spandx 0.11.0 → 0.12.0

data/lib/spandx/python/source.rb

@@ -21,7 +21,11 @@ module Spandx
 
       def lookup(name, version, http: Spandx.http)
         response = http.get(uri_for(name, version))
-        response if http.ok?(response)
+        if http.ok?(response)
+          JSON.parse(response.body)
+        else
+          {}
+        end
       end
 
       class << self

data/lib/spandx/{rubygems → ruby}/gateway.rb

@@ -1,26 +1,25 @@
 # frozen_string_literal: true
 
 module Spandx
-  module Rubygems
-    class Gateway
+  module Ruby
+    class Gateway < ::Spandx::Core::Gateway
       # https://guides.rubygems.org/rubygems-org-api-v2/
       def initialize(http: Spandx.http)
         @http = http
       end
 
-      def licenses_for(name, version)
-        found = cache.licenses_for(name: name, version: version)
-        found.any? ? found : details_on(name, version)['licenses'] || []
+      def licenses_for(dependency)
+        details_on(dependency.name, dependency.version)['licenses'] || []
+      end
+
+      def matches?(dependency)
+        dependency.package_manager == :rubygems
       end
 
       private
 
       attr_reader :http
 
-      def cache
-        @cache ||= ::Spandx::Core::Cache.new(:rubygems, url: 'https://github.com/mokhan/spandx-rubygems.git')
-      end
-
       def details_on(name, version)
         url = "https://rubygems.org/api/v2/rubygems/#{name}/versions/#{version}.json"
         response = http.get(url, default: {})

data/lib/spandx/{rubygems → ruby}/parsers/gemfile_lock.rb

@@ -1,24 +1,19 @@
 # frozen_string_literal: true
 
 module Spandx
-  module Rubygems
+  module Ruby
     module Parsers
       class GemfileLock < ::Spandx::Core::Parser
         STRIP_BUNDLED_WITH = /^BUNDLED WITH$(\r?\n)   (?<major>\d+)\.\d+\.\d+/m.freeze
 
-        def self.matches?(filename)
+        def matches?(filename)
           filename.match?(/Gemfile.*\.lock/) ||
             filename.match?(/gems.*\.lock/)
         end
 
         def parse(lockfile)
           dependencies_from(lockfile).map do |specification|
-            ::Spandx::Core::Dependency.new(
-              name: specification.name,
-              version: specification.version.to_s,
-              licenses: licenses_for(specification),
-              meta: specification
-            )
+            map_from(specification)
           end
         end
 
@@ -33,14 +28,17 @@ module Spandx
           end
         end
 
-        def licenses_for(specification)
-          rubygems
-            .licenses_for(specification.name, specification.version.to_s)
-            .map { |x| catalogue[x] }
-        end
-
-        def rubygems
-          @rubygems ||= Spandx::Rubygems::Gateway.new
+        def map_from(specification)
+          ::Spandx::Core::Dependency.new(
+            package_manager: :rubygems,
+            name: specification.name,
+            version: specification.version.to_s,
+            meta: {
+              dependencies: specification.dependencies,
+              platform: specification.platform,
+              source: specification.source
+            }
+          )
         end
       end
     end

data/lib/spandx/spdx/catalogue.rb

@@ -37,7 +37,7 @@ module Spandx
         end
 
         def from_git
-          from_json(Spandx.spdx_db.read('json/licenses.json'))
+          from_json(Spandx.git[:spdx].read('json/licenses.json'))
         end
 
         def empty

data/lib/spandx/spdx/license.rb

@@ -65,8 +65,8 @@ module Spandx
         @content ||= ::Spandx::Core::Content.new(raw_content)
       end
 
