spdx 2.0.10 → 3.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
9
9
  spec.version = Spdx::VERSION
10
10
  spec.authors = ["Tidelift, Inc."]
11
11
  spec.email = ["support@tidelift.com"]
12
- spec.summary = "A SPDX license normalizer"
12
+ spec.summary = "A SPDX license parser"
13
13
  spec.homepage = "https://github.com/librariesio/spdx"
14
14
  spec.license = "MIT"
15
15
 
@@ -18,7 +18,6 @@ Gem::Specification.new do |spec|
18
18
  spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
19
19
  spec.require_paths = ["lib"]
20
20
 
21
- spec.add_dependency "fuzzy_match", "~> 2.1"
22
21
  spec.add_dependency "treetop", "~> 1.6"
23
22
  spec.add_development_dependency "bundler"
24
23
  spec.add_development_dependency "pry"
@@ -3,183 +3,6 @@
3
3
  require "spec_helper"
4
4
 
5
5
  describe Spdx do
6
- describe "find" do
7
- it "should return know license from short code" do
8
- expect(Spdx.find("Apache-2.0").name).to eq("Apache License 2.0")
9
- end
10
-
11
- it "should work with case-insentive short codes" do
12
- expect(Spdx.find("apache-2.0").name).to eq("Apache License 2.0")
13
- expect(Spdx.find("agpl-3.0").name).to eq("GNU Affero General Public License v3.0")
14
- end
15
-
16
- it "should return know license from full name" do
17
- expect(Spdx.find("Apache License 2.0").name).to eq("Apache License 2.0")
18
- end
19
-
20
- it "should return nil for commercial" do
21
- expect(Spdx.find("Commercial")).to be_nil
22
- end
23
-
24
- it "should return nil for garbage" do
25
- expect(Spdx.find("foo bar baz")).to be_nil
26
- expect(Spdx.find("https://github.com/AuthorizeNet/sdk-ruby/blob/master/license.txt")).to be_nil
27
- end
28
-
29
- it "should return know license from an alias" do
30
- expect(Spdx.find("The Apache Software License, Version 2.0").name).to eq("Apache License 2.0")
31
- expect(Spdx.find("Apache2").name).to eq("Apache License 2.0")
32
- expect(Spdx.find("Apache License, Version 2.0").name).to eq("Apache License 2.0")
33
- expect(Spdx.find("Educational Community License, Version 2.0").name).to eq("Educational Community License v2.0")
34
- expect(Spdx.find("CDDL + GPLv2 with classpath exception").name).to \
35
- eq("GNU General Public License v2.0 w/Classpath exception")
36
- expect(Spdx.find("The MIT License").name).to eq("MIT License")
37
- expect(Spdx.find("UNLICENSE").name).to eq("The Unlicense")
38
- end
39
-
40
- it "should strip whitespace from strings before lookups" do
41
- expect(Spdx.find(" BSD-3-Clause").id).to eq("BSD-3-Clause")
42
- end
43
-
44
- it "should handle pypi classifiers properly" do
45
- pypi_mappings = [
46
- ["Aladdin Free Public License (AFPL)", "Aladdin"],
47
- ["CC0 1.0 Universal (CC0 1.0) Public Domain Dedication", "CC0-1.0"],
48
- ["CeCILL-B Free Software License Agreement (CECILL-B)", "CECILL-B"],
49
- ["CeCILL-C Free Software License Agreement (CECILL-C)", "CECILL-C"],
50
- ["Eiffel Forum License (EFL)", "EFL-2.0"],
51
- ["Netscape Public License (NPL)", "NPL-1.1"],
52
- ["Nokia Open Source License (NOKOS)", "Nokia"],
53
- ["Academic Free License (AFL)", "AFL-3.0"],
54
- ["Apache Software License", "Apache-2.0"],
55
- ["Apple Public Source License", "APSL-2.0"],
56
- ["Artistic License", "Artistic-2.0"],
57
- ["Attribution Assurance License", "AAL"],
58
- ["Boost Software License 1.0 (BSL-1.0)", "BSL-1.0"],
59
- ["BSD License", "BSD-3-Clause"],
60
- ["Common Development and Distribution License 1.0 (CDDL-1.0)", "CDDL-1.0"],
61
- ["Common Public License", "CPL-1.0"],
62
- ["Eclipse Public License 1.0 (EPL-1.0)", "EPL-1.0"],
63
- ["Eclipse Public License 2.0 (EPL-2.0)", "EPL-2.0"],
64
- ["Eiffel Forum License", "EFL-2.0"],
65
- ["European Union Public Licence 1.0 (EUPL 1.0)", "EUPL-1.0"],
66
- ["European Union Public Licence 1.1 (EUPL 1.1)", "EUPL-1.1"],
