RubyGems - spdx - Versions diffs - 2.0.11 → 4.0.0 - Mend

spdx 2.0.11 → 4.0.0

Files changed (12) hide show

data/spdx.gemspec CHANGED Viewed

@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
   spec.version       = Spdx::VERSION
   spec.authors       = ["Tidelift, Inc."]
   spec.email         = ["support@tidelift.com"]
-  spec.summary       = "A SPDX license normalizer"
+  spec.summary       = "A SPDX license parser"
   spec.homepage      = "https://github.com/librariesio/spdx"
   spec.license       = "MIT"
@@ -18,7 +18,6 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
-  spec.add_dependency "fuzzy_match", "~> 2.1"
   spec.add_dependency "treetop", "~> 1.6"
   spec.add_development_dependency "bundler"
   spec.add_development_dependency "pry"

data/spec/spdx_spec.rb CHANGED Viewed

@@ -3,227 +3,122 @@
 require "spec_helper"
 describe Spdx do
-  describe "find" do
-    it "should return know license from short code" do
-      expect(Spdx.find("Apache-2.0").name).to eq("Apache License 2.0")
-    end
-    it "should work with case-insentive short codes" do
-      expect(Spdx.find("apache-2.0").name).to eq("Apache License 2.0")
-      expect(Spdx.find("agpl-3.0").name).to eq("GNU Affero General Public License v3.0")
-    end
-    it "should return know license from full name" do
-      expect(Spdx.find("Apache License 2.0").name).to eq("Apache License 2.0")
-    end
-    it "should return nil for commercial" do
-      expect(Spdx.find("Commercial")).to be_nil
-    end
-    it "should return nil for garbage" do
-      expect(Spdx.find("foo bar baz")).to be_nil
-      expect(Spdx.find("https://github.com/AuthorizeNet/sdk-ruby/blob/master/license.txt")).to be_nil
-    end
-    it "should return know license from an alias" do
-      expect(Spdx.find("The Apache Software License, Version 2.0").name).to eq("Apache License 2.0")
-      expect(Spdx.find("Apache2").name).to eq("Apache License 2.0")
-      expect(Spdx.find("Apache License, Version 2.0").name).to eq("Apache License 2.0")
-      expect(Spdx.find("Educational Community License, Version 2.0").name).to eq("Educational Community License v2.0")
-      expect(Spdx.find("CDDL + GPLv2 with classpath exception").name).to \
-        eq("GNU General Public License v2.0 w/Classpath exception")
-      expect(Spdx.find("The MIT License").name).to eq("MIT License")
-      expect(Spdx.find("UNLICENSE").name).to eq("The Unlicense")
-    end
-    it "should strip whitespace from strings before lookups" do
-      expect(Spdx.find(" BSD-3-Clause").id).to eq("BSD-3-Clause")
-    end
-    it "should handle pypi classifiers properly" do
-      pypi_mappings = [
-        ["Aladdin Free Public License (AFPL)", "Aladdin"],
-        ["CC0 1.0 Universal (CC0 1.0) Public Domain Dedication", "CC0-1.0"],
-        ["CeCILL-B Free Software License Agreement (CECILL-B)", "CECILL-B"],
-        ["CeCILL-C Free Software License Agreement (CECILL-C)", "CECILL-C"],
-        ["Eiffel Forum License (EFL)", "EFL-2.0"],
-        ["Netscape Public License (NPL)", "NPL-1.1"],
-        ["Nokia Open Source License (NOKOS)", "Nokia"],
-        ["Academic Free License (AFL)", "AFL-3.0"],
-        ["Apache Software License", "Apache-2.0"],
-        ["Apple Public Source License", "APSL-2.0"],
-        ["Artistic License", "Artistic-2.0"],