-      def raw_content
-        @raw_content ||= (Spandx.spdx_db.read("text/#{id}.txt") || '')
+      def content=(value)
+        @content = ::Spandx::Core::Content.new(value)
       end
 
       def <=>(other)
@@ -76,6 +76,16 @@ module Spandx
       def to_s
         id
       end
+
+      def self.unknown(text)
+        new(licenseId: 'Nonstandard', name: 'Unknown').tap { |x| x.content = text }
+      end
+
+      private
+
+      def raw_content
+        @raw_content ||= (Spandx.git[:spdx].read("text/#{id}.txt") || '')
+      end
     end
   end
 end

data/lib/spandx/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Spandx
-  VERSION = '0.11.0'
+  VERSION = '0.12.0'
 end

data/spandx.gemspec

@@ -14,7 +14,7 @@ Gem::Specification.new do |spec|
   spec.description   = 'A ruby interface to the SPDX catalogue. With a CLI that can scan project lockfiles to list out software licenses for each dependency'
   spec.homepage      = 'https://github.com/mokhan/spandx'
   spec.license       = 'MIT'
-  spec.required_ruby_version = Gem::Requirement.new('>= 2.4.0')
+  spec.required_ruby_version = Gem::Requirement.new('>= 2.5.0')
 
   spec.metadata['homepage_uri'] = spec.homepage
   spec.metadata['source_code_uri'] = 'https://github.com/mokhan/spandx'
@@ -35,10 +35,13 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'net-hippie', '~> 0.3'
   spec.add_dependency 'nokogiri', '~> 1.10'
   spec.add_dependency 'thor'
+  spec.add_dependency 'zeitwerk', '~> 2.3'
 
   spec.add_development_dependency 'bundler-audit', '~> 0.6'
+  spec.add_development_dependency 'byebug', '~> 11.1'
   spec.add_development_dependency 'jaro_winkler', '~> 1.5'
   spec.add_development_dependency 'licensed', '~> 2.8'
+  spec.add_development_dependency 'parallel_tests', '~> 2.32'
   spec.add_development_dependency 'rake', '~> 13.0'
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'rspec-benchmark', '~> 0.5'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spandx
 version: !ruby/object:Gem::Version
-  version: 0.11.0
+  version: 0.12.0
 platform: ruby
 authors:
 - mo khan
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-03-20 00:00:00.000000000 Z
+date: 2020-04-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -86,6 +86,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: zeitwerk
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.3'
 - !ruby/object:Gem::Dependency
   name: bundler-audit
   requirement: !ruby/object:Gem::Requirement
@@ -100,6 +114,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.6'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '11.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '11.1'
 - !ruby/object:Gem::Dependency
   name: jaro_winkler
   requirement: !ruby/object:Gem::Requirement
@@ -128,6 +156,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.8'
+- !ruby/object:Gem::Dependency
+  name: parallel_tests
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.32'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '2.32'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -255,20 +297,26 @@ files:
 - exe/spandx
 - lib/spandx.rb
 - lib/spandx/cli.rb
-- lib/spandx/cli/command.rb
-- lib/spandx/cli/commands/index.rb
-- lib/spandx/cli/commands/index/build.rb
-- lib/spandx/cli/commands/index/update.rb
+- lib/spandx/cli/commands/build.rb
+- lib/spandx/cli/commands/pull.rb
 - lib/spandx/cli/commands/scan.rb
+- lib/spandx/cli/main.rb
 - lib/spandx/core/cache.rb
+- lib/spandx/core/circuit.rb
 - lib/spandx/core/content.rb
-- lib/spandx/core/database.rb
 - lib/spandx/core/dependency.rb
+- lib/spandx/core/gateway.rb
+- lib/spandx/core/git.rb
 - lib/spandx/core/guess.rb
 - lib/spandx/core/http.rb
+- lib/spandx/core/license_plugin.rb
+- lib/spandx/core/null_gateway.rb
 - lib/spandx/core/parser.rb
+- lib/spandx/core/plugin.rb
+- lib/spandx/core/registerable.rb
 - lib/spandx/core/report.rb
 - lib/spandx/core/score.rb
+- lib/spandx/core/table.rb
 - lib/spandx/dotnet/index.rb
 - lib/spandx/dotnet/nuget_gateway.rb
 - lib/spandx/dotnet/package_reference.rb
@@ -276,14 +324,22 @@ files:
 - lib/spandx/dotnet/parsers/packages_config.rb
 - lib/spandx/dotnet/parsers/sln.rb
 - lib/spandx/dotnet/project_file.rb
+- lib/spandx/java/gateway.rb
 - lib/spandx/java/index.rb
 - lib/spandx/java/metadata.rb
 - lib/spandx/java/parsers/maven.rb
+- lib/spandx/js/parsers/npm.rb
+- lib/spandx/js/parsers/yarn.rb
+- lib/spandx/js/yarn_lock.rb
+- lib/spandx/js/yarn_pkg.rb
+- lib/spandx/php/packagist_gateway.rb
+- lib/spandx/php/parsers/composer.rb
+- lib/spandx/python/index.rb
 - lib/spandx/python/parsers/pipfile_lock.rb
 - lib/spandx/python/pypi.rb
 - lib/spandx/python/source.rb
-- lib/spandx/rubygems/gateway.rb
-- lib/spandx/rubygems/parsers/gemfile_lock.rb
+- lib/spandx/ruby/gateway.rb
+- lib/spandx/ruby/parsers/gemfile_lock.rb
 - lib/spandx/spdx/catalogue.rb
 - lib/spandx/spdx/gateway.rb
 - lib/spandx/spdx/license.rb
@@ -304,7 +360,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.4.0
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/lib/spandx/cli/command.rb