67
- ["European Union Public Licence 1.2 (EUPL 1.2)", "EUPL-1.2"],
68
- ["GNU Affero General Public License v3", "AGPL-3.0"],
69
- ["GNU Affero General Public License v3 or later (AGPLv3+)", "AGPL-3.0-or-later"],
70
- ["GNU Free Documentation License (FDL)", "GFDL-1.3"],
71
- ["GNU General Public License (GPL)", "GPL-2.0+"],
72
- ["GNU General Public License v2 (GPLv2)", "GPL-2.0"],
73
- ["GNU General Public License v2 or later (GPLv2+)", "GPL-2.0+"],
74
- ["GNU General Public License v3 (GPLv3)", "GPL-3.0"],
75
- ["GNU General Public License v3 or later (GPLv3+)", "GPL-3.0+"],
76
- ["GNU Lesser General Public License v2 (LGPLv2)", "LGPL-2.0"],
77
- ["GNU Lesser General Public License v2 or later (LGPLv2+)", "LGPL-2.0+"],
78
- ["GNU Lesser General Public License v3 (LGPLv3)", "LGPL-3.0"],
79
- ["GNU Lesser General Public License v3 or later (LGPLv3+)", "LGPL-3.0+"],
80
- ["GNU Library or Lesser General Public License (LGPL)", "LGPL-2.0+"],
81
- ["IBM Public License", "IPL-1.0"],
82
- ["Intel Open Source License", "Intel"],
83
- ["ISC License (ISCL)", "ISC"],
84
- # ['MirOS License (MirOS)', 'MirOS'],
85
- ["MIT License", "MIT"],
86
- ["Motosoto License", "Motosoto"],
87
- ["Mozilla Public License 1.0 (MPL)", "MPL-1.0"],
88
- ["Mozilla Public License 1.1 (MPL 1.1)", "MPL-1.1"],
89
- ["Mozilla Public License 2.0 (MPL 2.0)", "MPL-2.0"],
90
- ["Nethack General Public License", "NGPL"],
91
- ["Nokia Open Source License", "Nokia"],
92
- ["Open Group Test Suite License", "OGTSL"],
93
- ["PostgreSQL License", "PostgreSQL"],
94
- ["Python License (CNRI Python License)", "CNRI-Python"],
95
- # ['Python Software Foundation License', 'Python-2.0'],
96
- ["Qt Public License (QPL)", "QPL-1.0"],
97
- ["Ricoh Source Code Public License", "RSCPL"],
98
- ["SIL Open Font License 1.1 (OFL-1.1)", "OFL-1.1"],
99
- ["Sleepycat License", "Sleepycat"],
100
- ["Sun Industry Standards Source License (SISSL)", "SISSL-1.2"],
101
- ["Sun Public License", "SPL-1.0"],
102
- ["Universal Permissive License (UPL)", "UPL-1.0"],
103
- ["University of Illinois/NCSA Open Source License", "NCSA"],
104
- ["Vovida Software License 1.0", "VSL-1.0"],
105
- ["W3C License", "W3C"],
106
- ["X.Net License", "Xnet"],
107
- ["zlib/libpng License", "zlib-acknowledgement"],
108
- ["Zope Public License", "ZPL-2.1"],
109
- ]
110
- pypi_mappings.each do |license, mapped|
111
- expect(Spdx.find(license).id).to eq(mapped)
112
- end
113
- end
114
-
115
- it "should return know licenses for special cases" do
116
- expect(Spdx.find("MPL1").name).to eq("Mozilla Public License 1.0")
117
- expect(Spdx.find("MPL1.0").name).to eq("Mozilla Public License 1.0")
118
- expect(Spdx.find("MPL1.1").name).to eq("Mozilla Public License 1.1")
119
- expect(Spdx.find("MPL2").name).to eq("Mozilla Public License 2.0")
120
- expect(Spdx.find("MPL2.0").name).to eq("Mozilla Public License 2.0")
121
- expect(Spdx.find("GPL3").name).to eq("GNU General Public License v3.0 only")
122
- expect(Spdx.find("GPL v3").name).to eq("GNU General Public License v3.0 only")
123
- expect(Spdx.find("GPL3").name).to eq("GNU General Public License v3.0 only")
124
- expect(Spdx.find("GPL 3.0").name).to eq("GNU General Public License v3.0 only")
125
- expect(Spdx.find("GPL-3").name).to eq("GNU General Public License v3.0 only")
126
- expect(Spdx.find("GPL-2 | GPL-3 [expanded from: GPL (≥ 2)]").name).to \
127
- eq("GNU General Public License v2.0 or later")
128
- expect(Spdx.find("GPL-2 | GPL-3 [expanded from: GPL]").name).to \
129
- eq("GNU General Public License v2.0 or later")
130
- expect(Spdx.find("GPL (≥ 3)").name).to eq("GNU General Public License v3.0 or later")
131
- expect(Spdx.find("gpl30").name).to eq("GNU General Public License v3.0 only")
