spdx 1.4.4 → 2.0.5

data/spdx.gemspec

@@ -1,25 +1,28 @@
-lib = File.expand_path('lib', __dir__)
+# frozen_string_literal: true
+
+lib = File.expand_path("lib", __dir__)
 $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'spdx/version'
+require "spdx/version"
 
 Gem::Specification.new do |spec|
-  spec.name          = 'spdx'
+  spec.name          = "spdx"
   spec.version       = Spdx::VERSION
-  spec.authors       = ['Andrew Nesbitt']
-  spec.email         = ['andrewnez@gmail.com']
-  spec.summary       = 'A SPDX license normalizer'
-  spec.homepage      = 'https://github.com/librariesio/spdx'
-  spec.license       = 'MIT'
+  spec.authors       = ["Tidelift, Inc."]
+  spec.email         = ["support@tidelift.com"]
+  spec.summary       = "A SPDX license normalizer"
+  spec.homepage      = "https://github.com/librariesio/spdx"
+  spec.license       = "MIT"
 
   spec.files         = `git ls-files -z`.split("\x0")
   spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
-  spec.require_paths = ['lib']
+  spec.require_paths = ["lib"]
 
-  spec.add_dependency 'fuzzy_match', '~> 2.1'
-  spec.add_dependency 'spdx-licenses', '~> 1.2'
-  spec.add_development_dependency 'bundler', '~> 1.16'
-  spec.add_development_dependency 'rake', '~> 12'
-  spec.add_development_dependency 'rspec', '~> 3.7'
-  spec.add_development_dependency 'rubocop'
+  spec.add_dependency "fuzzy_match", "~> 2.1"
+  spec.add_dependency "treetop", "~> 1.6"
+  spec.add_development_dependency "bundler"
+  spec.add_development_dependency "pry"
+  spec.add_development_dependency "rake", "~> 12"
+  spec.add_development_dependency "rspec", "~> 3.7"
+  spec.add_development_dependency "rubocop"
 end

data/spec/spdx_spec.rb

@@ -1,183 +1,220 @@
-require 'spec_helper'
+# frozen_string_literal: true
+
+require "spec_helper"
 
 describe Spdx do
-  describe 'find' do
-    it 'should return know license from short code' do
-      expect(Spdx.find('Apache-2.0').name).to eq('Apache License 2.0')
+  describe "find" do
+    it "should return know license from short code" do
+      expect(Spdx.find("Apache-2.0").name).to eq("Apache License 2.0")
     end
 
-    it 'should work with case-insentive short codes' do
-      expect(Spdx.find('apache-2.0').name).to eq('Apache License 2.0')
-      expect(Spdx.find('agpl-3.0').name).to eq('GNU Affero General Public License v3.0')
+    it "should work with case-insentive short codes" do
+      expect(Spdx.find("apache-2.0").name).to eq("Apache License 2.0")
+      expect(Spdx.find("agpl-3.0").name).to eq("GNU Affero General Public License v3.0")
     end
 
-    it 'should return know license from full name' do
-      expect(Spdx.find('Apache License 2.0').name).to eq('Apache License 2.0')
+    it "should return know license from full name" do
+      expect(Spdx.find("Apache License 2.0").name).to eq("Apache License 2.0")
     end
 
-    it 'should return nil for commercial' do
-      expect(Spdx.find('Commercial')).to be_nil
+    it "should return nil for commercial" do
+      expect(Spdx.find("Commercial")).to be_nil
     end
 
-    it 'should return nil for garbage' do
-      expect(Spdx.find('foo bar baz')).to be_nil
-      expect(Spdx.find('Copyright Zendesk. All Rights Reserved.')).to be_nil
-      expect(Spdx.find('https://github.com/AuthorizeNet/sdk-ruby/blob/master/license.txt')).to be_nil
+    it "should return nil for garbage" do
+      expect(Spdx.find("foo bar baz")).to be_nil
+      expect(Spdx.find("https://github.com/AuthorizeNet/sdk-ruby/blob/master/license.txt")).to be_nil
     end
 