-        ["Attribution Assurance License", "AAL"],
-        ["Boost Software License 1.0 (BSL-1.0)", "BSL-1.0"],
-        ["BSD License", "BSD-3-Clause"],
-        ["Common Development and Distribution License 1.0 (CDDL-1.0)", "CDDL-1.0"],
-        ["Common Public License", "CPL-1.0"],
-        ["Eclipse Public License 1.0 (EPL-1.0)", "EPL-1.0"],
-        ["Eclipse Public License 2.0 (EPL-2.0)", "EPL-2.0"],
-        ["Eiffel Forum License", "EFL-2.0"],
-        ["European Union Public Licence 1.0 (EUPL 1.0)", "EUPL-1.0"],
-        ["European Union Public Licence 1.1 (EUPL 1.1)", "EUPL-1.1"],
-        ["European Union Public Licence 1.2 (EUPL 1.2)", "EUPL-1.2"],
-        ["GNU Affero General Public License v3", "AGPL-3.0"],
-        ["GNU Affero General Public License v3 or later (AGPLv3+)", "AGPL-3.0-or-later"],
-        ["GNU Free Documentation License (FDL)", "GFDL-1.3"],
-        ["GNU General Public License (GPL)", "GPL-2.0+"],
-        ["GNU General Public License v2 (GPLv2)", "GPL-2.0"],
-        ["GNU General Public License v2 or later (GPLv2+)", "GPL-2.0+"],
-        ["GNU General Public License v3 (GPLv3)", "GPL-3.0"],
-        ["GNU General Public License v3 or later (GPLv3+)", "GPL-3.0+"],
-        ["GNU Lesser General Public License v2 (LGPLv2)", "LGPL-2.0"],
-        ["GNU Lesser General Public License v2 or later (LGPLv2+)", "LGPL-2.0+"],
-        ["GNU Lesser General Public License v3 (LGPLv3)", "LGPL-3.0"],
-        ["GNU Lesser General Public License v3 or later (LGPLv3+)", "LGPL-3.0+"],
-        ["GNU Library or Lesser General Public License (LGPL)", "LGPL-2.0+"],
-        ["IBM Public License", "IPL-1.0"],
-        ["Intel Open Source License", "Intel"],
-        ["ISC License (ISCL)", "ISC"],
-        # ['MirOS License (MirOS)', 'MirOS'],
-        ["MIT License", "MIT"],
-        ["Motosoto License", "Motosoto"],
-        ["Mozilla Public License 1.0 (MPL)", "MPL-1.0"],
-        ["Mozilla Public License 1.1 (MPL 1.1)", "MPL-1.1"],
-        ["Mozilla Public License 2.0 (MPL 2.0)", "MPL-2.0"],
-        ["Nethack General Public License", "NGPL"],
-        ["Nokia Open Source License", "Nokia"],
-        ["Open Group Test Suite License", "OGTSL"],
-        ["PostgreSQL License", "PostgreSQL"],
-        ["Python License (CNRI Python License)", "CNRI-Python"],
-        # ['Python Software Foundation License', 'Python-2.0'],
-        ["Qt Public License (QPL)", "QPL-1.0"],
-        ["Ricoh Source Code Public License", "RSCPL"],
-        ["SIL Open Font License 1.1 (OFL-1.1)", "OFL-1.1"],
-        ["Sleepycat License", "Sleepycat"],
-        ["Sun Industry Standards Source License (SISSL)", "SISSL-1.2"],
-        ["Sun Public License", "SPL-1.0"],
-        ["Universal Permissive License (UPL)", "UPL-1.0"],
-        ["University of Illinois/NCSA Open Source License", "NCSA"],
-        ["Vovida Software License 1.0", "VSL-1.0"],
-        ["W3C License", "W3C"],
-        ["X.Net License", "Xnet"],
-        ["zlib/libpng License", "zlib-acknowledgement"],
-        ["Zope Public License", "ZPL-2.1"],
-      ]
-      pypi_mappings.each do |license, mapped|
-        expect(Spdx.find(license).id).to eq(mapped)
-      end
-    end
-    it "should return know licenses for special cases" do
-      expect(Spdx.find("MPL1").name).to eq("Mozilla Public License 1.0")