132
- expect(Spdx.find("GPL v2+").name).to eq("GNU General Public License v2.0 or later")
133
- expect(Spdx.find("GPL 2").name).to eq("GNU General Public License v2.0 only")
134
- expect(Spdx.find("GPL v2").name).to eq("GNU General Public License v2.0 only")
135
- expect(Spdx.find("GPL2").name).to eq("GNU General Public License v2.0 only")
136
- expect(Spdx.find("GPL-2 | GPL-3").name).to eq("GNU General Public License v2.0 or later")
137
- expect(Spdx.find("GPL-2 | GPL-3 [expanded from: GPL (≥ 2.0)]").name).to \
138
- eq("GNU General Public License v2.0 or later")
139
- expect(Spdx.find("GPL2 w/ CPE").name).to eq("GNU General Public License v2.0 w/Classpath exception")
140
- expect(Spdx.find("GPL 2.0").name).to eq("GNU General Public License v2.0 only")
141
- expect(Spdx.find("New BSD License (GPL-compatible)").name).to eq('BSD 3-Clause "New" or "Revised" License')
142
- expect(Spdx.find("The GPL V3").name).to eq("GNU General Public License v3.0 only")
143
- expect(Spdx.find("perl_5").name).to eq("Artistic License 1.0 (Perl)")
144
- expect(Spdx.find("BSD3").name).to eq('BSD 3-Clause "New" or "Revised" License')
145
- expect(Spdx.find("BSD").name).to eq('BSD 3-Clause "New" or "Revised" License')
146
- expect(Spdx.find("GPLv3").name).to eq("GNU General Public License v3.0 only")
147
- expect(Spdx.find("LGPLv2 or later").name).to eq("GNU Library General Public License v2.1 or later")
148
- expect(Spdx.find("GPLv2 or later").name).to eq("GNU General Public License v2.0 or later")
149
- expect(Spdx.find("Public Domain").name).to eq("The Unlicense")
150
- expect(Spdx.find("GPL-2").name).to eq("GNU General Public License v2.0 only")
151
- expect(Spdx.find("GPL").name).to eq("GNU General Public License v2.0 or later")
152
- expect(Spdx.find("GNU LESSER GENERAL PUBLIC LICENSE").name).to \
153
- eq("GNU Library General Public License v2.1 or later")
154
- expect(Spdx.find("New BSD License").name).to eq('BSD 3-Clause "New" or "Revised" License')
155
- expect(Spdx.find("(MIT OR X11) ").name).to eq("MIT License")
156
- expect(Spdx.find("mit-license").name).to eq("MIT License")
157
- expect(Spdx.find("lgpl-3").name).to eq("GNU Lesser General Public License v3.0 only")
158
- expect(Spdx.find("agpl-3").name).to eq("GNU Affero General Public License v3.0")
159
- expect(Spdx.find("cc by-sa 4.0").name).to eq("Creative Commons Attribution Share Alike 4.0 International")
160
- expect(Spdx.find("cc by-nc-sa 3.0").name).to \
161
- eq("Creative Commons Attribution Non Commercial Share Alike 3.0 Unported")
162
- expect(Spdx.find("cc by-sa 3.0").name).to eq("Creative Commons Attribution Share Alike 3.0 Unported")
163
- expect(Spdx.find("gpl_1").name).to eq("GNU General Public License v1.0 only")
164
- expect(Spdx.find("gpl_2").name).to eq("GNU General Public License v2.0 only")
165
- expect(Spdx.find("gpl_3").name).to eq("GNU General Public License v3.0 only")
166
- expect(Spdx.find("artistic_2").name).to eq("Artistic License 2.0")
167
- expect(Spdx.find("artistic_1").name).to eq("Artistic License 1.0")
168
- expect(Spdx.find("apache_2_0").name).to eq("Apache License 2.0")
169
- expect(Spdx.find("apache_v2").name).to eq("Apache License 2.0")
170
- expect(Spdx.find("lgpl_2_1").name).to eq("GNU Lesser General Public License v2.1 only")
171
- expect(Spdx.find("lgpl_v2_1").name).to eq("GNU Lesser General Public License v2.1 only")
172
-
173
- expect(Spdx.find("BSD 3-Clause").name).to eq('BSD 3-Clause "New" or "Revised" License')
174
- expect(Spdx.find("BSD 3-Clause").name).to eq('BSD 3-Clause "New" or "Revised" License')
175
- expect(Spdx.find("BSD 2-Clause").name).to eq('BSD 2-Clause "Simplified" License')
176
- expect(Spdx.find("BSD 2-clause").name).to eq('BSD 2-Clause "Simplified" License')
177