-    it 'should return know license from an alias' do
-      expect(Spdx.find('The Apache Software License, Version 2.0').name).to eq('Apache License 2.0')
-      expect(Spdx.find('Apache 2.0').name).to eq('Apache License 2.0')
-      expect(Spdx.find('Apache2').name).to eq('Apache License 2.0')
-      expect(Spdx.find('Apache License, Version 2.0').name).to eq('Apache License 2.0')
-      expect(Spdx.find('Educational Community License, Version 2.0').name).to eq('Educational Community License v2.0')
-      expect(Spdx.find('CDDL + GPLv2 with classpath exception').name).to \
-        eq('GNU General Public License v2.0 w/Classpath exception')
-      expect(Spdx.find('The MIT License').name).to eq('MIT License')
-      expect(Spdx.find('UNLICENSE').name).to eq('The Unlicense')
+    it "should return know license from an alias" do
+      expect(Spdx.find("The Apache Software License, Version 2.0").name).to eq("Apache License 2.0")
+      expect(Spdx.find("Apache 2.0").name).to eq("Apache License 2.0")
+      expect(Spdx.find("Apache2").name).to eq("Apache License 2.0")
+      expect(Spdx.find("Apache License, Version 2.0").name).to eq("Apache License 2.0")
+      expect(Spdx.find("Educational Community License, Version 2.0").name).to eq("Educational Community License v2.0")
+      expect(Spdx.find("CDDL + GPLv2 with classpath exception").name).to \
+        eq("GNU General Public License v2.0 w/Classpath exception")
+      expect(Spdx.find("The MIT License").name).to eq("MIT License")
+      expect(Spdx.find("UNLICENSE").name).to eq("The Unlicense")
     end
 
-    it 'should strip whitespace from strings before lookups' do
-      expect(Spdx.find(' BSD-3-Clause').id).to eq('BSD-3-Clause')
+    it "should strip whitespace from strings before lookups" do
+      expect(Spdx.find(" BSD-3-Clause").id).to eq("BSD-3-Clause")
     end
 