-      expect(Spdx.find("MPL1.0").name).to eq("Mozilla Public License 1.0")
-      expect(Spdx.find("MPL1.1").name).to eq("Mozilla Public License 1.1")
-      expect(Spdx.find("MPL2").name).to eq("Mozilla Public License 2.0")
-      expect(Spdx.find("MPL2.0").name).to eq("Mozilla Public License 2.0")
-      expect(Spdx.find("GPL3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("GPL v3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("GPL3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("GPL 3.0").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("GPL-3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("GPL-2 | GPL-3 [expanded from: GPL (≥ 2)]").name).to \
-        eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("GPL-2 | GPL-3 [expanded from: GPL]").name).to \
-        eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("GPL (≥ 3)").name).to eq("GNU General Public License v3.0 or later")
-      expect(Spdx.find("gpl30").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("GPL v2+").name).to eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("GPL 2").name).to eq("GNU General Public License v2.0 only")
-      expect(Spdx.find("GPL v2").name).to eq("GNU General Public License v2.0 only")
-      expect(Spdx.find("GPL2").name).to eq("GNU General Public License v2.0 only")
-      expect(Spdx.find("GPL-2 | GPL-3").name).to eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("GPL-2 | GPL-3 [expanded from: GPL (≥ 2.0)]").name).to \
-        eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("GPL2 w/ CPE").name).to eq("GNU General Public License v2.0 w/Classpath exception")
-      expect(Spdx.find("GPL 2.0").name).to eq("GNU General Public License v2.0 only")
-      expect(Spdx.find("New BSD License (GPL-compatible)").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("The GPL V3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("perl_5").name).to eq("Artistic License 1.0 (Perl)")
-      expect(Spdx.find("BSD3").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("BSD").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("GPLv3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("LGPLv2 or later").name).to eq("GNU Library General Public License v2.1 or later")
-      expect(Spdx.find("GPLv2 or later").name).to eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("Public Domain").name).to eq("The Unlicense")
-      expect(Spdx.find("GPL-2").name).to eq("GNU General Public License v2.0 only")
-      expect(Spdx.find("GPL").name).to eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("GNU LESSER GENERAL PUBLIC LICENSE").name).to \
-        eq("GNU Library General Public License v2.1 or later")
-      expect(Spdx.find("New BSD License").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("(MIT OR X11) ").name).to eq("MIT License")
-      expect(Spdx.find("mit-license").name).to eq("MIT License")
-      expect(Spdx.find("lgpl-3").name).to eq("GNU Lesser General Public License v3.0 only")
-      expect(Spdx.find("agpl-3").name).to eq("GNU Affero General Public License v3.0")
-      expect(Spdx.find("cc by-sa 4.0").name).to eq("Creative Commons Attribution Share Alike 4.0 International")
-      expect(Spdx.find("cc by-nc-sa 3.0").name).to \
-        eq("Creative Commons Attribution Non Commercial Share Alike 3.0 Unported")
