8 +0,0 @@
-stages:
-  - test
-
-test:
-  stage: test
-  image: ruby:2.6
-  script:
-    - ./bin/cibuild

data/.rspec

@@ -1,3 +0,0 @@
---format documentation
---color
---require spec_helper

data/.rubocop.yml

@@ -1,74 +0,0 @@
-require:
-  - rubocop-rspec
-
-AllCops:
-  Exclude:
-    - 'pkg/**/*'
-    - 'spec/fixtures/**/*'
-  TargetRubyVersion: 2.6
-
-Layout/ArgumentAlignment:
-  EnforcedStyle: with_fixed_indentation
-
-Layout/ParameterAlignment:
-  Enabled: true
-  EnforcedStyle: with_fixed_indentation
-  IndentationWidth: 2
-
-Layout/EndOfLine:
-  EnforcedStyle: lf
-
-Layout/FirstArrayElementIndentation:
-  EnforcedStyle: consistent
-
-Layout/MultilineMethodCallIndentation:
-  Enabled: true
-  EnforcedStyle: indented
-
-Lint/AmbiguousBlockAssociation:
-  Exclude:
-    - 'spec/**/*.rb'
-
-Metrics/BlockLength:
-  Exclude:
-    - '*.gemspec'
-    - 'Rakefile'
-    - 'spec/**/*.rb'
-
-Metrics/ModuleLength:
-  Exclude:
-    - 'spec/**/*.rb'
-
-Metrics/LineLength:
-  Exclude:
-    - 'spec/**/*.rb'
-  IgnoredPatterns:
-    - '^#*'
-
-Naming/RescuedExceptionsVariableName:
-  PreferredName: error
-
-Style/Documentation:
-  Enabled: false
-
-Style/StringLiterals:
-  EnforcedStyle: 'single_quotes'
-
-Style/TrailingCommaInArrayLiteral:
-  Enabled: false
-
-Style/TrailingCommaInHashLiteral:
-  Enabled: false
-
-RSpec/ExampleLength:
-  Max: 80
-
-RSpec/NamedSubject:
-  Enabled: false
-
-RSpec/FilePath:
-  Enabled: false
-
-RSpec/DescribeClass:
-  Exclude:
-    - 'spec/integration/**/*'

data/Gemfile

@@ -1,6 +0,0 @@
-# frozen_string_literal: true
-
-source 'https://rubygems.org'
-
-# Specify your gem's dependencies in spandx.gemspec
-gemspec

data/Gemfile.lock

@@ -1,74 +0,0 @@
-PATH
-  remote: .
-  specs:
-    spandx (0.1.3)
-      net-hippie (~> 0.3)
-      thor (~> 0.1)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    addressable (2.7.0)
-      public_suffix (>= 2.0.2, < 5.0)
-    ast (2.4.0)
-    bundler-audit (0.6.1)
-      bundler (>= 1.2.0, < 3)
-      thor (~> 0.18)
-    crack (0.4.3)
-      safe_yaml (~> 1.0.0)
-    diff-lcs (1.3)
-    hashdiff (1.0.0)
-    jaro_winkler (1.5.4)
-    net-hippie (0.3.1)
-    parallel (1.19.1)
-    parser (2.7.0.0)
-      ast (~> 2.4.0)
-    public_suffix (4.0.2)
-    rainbow (3.0.0)
-    rake (13.0.1)
-    rspec (3.9.0)
-      rspec-core (~> 3.9.0)
-      rspec-expectations (~> 3.9.0)
-      rspec-mocks (~> 3.9.0)
-    rspec-core (3.9.0)
-      rspec-support (~> 3.9.0)
-    rspec-expectations (3.9.0)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-mocks (3.9.0)
-      diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-support (3.9.0)
-    rubocop (0.78.0)
-      jaro_winkler (~> 1.5.1)
-      parallel (~> 1.10)
-      parser (>= 2.6)
-      rainbow (>= 2.2.2, < 4.0)
-      ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 1.7)
-    rubocop-rspec (1.37.1)
-      rubocop (>= 0.68.1)
-    ruby-progressbar (1.10.1)
-    safe_yaml (1.0.5)
-    thor (0.20.3)
-    unicode-display_width (1.6.0)
-    webmock (3.7.6)
-      addressable (>= 2.3.6)
-      crack (>= 0.3.2)
-      hashdiff (>= 0.4.0, < 2.0.0)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  bundler (~> 2.0)
-  bundler-audit (~> 0.6)
-  rake (~> 13.0)
-  rspec (~> 3.0)
-  rubocop (~> 0.52)
-  rubocop-rspec (~> 1.22)
-  spandx!
-  webmock (~> 3.7)
-
-BUNDLED WITH
-   2.1.2

data/Rakefile

@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-
-require 'bundler/audit/task'
-require 'bundler/gem_tasks'
-require 'rspec/core/rake_task'
-require 'rubocop/rake_task'
-
-RSpec::Core::RakeTask.new(:spec)
-RuboCop::RakeTask.new(:rubocop)
-Bundler::Audit::Task.new
-
-task lint: [:rubocop, 'bundle:audit']
-task default: :spec

data/bin/cibuild

@@ -1,19 +0,0 @@
-#!/bin/sh
-
-set -e
-
-cd "$(dirname "$0")/.."
-
-echo [$(date "+%H:%M:%S")] "==> Started at…"
-
-# GC customizations
-export RUBY_GC_MALLOC_LIMIT=79000000
-export RUBY_GC_HEAP_INIT_SLOTS=800000
-export RUBY_HEAP_FREE_MIN=100000
-export RUBY_HEAP_SLOTS_INCREMENT=400000
-export RUBY_HEAP_SLOTS_GROWTH_FACTOR=1
-
-ruby -v
-gem install bundler --conservative -v '~> 2.0'
-bin/test
-bin/lint

data/bin/console

@@ -1,15 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-require 'bundler/setup'
-require 'spandx'
-
-# You can add fixtures and/or initialization code here to make experimenting
-# with your gem easier. You can also use a different console, if you like.
-
-# (If you use this, don't forget to add pry to your Gemfile!)
-# require "pry"
-# Pry.start
-
-require 'irb'
-IRB.start(__FILE__)

data/bin/lint

@@ -1,11 +0,0 @@
-#!/bin/sh
-
-set -e
-
-[ -z "$DEBUG" ] || set -x
-
-echo [$(date "+%H:%M:%S")] "==> Running setup…"
-bin/setup
-
-echo [$(date "+%H:%M:%S")] "==> Running linters…"
-bundle exec rake lint

data/bin/setup

@@ -1,6 +0,0 @@
-#!/usr/bin/env bash
-set -euo pipefail
-IFS=$'\n\t'
-set -vx
-
-bundle check || bundle install --jobs "$(sysctl -n hw.ncpu || nproc)"

data/bin/shipit

@@ -1,10 +0,0 @@
-#!/bin/sh
-
-set -e
-
-cd "$(dirname "$0")/.."
-
-[ -z "$DEBUG" ] || set -x
-
-bin/cibuild
-bundle exec rake release

data/bin/test

@@ -1,13 +0,0 @@
-#!/bin/sh
-
-set -e
-
-cd "$(dirname "$0")/.."
-
-[ -z "$DEBUG" ] || set -x
-
-echo [$(date "+%H:%M:%S")] "==> Running setup…"
-bin/setup
-
-echo [$(date "+%H:%M:%S")] "==> Running tests…"
-bundle exec rake spec

data/lib/spandx/templates/scan/.gitkeep

@@ -1 +0,0 @@
-#