-    it 'should handle pypi classifiers properly' do
+    it "should handle pypi classifiers properly" do
       pypi_mappings = [
-        ['Aladdin Free Public License (AFPL)', 'Aladdin'],
-        ['CC0 1.0 Universal (CC0 1.0) Public Domain Dedication', 'CC0-1.0'],
-        ['CeCILL-B Free Software License Agreement (CECILL-B)', 'CECILL-B'],
-        ['CeCILL-C Free Software License Agreement (CECILL-C)', 'CECILL-C'],
-        ['Eiffel Forum License (EFL)', 'EFL-2.0'],
-        ['Netscape Public License (NPL)', 'NPL-1.1'],
-        ['Nokia Open Source License (NOKOS)', 'Nokia'],
-        ['Academic Free License (AFL)', 'AFL-3.0'],
-        ['Apache Software License', 'Apache-2.0'],
-        ['Apple Public Source License', 'APSL-2.0'],
-        ['Artistic License', 'Artistic-2.0'],
-        ['Attribution Assurance License', 'AAL'],
-        ['Boost Software License 1.0 (BSL-1.0)', 'BSL-1.0'],
-        ['BSD License', 'BSD-3-Clause'],
-        ['Common Development and Distribution License 1.0 (CDDL-1.0)', 'CDDL-1.0'],
-        ['Common Public License', 'CPL-1.0'],
-        ['Eclipse Public License 1.0 (EPL-1.0)', 'EPL-1.0'],
-        ['Eclipse Public License 2.0 (EPL-2.0)', 'EPL-2.0'],
-        ['Eiffel Forum License', 'EFL-2.0'],
-        ['European Union Public Licence 1.0 (EUPL 1.0)', 'EUPL-1.0'],
-        ['European Union Public Licence 1.1 (EUPL 1.1)', 'EUPL-1.1'],
-        ['European Union Public Licence 1.2 (EUPL 1.2)', 'EUPL-1.2'],
-        ['GNU Affero General Public License v3', 'AGPL-3.0'],
-        ['GNU Affero General Public License v3 or later (AGPLv3+)', 'AGPL-3.0-or-later'],
-        ['GNU Free Documentation License (FDL)', 'GFDL-1.3'],
-        ['GNU General Public License (GPL)', 'GPL-2.0+'],
-        ['GNU General Public License v2 (GPLv2)', 'GPL-2.0'],
-        ['GNU General Public License v2 or later (GPLv2+)', 'GPL-2.0+'],
-        ['GNU General Public License v3 (GPLv3)', 'GPL-3.0'],
-        ['GNU General Public License v3 or later (GPLv3+)', 'GPL-3.0+'],
-        ['GNU Lesser General Public License v2 (LGPLv2)', 'LGPL-2.0'],
-        ['GNU Lesser General Public License v2 or later (LGPLv2+)', 'LGPL-2.0+'],
-        ['GNU Lesser General Public License v3 (LGPLv3)', 'LGPL-3.0'],
-        ['GNU Lesser General Public License v3 or later (LGPLv3+)', 'LGPL-3.0+'],
-        ['GNU Library or Lesser General Public License (LGPL)', 'LGPL-2.0+'],
-        ['IBM Public License', 'IPL-1.0'],
-        ['Intel Open Source License', 'Intel'],
-        ['ISC License (ISCL)', 'ISC'],
-        ['MirOS License (MirOS)', 'MirOS'],
-        ['MIT License', 'MIT'],
-        ['Motosoto License', 'Motosoto'],
-        ['Mozilla Public License 1.0 (MPL)', 'MPL-1.0'],
-        ['Mozilla Public License 1.1 (MPL 1.1)', 'MPL-1.1'],
-        ['Mozilla Public License 2.0 (MPL 2.0)', 'MPL-2.0'],
-        ['Nethack General Public License', 'NGPL'],
-        ['Nokia Open Source License', 'Nokia'],
-        ['Open Group Test Suite License', 'OGTSL'],
-        ['PostgreSQL License', 'PostgreSQL'],
-        ['Python License (CNRI Python License)', 'CNRI-Python'],
-        ['Python Software Foundation License', 'Python-2.0'],
-        ['Qt Public License (QPL)', 'QPL-1.0'],
-        ['Ricoh Source Code Public License', 'RSCPL'],
-        ['SIL Open Font License 1.1 (OFL-1.1)', 'OFL-1.1'],
-        ['Sleepycat License', 'Sleepycat'],
-        ['Sun Industry Standards Source License (SISSL)', 'SISSL-1.2'],
-        ['Sun Public License', 'SPL-1.0'],
-        ['Universal Permissive License (UPL)', 'UPL-1.0'],
-        ['University of Illinois/NCSA Open Source License', 'NCSA'],
-        ['Vovida Software License 1.0', 'VSL-1.0'],
-        ['W3C License', 'W3C'],
-        ['X.Net License', 'Xnet'],
-        ['zlib/libpng License', 'zlib-acknowledgement'],
-        ['Zope Public License', 'ZPL-2.1']