-      expect(Spdx.find("cc by-sa 3.0").name).to eq("Creative Commons Attribution Share Alike 3.0 Unported")
-      expect(Spdx.find("gpl_1").name).to eq("GNU General Public License v1.0 only")
-      expect(Spdx.find("gpl_2").name).to eq("GNU General Public License v2.0 only")
-      expect(Spdx.find("gpl_3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("artistic_2").name).to eq("Artistic License 2.0")
-      expect(Spdx.find("artistic_1").name).to eq("Artistic License 1.0")
-      expect(Spdx.find("apache_2_0").name).to eq("Apache License 2.0")
-      expect(Spdx.find("apache_v2").name).to eq("Apache License 2.0")
-      expect(Spdx.find("lgpl_2_1").name).to eq("GNU Lesser General Public License v2.1 only")
-      expect(Spdx.find("lgpl_v2_1").name).to eq("GNU Lesser General Public License v2.1 only")
-      expect(Spdx.find("BSD 3-Clause").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("BSD 3-Clause").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("BSD 2-Clause").name).to eq('BSD 2-Clause "Simplified" License')
-      expect(Spdx.find("BSD 2-clause").name).to eq('BSD 2-Clause "Simplified" License')
-      expect(Spdx.find("BSD Style").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("GNU LGPL v3+").name).to eq("GNU Lesser General Public License v3.0 only")
-      expect(Spdx.find("ZPL 2.1").name).to eq("Zope Public License 2.1")
-    end
-  end
   context "spdx parsing" do
-    context "valid_spdx?" do
+    context "valid?" do
       it "returns false for invalid spdx" do
-        expect(Spdx.valid_spdx?("AND AND")).to be false
-        expect(Spdx.valid_spdx?("MIT OR MIT AND OR")).to be false
-        expect(Spdx.valid_spdx?("MIT OR FAKEYLICENSE")).to be false
-        expect(Spdx.valid_spdx?(nil)).to be false
-        expect(Spdx.valid_spdx?("")).to be false
+        expect(Spdx.valid?("AND AND")).to be false
+        expect(Spdx.valid?(" AND ")).to be false
+        expect(Spdx.valid?(" WITH ")).to be false
+        expect(Spdx.valid?("MIT AND ")).to be false
+        expect(Spdx.valid?("MIT OR MIT AND OR")).to be false
+        expect(Spdx.valid?("MIT OR FAKEYLICENSE")).to be false
+        expect(Spdx.valid?(nil)).to be false
+        expect(Spdx.valid?("")).to be false
+        expect(Spdx.valid?("MIT (MIT)")).to be false
       end
       it "returns true for valid spdx" do
-        expect(Spdx.valid_spdx?("(MIT OR MPL-2.0)")).to be true
-        expect(Spdx.valid_spdx?("MIT")).to be true
-        expect(Spdx.valid_spdx?("((MIT OR AGPL-1.0) AND (MIT OR MPL-2.0))")).to be true
+        expect(Spdx.valid?("(MIT OR MPL-2.0)")).to be true
+        expect(Spdx.valid?("MIT")).to be true
+        expect(Spdx.valid?("MIT OR MPL-2.0 AND AGPL-1.0")).to be true
+        expect(Spdx.valid?("MIT OR (GPL-1.0 OR MPL-2.0) AND AGPL-1.0")).to be true
+        expect(Spdx.valid?("MIT AND MPL-2.0 OR AGPL-1.0")).to be true
+        expect(Spdx.valid?("MIT AND (GPL-1.0 OR MPL-2.0) OR AGPL-1.0")).to be true
+        expect(Spdx.valid?("MIT OR (DocumentRef-something-1:LicenseRef-MIT-style-1 OR MPL-2.0) AND AGPL-1.0")).to be true
+        expect(Spdx.valid?("((MIT OR AGPL-1.0) AND (MIT OR MPL-2.0))")).to be true
+        expect(Spdx.valid?("MIT OR (MIT)")).to be true
       end
       it "returns true for NONE and NOASSERTION" do
-        expect(Spdx.valid_spdx?("NONE")).to be true