@@ -1,65 +0,0 @@
-# frozen_string_literal: true
-
-module Spandx
-  module Cli
-    class Command
-      extend Forwardable
-
-      def_delegators :command, :run
-
-      def execute(*)
-        raise(NotImplementedError, "#{self.class}##{__method__} must be implemented")
-      end
-
-      def command(**options)
-        require 'tty-command'
-        TTY::Command.new(options)
-      end
-
-      def cursor
-        require 'tty-cursor'
-        TTY::Cursor
-      end
-
-      def editor
-        require 'tty-editor'
-        TTY::Editor
-      end
-
-      def generator
-        require 'tty-file'
-        TTY::File
-      end
-
-      def pager(**options)
-        require 'tty-pager'
-        TTY::Pager.new(options)
-      end
-
-      def platform
-        require 'tty-platform'
-        TTY::Platform.new
-      end
-
-      def prompt(**options)
-        require 'tty-prompt'
-        TTY::Prompt.new(options)
-      end
-
-      def screen
-        require 'tty-screen'
-        TTY::Screen
-      end
-
-      def which(*args)
-        require 'tty-which'
-        TTY::Which.which(*args)
-      end
-
-      def exec_exist?(*args)
-        require 'tty-which'
-        TTY::Which.exist?(*args)
-      end
-    end
-  end
-end

data/lib/spandx/cli/commands/index.rb

@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-
-module Spandx
-  module Cli
-    module Commands
-      class Index < Thor
-        require 'spandx/cli/commands/index/build'
-        require 'spandx/cli/commands/index/update'
-
-        namespace :index
-
-        desc 'build', 'Build a package index'
-        method_option :help, aliases: '-h', type: :boolean, desc: 'Display usage information'
-        method_option :directory, aliases: '-d', type: :string, desc: 'Directory to build index in', default: '.index'
-        def build(*)
-          if options[:help]
-            invoke :help, ['build']
-          else
-            Spandx::Cli::Commands::Index::Build.new(options).execute
-          end
-        end
-
-        desc 'update', 'Update the offline indexes'
-        method_option :help, aliases: '-h', type: :boolean,
-                             desc: 'Display usage information'
-        def update(*)
-          if options[:help]
-            invoke :help, ['update']
-          else
-            Spandx::Cli::Commands::Index::Update.new(options).execute
-          end
-        end
-      end
-    end
-  end
-end

data/lib/spandx/cli/commands/index/build.rb

@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-module Spandx
-  module Cli
-    module Commands
-      class Index
-        class Build < Spandx::Cli::Command
-          def initialize(options)
-            @options = options
-          end
-
-          def execute(output: $stdout)
-            catalogue = Spandx::Spdx::Catalogue.from_git
-            indexes.each do |index|
-              index.update!(catalogue: catalogue, output: output)
-            end
-            output.puts 'OK'
-          end
-
-          private
-
-          def indexes
-            [
-              Spandx::Dotnet::Index.new(directory: @options[:directory]),
-              Spandx::Java::Index.new(directory: @options[:directory]),
-            ]
-          end
-        end
-      end
-    end
-  end
-end