+        ["Aladdin Free Public License (AFPL)", "Aladdin"],
+        ["CC0 1.0 Universal (CC0 1.0) Public Domain Dedication", "CC0-1.0"],
+        ["CeCILL-B Free Software License Agreement (CECILL-B)", "CECILL-B"],
+        ["CeCILL-C Free Software License Agreement (CECILL-C)", "CECILL-C"],
+        ["Eiffel Forum License (EFL)", "EFL-2.0"],
+        ["Netscape Public License (NPL)", "NPL-1.1"],
+        ["Nokia Open Source License (NOKOS)", "Nokia"],
+        ["Academic Free License (AFL)", "AFL-3.0"],
+        ["Apache Software License", "Apache-2.0"],
+        ["Apple Public Source License", "APSL-2.0"],
+        ["Artistic License", "Artistic-2.0"],
+        ["Attribution Assurance License", "AAL"],
+        ["Boost Software License 1.0 (BSL-1.0)", "BSL-1.0"],
+        ["BSD License", "BSD-3-Clause"],
+        ["Common Development and Distribution License 1.0 (CDDL-1.0)", "CDDL-1.0"],
+        ["Common Public License", "CPL-1.0"],
+        ["Eclipse Public License 1.0 (EPL-1.0)", "EPL-1.0"],
+        ["Eclipse Public License 2.0 (EPL-2.0)", "EPL-2.0"],
+        ["Eiffel Forum License", "EFL-2.0"],
+        ["European Union Public Licence 1.0 (EUPL 1.0)", "EUPL-1.0"],
+        ["European Union Public Licence 1.1 (EUPL 1.1)", "EUPL-1.1"],
+        ["European Union Public Licence 1.2 (EUPL 1.2)", "EUPL-1.2"],
+        ["GNU Affero General Public License v3", "AGPL-3.0"],
+        ["GNU Affero General Public License v3 or later (AGPLv3+)", "AGPL-3.0-or-later"],
+        ["GNU Free Documentation License (FDL)", "GFDL-1.3"],
+        ["GNU General Public License (GPL)", "GPL-2.0+"],
+        ["GNU General Public License v2 (GPLv2)", "GPL-2.0"],
+        ["GNU General Public License v2 or later (GPLv2+)", "GPL-2.0+"],
+        ["GNU General Public License v3 (GPLv3)", "GPL-3.0"],
+        ["GNU General Public License v3 or later (GPLv3+)", "GPL-3.0+"],
+        ["GNU Lesser General Public License v2 (LGPLv2)", "LGPL-2.0"],
+        ["GNU Lesser General Public License v2 or later (LGPLv2+)", "LGPL-2.0+"],
+        ["GNU Lesser General Public License v3 (LGPLv3)", "LGPL-3.0"],
+        ["GNU Lesser General Public License v3 or later (LGPLv3+)", "LGPL-3.0+"],
+        ["GNU Library or Lesser General Public License (LGPL)", "LGPL-2.0+"],
+        ["IBM Public License", "IPL-1.0"],
+        ["Intel Open Source License", "Intel"],
+        ["ISC License (ISCL)", "ISC"],
+        # ['MirOS License (MirOS)', 'MirOS'],
+        ["MIT License", "MIT"],
+        ["Motosoto License", "Motosoto"],
+        ["Mozilla Public License 1.0 (MPL)", "MPL-1.0"],
+        ["Mozilla Public License 1.1 (MPL 1.1)", "MPL-1.1"],
+        ["Mozilla Public License 2.0 (MPL 2.0)", "MPL-2.0"],
+        ["Nethack General Public License", "NGPL"],
+        ["Nokia Open Source License", "Nokia"],
+        ["Open Group Test Suite License", "OGTSL"],
+        ["PostgreSQL License", "PostgreSQL"],
+        ["Python License (CNRI Python License)", "CNRI-Python"],
+        # ['Python Software Foundation License', 'Python-2.0'],
+        ["Qt Public License (QPL)", "QPL-1.0"],
+        ["Ricoh Source Code Public License", "RSCPL"],
+        ["SIL Open Font License 1.1 (OFL-1.1)", "OFL-1.1"],
+        ["Sleepycat License", "Sleepycat"],
+        ["Sun Industry Standards Source License (SISSL)", "SISSL-1.2"],
+        ["Sun Public License", "SPL-1.0"],
+        ["Universal Permissive License (UPL)", "UPL-1.0"],
+        ["University of Illinois/NCSA Open Source License", "NCSA"],
+        ["Vovida Software License 1.0", "VSL-1.0"],
+        ["W3C License", "W3C"],
+        ["X.Net License", "Xnet"],
+        ["zlib/libpng License", "zlib-acknowledgement"],
+        ["Zope Public License", "ZPL-2.1"],
       ]
       pypi_mappings.each do |license, mapped|
         expect(Spdx.find(license).id).to eq(mapped)
       end
     end
 