-        expect(Spdx.valid_spdx?("(NONE)")).to be false
-        expect(Spdx.valid_spdx?("NOASSERTION")).to be true
-        expect(Spdx.valid_spdx?("MIT OR NONE")).to be false
+        expect(Spdx.valid?("NONE")).to be true
+        expect(Spdx.valid?("(NONE)")).to be false
+        expect(Spdx.valid?("NOASSERTION")).to be true
+        expect(Spdx.valid?("MIT OR NONE")).to be false
       end
       it "returns true for + expression" do
-        expect(Spdx.valid_spdx?("AGPL-1.0+"))
+        expect(Spdx.valid?("AGPL-3.0+")).to be true
+      end
+      it "is case insentive for license ids" do
+        expect(Spdx.valid?("mit OR agpl-3.0+")).to be true
+      end
+      it "handles LicenseRef" do
+        expect(Spdx.valid?("MIT OR LicenseRef-MIT-style-1")).to be true
       end
+      it "handles DocumentRef" do
+        expect(Spdx.valid?("MIT OR DocumentRef-something-1:LicenseRef-MIT-style-1")).to be true
+        expect(Spdx.valid?("MIT OR DocumentRef-something-1")).to be false
+      end
+    end
+  end
+  context "normalize" do
+    it "normalizes simple licenses" do
+      expect(Spdx.normalize("MIT")).to eq "MIT"
+      expect(Spdx.normalize("mit")).to eq "MIT"
+      expect(Spdx.normalize("MiT")).to eq "MIT"
+      expect(Spdx.normalize("(MiT)")).to eq "MIT"
+      expect(Spdx.normalize("(((MiT)))")).to eq "MIT"
+      expect(Spdx.normalize("LicenseRef-MIT-style-1")).to eq "LicenseRef-MIT-style-1"
+      expect(Spdx.normalize("DocumentRef-something-1:LicenseRef-MIT-style-1")).to eq "DocumentRef-something-1:LicenseRef-MIT-style-1"
+      expect(Spdx.normalize("Apache-2.0+")).to eq "Apache-2.0+"
+      expect(Spdx.normalize("apache-2.0+")).to eq "Apache-2.0+"
+    end
+    it "normalizes NONE/NOASSERTION" do
+      expect(Spdx.normalize("NONE")).to eq "NONE"
+      expect(Spdx.normalize("NOASSERTION")).to eq "NOASSERTION"
+    end
+    it "normalizes boolean expressions" do
+      expect(Spdx.normalize("mit AND gPL-2.0")).to eq "MIT AND GPL-2.0"
+      expect(Spdx.normalize("mit OR gPL-2.0")).to eq "MIT OR GPL-2.0"
+      expect(Spdx.normalize("mit OR gPL-2.0")).to eq "MIT OR GPL-2.0"
+      # With top level parens
+      expect(Spdx.normalize("mit AND gPL-2.0", top_level_parens: true)).to eq "(MIT AND GPL-2.0)"
+      expect(Spdx.normalize("mit OR gPL-2.0", top_level_parens: true)).to eq "(MIT OR GPL-2.0)"
+      expect(Spdx.normalize("mit OR gPL-2.0", top_level_parens: true)).to eq "(MIT OR GPL-2.0)"
+      # Does semantic grouping
+      expect(Spdx.normalize("mit OR gPL-2.0 AND apAcHe-2.0+")).to eq "MIT OR (GPL-2.0 AND Apache-2.0+)"
+      # But also preserves original groups
+      expect(Spdx.normalize("(mit OR gPL-2.0) AND apAcHe-2.0+")).to eq "(MIT OR GPL-2.0) AND Apache-2.0+"
+    end
+    it "normalizes WITH expressions" do
+      expect(Spdx.normalize("GPL-2.0-only WITH Classpath-exception-2.0")).to eq "GPL-2.0-only WITH Classpath-exception-2.0"
+      expect(Spdx.normalize("Gpl-2.0-ONLY WITH ClassPath-exception-2.0")).to eq "GPL-2.0-only WITH Classpath-exception-2.0"
+      # With top level parens
+      expect(Spdx.normalize("GPL-2.0-only WITH Classpath-exception-2.0", top_level_parens: true)).to eq "(GPL-2.0-only WITH Classpath-exception-2.0)"
+      expect(Spdx.normalize("Gpl-2.0-ONLY WITH ClassPath-exception-2.0", top_level_parens: true)).to eq "(GPL-2.0-only WITH Classpath-exception-2.0)"