- expect(Spdx.find("BSD Style").name).to eq('BSD 3-Clause "New" or "Revised" License')
178
-
179
- expect(Spdx.find("GNU LGPL v3+").name).to eq("GNU Lesser General Public License v3.0 only")
180
- expect(Spdx.find("ZPL 2.1").name).to eq("Zope Public License 2.1")
181
- end
182
- end
183
6
  context "spdx parsing" do
184
7
  context "valid_spdx?" do
185
8
  it "returns false for invalid spdx" do
@@ -188,11 +11,13 @@ describe Spdx do
188
11
  expect(Spdx.valid_spdx?("MIT OR FAKEYLICENSE")).to be false
189
12
  expect(Spdx.valid_spdx?(nil)).to be false
190
13
  expect(Spdx.valid_spdx?("")).to be false
14
+ expect(Spdx.valid_spdx?("MIT (MIT)")).to be false
191
15
  end
192
16
  it "returns true for valid spdx" do
193
17
  expect(Spdx.valid_spdx?("(MIT OR MPL-2.0)")).to be true
194
18
  expect(Spdx.valid_spdx?("MIT")).to be true
195
19
  expect(Spdx.valid_spdx?("((MIT OR AGPL-1.0) AND (MIT OR MPL-2.0))")).to be true
20
+ expect(Spdx.valid_spdx?("MIT OR (MIT)")).to be true
196
21
  end
197
22
  it "returns true for NONE and NOASSERTION" do
198
23
  expect(Spdx.valid_spdx?("NONE")).to be true
@@ -201,7 +26,17 @@ describe Spdx do
201
26
  expect(Spdx.valid_spdx?("MIT OR NONE")).to be false
202
27
  end
203
28
  it "returns true for + expression" do
204
- expect(Spdx.valid_spdx?("AGPL-1.0+"))
29
+ expect(Spdx.valid_spdx?("AGPL-3.0+")).to be true
30
+ end
31
+ it "is case insentive for license ids" do
32
+ expect(Spdx.valid_spdx?("mit OR agpl-3.0+")).to be true
33
+ end
34
+ it "handles LicenseRef" do
35
+ expect(Spdx.valid_spdx?("MIT OR LicenseRef-MIT-style-1")).to be true
36
+ end
37
+ it "handles DocumentRef" do
38
+ expect(Spdx.valid_spdx?("MIT OR DocumentRef-something-1:LicenseRef-MIT-style-1")).to be true
39
+ expect(Spdx.valid_spdx?("MIT OR DocumentRef-something-1")).to be false
205
40
  end
206
41
  end
207
42
  end
@@ -213,6 +48,12 @@ describe Spdx do
213
48
  expect(Spdx.parse_spdx("NONE").licenses).to eq []
214
49
  expect(Spdx.parse_spdx("NOASSERTION").licenses).to eq []
215
50
  end
51
+ it "returns LicenseRefs" do
52
+ expect(Spdx.parse_spdx("MIT OR LicenseRef-MIT-style-1").licenses).to eq %w[MIT LicenseRef-MIT-style-1]
53
+ end
54
+ it "returns DocumentRefs" do
55
+ expect(Spdx.parse_spdx("MIT OR DocumentRef-something-1:LicenseRef-MIT-style-1").licenses).to eq %w[MIT DocumentRef-something-1:LicenseRef-MIT-style-1]
56
+ end
216
57
  end
217
58
 
218
59
  context "exceptions" do
metadata CHANGED
@@ -1,29 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: spdx
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.10
4
+ version: 3.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Tidelift, Inc.
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-06-08 00:00:00.000000000 Z
11
+ date: 2020-11-11 00:00:00.000000000 Z
12
12
  dependencies:
13
- - !ruby/object:Gem::Dependency
14
- name: fuzzy_match
15
- requirement: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - "~>"
18
- - !ruby/object:Gem::Version
19
- version: '2.1'
20
- type: :runtime
21
- prerelease: false
22
- version_requirements: !ruby/object:Gem::Requirement
23
- requirements:
24
- - - "~>"
25
- - !ruby/object:Gem::Version
26
- version: '2.1'
27
13
  - !ruby/object:Gem::Dependency
28
14
  name: treetop
29
15
  requirement: !ruby/object:Gem::Requirement
@@ -161,11 +147,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
161
147
  - !ruby/object:Gem::Version
162
148
  version: '0'
163
149
  requirements: []
164
- rubyforge_project:
165
- rubygems_version: 2.7.4
150
+ rubygems_version: 3.1.2
166
151
  signing_key:
167
152
  specification_version: 4
168
- summary: A SPDX license normalizer
153
+ summary: A SPDX license parser
169
154
  test_files:
170
155
  - spec/spdx_spec.rb
171
156
  - spec/spec_helper.rb