-    it 'should return know licenses for special cases' do
-      expect(Spdx.find('MPL1').name).to eq('Mozilla Public License 1.0')
-      expect(Spdx.find('MPL1.0').name).to eq('Mozilla Public License 1.0')
-      expect(Spdx.find('MPL1.1').name).to eq('Mozilla Public License 1.1')
-      expect(Spdx.find('MPL2').name).to eq('Mozilla Public License 2.0')
-      expect(Spdx.find('MPL2.0').name).to eq('Mozilla Public License 2.0')
-      expect(Spdx.find('GPL3').name).to eq('GNU General Public License v3.0 only')
-      expect(Spdx.find('GPL v3').name).to eq('GNU General Public License v3.0 only')
-      expect(Spdx.find('GPL3').name).to eq('GNU General Public License v3.0 only')
-      expect(Spdx.find('GPL 3.0').name).to eq('GNU General Public License v3.0 only')
-      expect(Spdx.find('GPL-3').name).to eq('GNU General Public License v3.0 only')
-      expect(Spdx.find('GPL-2 | GPL-3 [expanded from: GPL (≥ 2)]').name).to \
-        eq('GNU General Public License v2.0 or later')
-      expect(Spdx.find('GPL-2 | GPL-3 [expanded from: GPL]').name).to \
-        eq('GNU General Public License v2.0 or later')
-      expect(Spdx.find('GPL (≥ 3)').name).to eq('GNU General Public License v3.0 or later')
-      expect(Spdx.find('gpl30').name).to eq('GNU General Public License v3.0 only')
-      expect(Spdx.find('GPL v2+').name).to eq('GNU General Public License v2.0 or later')
-      expect(Spdx.find('GPL 2').name).to eq('GNU General Public License v2.0 only')
-      expect(Spdx.find('GPL v2').name).to eq('GNU General Public License v2.0 only')
-      expect(Spdx.find('GPL2').name).to eq('GNU General Public License v2.0 only')
-      expect(Spdx.find('GPL-2 | GPL-3').name).to eq('GNU General Public License v2.0 or later')
-      expect(Spdx.find('GPL-2 | GPL-3 [expanded from: GPL (≥ 2.0)]').name).to \
-        eq('GNU General Public License v2.0 or later')
-      expect(Spdx.find('GPL2 w/ CPE').name).to eq('GNU General Public License v2.0 w/Classpath exception')
-      expect(Spdx.find('GPL 2.0').name).to eq('GNU General Public License v2.0 only')
-      expect(Spdx.find('New BSD License (GPL-compatible)').name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find('The GPL V3').name).to eq('GNU General Public License v3.0 only')
-      expect(Spdx.find('perl_5').name).to eq('Artistic License 1.0 (Perl)')
-      expect(Spdx.find('BSD3').name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find('BSD').name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find('GPLv3').name).to eq('GNU General Public License v3.0 only')
-      expect(Spdx.find('LGPLv2 or later').name).to eq('GNU Library General Public License v2.1 or later')
-      expect(Spdx.find('GPLv2 or later').name).to eq('GNU General Public License v2.0 or later')
-      expect(Spdx.find('Public Domain').name).to eq('The Unlicense')
-      expect(Spdx.find('GPL-2').name).to eq('GNU General Public License v2.0 only')
-      expect(Spdx.find('GPL').name).to eq('GNU General Public License v2.0 or later')
-      expect(Spdx.find('GNU LESSER GENERAL PUBLIC LICENSE').name).to \
-        eq('GNU Library General Public License v2.1 or later')
-      expect(Spdx.find('New BSD License').name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find('(MIT OR X11) ').name).to eq('MIT License')
-      expect(Spdx.find('mit-license').name).to eq('MIT License')
-      expect(Spdx.find('lgpl-3').name).to eq('GNU Lesser General Public License v3.0 only')
-      expect(Spdx.find('agpl-3').name).to eq('GNU Affero General Public License v3.0')
-      expect(Spdx.find('cc by-sa 4.0').name).to eq('Creative Commons Attribution Share Alike 4.0 International')
-      expect(Spdx.find('cc by-nc-sa 3.0').name).to \
-        eq('Creative Commons Attribution Non Commercial Share Alike 3.0 Unported')
-      expect(Spdx.find('cc by-sa 3.0').name).to eq('Creative Commons Attribution Share Alike 3.0 Unported')
-      expect(Spdx.find('gpl_1').name).to eq('GNU General Public License v1.0 only')
-      expect(Spdx.find('gpl_2').name).to eq('GNU General Public License v2.0 only')
-      expect(Spdx.find('gpl_3').name).to eq('GNU General Public License v3.0 only')
-      expect(Spdx.find('artistic_2').name).to eq('Artistic License 2.0')
-      expect(Spdx.find('artistic_1').name).to eq('Artistic License 1.0')
-      expect(Spdx.find('apache_2_0').name).to eq('Apache License 2.0')
-      expect(Spdx.find('apache_v2').name).to eq('Apache License 2.0')
-      expect(Spdx.find('lgpl_2_1').name).to eq('GNU Lesser General Public License v2.1 only')
-      expect(Spdx.find('lgpl_v2_1').name).to eq('GNU Lesser General Public License v2.1 only')
+    it "should return know licenses for special cases" do