+      expect(Spdx.normalize("EPL-2.0 OR (GPL-2.0-only WITH Classpath-exception-2.0)")).to eq "EPL-2.0 OR (GPL-2.0-only WITH Classpath-exception-2.0)"
+      expect(Spdx.normalize("epl-2.0 OR (gpl-2.0-only WITH classpath-exception-2.0)")).to eq "EPL-2.0 OR (GPL-2.0-only WITH Classpath-exception-2.0)"
+      expect(Spdx.normalize("epl-2.0 OR gpl-2.0-only WITH classpath-exception-2.0")).to eq "EPL-2.0 OR (GPL-2.0-only WITH Classpath-exception-2.0)"
+      expect(Spdx.normalize("epl-2.0 OR gpl-2.0-only WITH classpath-exception-2.0 AND mpl-2.0+")).to eq "EPL-2.0 OR ((GPL-2.0-only WITH Classpath-exception-2.0) AND MPL-2.0+)"
     end
   end
   context "licenses" do
     it "returns a list of possible licenses" do
-      expect(Spdx.parse_spdx("MIT OR MPL-2.0").licenses).to eq ["MIT", "MPL-2.0"]
+      expect(Spdx.parse("MIT OR MPL-2.0").licenses).to eq ["MIT", "MPL-2.0"]
     end
     it "returns empty array for NONE or NOASSERTION" do
-      expect(Spdx.parse_spdx("NONE").licenses).to eq []
-      expect(Spdx.parse_spdx("NOASSERTION").licenses).to eq []
+      expect(Spdx.parse("NONE").licenses).to eq []
+      expect(Spdx.parse("NOASSERTION").licenses).to eq []
+    end
+    it "returns LicenseRefs" do
+      expect(Spdx.parse("MIT OR LicenseRef-MIT-style-1").licenses).to eq %w[MIT LicenseRef-MIT-style-1]
+    end
+    it "returns DocumentRefs" do
+      expect(Spdx.parse("MIT OR DocumentRef-something-1:LicenseRef-MIT-style-1").licenses).to eq %w[MIT DocumentRef-something-1:LicenseRef-MIT-style-1]
     end
   end
   context "exceptions" do
-    it "parses a valid spdx with expression" do
-      expect(Spdx.valid_spdx?("EPL-2.0 OR (GPL-2.0-only WITH Classpath-exception-2.0)")).to be true
+    it "parses a valid spdx WITH expression" do
+      expect(Spdx.valid?("EPL-2.0 OR (GPL-2.0-only WITH Classpath-exception-2.0)")).to be true
     end
     it "returns false for a license in the exception spot" do
-      expect(Spdx.valid_spdx?("EPL-2.0 OR (GPL-2.0-only WITH AGPL-3.0)")).to be false
+      expect(Spdx.valid?("EPL-2.0 OR (GPL-2.0-only WITH AGPL-3.0)")).to be false
     end
     it "provides full details for a parse error" do
-      expect { Spdx.parse_spdx("MIT OR ((WHAT)") }.to raise_error(SpdxGrammar::SpdxParseError, "Unable to parse expression '(MIT OR ((WHAT))'. Parse error at offset: 0")
+      expect { Spdx.parse("MIT OR ((WHAT)") }.to raise_error(SpdxGrammar::SpdxParseError, "Unable to parse expression 'MIT OR ((WHAT)'. Parse error at offset: 3")
     end
   end
 end

metadata CHANGED Viewed

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: spdx
 version: !ruby/object:Gem::Version
-  version: 2.0.11
+  version: 4.0.0
 platform: ruby
 authors:
 - Tidelift, Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-06-16 00:00:00.000000000 Z
+date: 2021-02-08 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: fuzzy_match
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.1'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: treetop
   requirement: !ruby/object:Gem::Requirement
@@ -161,10 +147,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key:
 specification_version: 4
-summary: A SPDX license normalizer
+summary: A SPDX license parser
 test_files:
 - spec/spdx_spec.rb
 - spec/spec_helper.rb