+      expect(Spdx.find("MPL1").name).to eq("Mozilla Public License 1.0")
+      expect(Spdx.find("MPL1.0").name).to eq("Mozilla Public License 1.0")
+      expect(Spdx.find("MPL1.1").name).to eq("Mozilla Public License 1.1")
+      expect(Spdx.find("MPL2").name).to eq("Mozilla Public License 2.0")
+      expect(Spdx.find("MPL2.0").name).to eq("Mozilla Public License 2.0")
+      expect(Spdx.find("GPL3").name).to eq("GNU General Public License v3.0 only")
+      expect(Spdx.find("GPL v3").name).to eq("GNU General Public License v3.0 only")
+      expect(Spdx.find("GPL3").name).to eq("GNU General Public License v3.0 only")
+      expect(Spdx.find("GPL 3.0").name).to eq("GNU General Public License v3.0 only")
+      expect(Spdx.find("GPL-3").name).to eq("GNU General Public License v3.0 only")
+      expect(Spdx.find("GPL-2 | GPL-3 [expanded from: GPL (≥ 2)]").name).to \
+        eq("GNU General Public License v2.0 or later")
+      expect(Spdx.find("GPL-2 | GPL-3 [expanded from: GPL]").name).to \
+        eq("GNU General Public License v2.0 or later")
+      expect(Spdx.find("GPL (≥ 3)").name).to eq("GNU General Public License v3.0 or later")
+      expect(Spdx.find("gpl30").name).to eq("GNU General Public License v3.0 only")
+      expect(Spdx.find("GPL v2+").name).to eq("GNU General Public License v2.0 or later")
+      expect(Spdx.find("GPL 2").name).to eq("GNU General Public License v2.0 only")
+      expect(Spdx.find("GPL v2").name).to eq("GNU General Public License v2.0 only")
+      expect(Spdx.find("GPL2").name).to eq("GNU General Public License v2.0 only")
+      expect(Spdx.find("GPL-2 | GPL-3").name).to eq("GNU General Public License v2.0 or later")
+      expect(Spdx.find("GPL-2 | GPL-3 [expanded from: GPL (≥ 2.0)]").name).to \
+        eq("GNU General Public License v2.0 or later")
+      expect(Spdx.find("GPL2 w/ CPE").name).to eq("GNU General Public License v2.0 w/Classpath exception")
+      expect(Spdx.find("GPL 2.0").name).to eq("GNU General Public License v2.0 only")
+      expect(Spdx.find("New BSD License (GPL-compatible)").name).to eq('BSD 3-Clause "New" or "Revised" License')
+      expect(Spdx.find("The GPL V3").name).to eq("GNU General Public License v3.0 only")
+      expect(Spdx.find("perl_5").name).to eq("Artistic License 1.0 (Perl)")
+      expect(Spdx.find("BSD3").name).to eq('BSD 3-Clause "New" or "Revised" License')
+      expect(Spdx.find("BSD").name).to eq('BSD 3-Clause "New" or "Revised" License')
+      expect(Spdx.find("GPLv3").name).to eq("GNU General Public License v3.0 only")
+      expect(Spdx.find("LGPLv2 or later").name).to eq("GNU Library General Public License v2.1 or later")
+      expect(Spdx.find("GPLv2 or later").name).to eq("GNU General Public License v2.0 or later")
+      expect(Spdx.find("Public Domain").name).to eq("The Unlicense")
+      expect(Spdx.find("GPL-2").name).to eq("GNU General Public License v2.0 only")
+      expect(Spdx.find("GPL").name).to eq("GNU General Public License v2.0 or later")
+      expect(Spdx.find("GNU LESSER GENERAL PUBLIC LICENSE").name).to \
+        eq("GNU Library General Public License v2.1 or later")
+      expect(Spdx.find("New BSD License").name).to eq('BSD 3-Clause "New" or "Revised" License')
+      expect(Spdx.find("(MIT OR X11) ").name).to eq("MIT License")
+      expect(Spdx.find("mit-license").name).to eq("MIT License")
+      expect(Spdx.find("lgpl-3").name).to eq("GNU Lesser General Public License v3.0 only")
+      expect(Spdx.find("agpl-3").name).to eq("GNU Affero General Public License v3.0")
+      expect(Spdx.find("cc by-sa 4.0").name).to eq("Creative Commons Attribution Share Alike 4.0 International")
+      expect(Spdx.find("cc by-nc-sa 3.0").name).to \
+        eq("Creative Commons Attribution Non Commercial Share Alike 3.0 Unported")
+      expect(Spdx.find("cc by-sa 3.0").name).to eq("Creative Commons Attribution Share Alike 3.0 Unported")
+      expect(Spdx.find("gpl_1").name).to eq("GNU General Public License v1.0 only")
+      expect(Spdx.find("gpl_2").name).to eq("GNU General Public License v2.0 only")
+      expect(Spdx.find("gpl_3").name).to eq("GNU General Public License v3.0 only")
+      expect(Spdx.find("artistic_2").name).to eq("Artistic License 2.0")
+      expect(Spdx.find("artistic_1").name).to eq("Artistic License 1.0")
+      expect(Spdx.find("apache_2_0").name).to eq("Apache License 2.0")
+      expect(Spdx.find("apache_v2").name).to eq("Apache License 2.0")
+      expect(Spdx.find("lgpl_2_1").name).to eq("GNU Lesser General Public License v2.1 only")
+      expect(Spdx.find("lgpl_v2_1").name).to eq("GNU Lesser General Public License v2.1 only")
 
-      expect(Spdx.find('BSD 3-Clause').name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find('BSD 3-Clause').name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find('BSD 2-Clause').name).to eq('BSD 2-Clause "Simplified" License')
-      expect(Spdx.find('BSD 2-clause').name).to eq('BSD 2-Clause "Simplified" License')
-      expect(Spdx.find('BSD Style').name).to eq('BSD 3-Clause "New" or "Revised" License')
+      expect(Spdx.find("BSD 3-Clause").name).to eq('BSD 3-Clause "New" or "Revised" License')
+      expect(Spdx.find("BSD 3-Clause").name).to eq('BSD 3-Clause "New" or "Revised" License')
+      expect(Spdx.find("BSD 2-Clause").name).to eq('BSD 2-Clause "Simplified" License')
+      expect(Spdx.find("BSD 2-clause").name).to eq('BSD 2-Clause "Simplified" License')
+      expect(Spdx.find("BSD Style").name).to eq('BSD 3-Clause "New" or "Revised" License')
 
-      expect(Spdx.find('GNU LGPL v3+').name).to eq('GNU Lesser General Public License v3.0 only')
-      expect(Spdx.find('ZPL 2.1').name).to eq('Zope Public License 2.1')
+      expect(Spdx.find("GNU LGPL v3+").name).to eq("GNU Lesser General Public License v3.0 only")
+      expect(Spdx.find("ZPL 2.1").name).to eq("Zope Public License 2.1")
+    end
+  end
+  context "spdx parsing" do
+    context "valid_spdx?" do
+      it "returns false for invalid spdx" do
+        expect(Spdx.valid_spdx?("AND AND")).to be false
+        expect(Spdx.valid_spdx?("MIT OR MIT AND OR")).to be false
+        expect(Spdx.valid_spdx?("MIT OR FAKEYLICENSE")).to be false
+        expect(Spdx.valid_spdx?(nil)).to be false
+        expect(Spdx.valid_spdx?("")).to be false
+      end
+      it "returns true for valid spdx" do
+        expect(Spdx.valid_spdx?("(MIT OR MPL-2.0)")).to be true
+        expect(Spdx.valid_spdx?("MIT")).to be true
+        expect(Spdx.valid_spdx?("((MIT OR AGPL-1.0) AND (MIT OR MPL-2.0))")).to be true
+      end
+      it "returns true for NONE and NOASSERTION" do
+        expect(Spdx.valid_spdx?("NONE")).to be true
+        expect(Spdx.valid_spdx?("(NONE)")).to be false
+        expect(Spdx.valid_spdx?("NOASSERTION")).to be true
+        expect(Spdx.valid_spdx?("MIT OR NONE")).to be false
+      end
+    end
+  end
+  context "alias lookup" do
+    it "returns false for an alias that doesn't exist" do
+      expect(Spdx.alias_exists?("FAKEALIAS")).to be false
+    end
+  end
+  context "licenses" do
+    it "returns a list of possible licenses" do
+      expect(Spdx.parse_spdx("MIT OR MPL-2.0").licenses).to eq ["MIT", "MPL-2.0"]
+    end
+    it "returns empty array for NONE or NOASSERTION" do
+      expect(Spdx.parse_spdx("NONE").licenses).to eq []
+      expect(Spdx.parse_spdx("NOASSERTION").licenses).to eq []
     end
   end
 end

data/spec/spec_helper.rb

@@ -1,2 +1,4 @@
-require 'bundler/setup'
-require 'spdx'
+# frozen_string_literal: true
+
+require "bundler/setup"
+require "spdx"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: spdx
 version: !ruby/object:Gem::Version
-  version: 1.4.4
+  version: 2.0.5
 platform: ruby
 authors:
-- Andrew Nesbitt
+- Tidelift, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-05-10 00:00:00.000000000 Z
+date: 2020-05-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: fuzzy_match
@@ -25,33 +25,47 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '2.1'
 - !ruby/object:Gem::Dependency
-  name: spdx-licenses
+  name: treetop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '1.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '1.6'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.16'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.16'
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -96,8 +110,9 @@ dependencies:
         version: '0'
 description: 
 email:
-- andrewnez@gmail.com
-executables: []
+- support@tidelift.com
+executables:
+- update-license-files
 extensions: []
 extra_rdoc_files: []
 files:
@@ -114,8 +129,17 @@ files:
 - LICENSE.txt
 - README.md
 - Rakefile
+- aliases.json
+- bin/update-license-files
+- exceptions.json
+- lib/exception.rb
+- lib/license.rb
 - lib/spdx.rb
 - lib/spdx/version.rb
+- lib/spdx_grammar.rb
+- lib/spdx_parser.rb
+- lib/spdx_parser.treetop
+- licenses.json
 - spdx.gemspec
 - spec/spdx_spec.rb
 - spec/spec_helper.rb
@@ -138,8 +162,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.13
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: A SPDX license normalizer