RubyGems - spdx - Versions diffs - 2.0.11 → 4.0.0 - Mend

spdx 2.0.11 → 4.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

data/spdx.gemspec CHANGED Viewed

@@ -9,7 +9,7 @@ Gem::Specification.new do |spec|
   spec.version       = Spdx::VERSION
   spec.authors       = ["Tidelift, Inc."]
   spec.email         = ["support@tidelift.com"]
-  spec.summary       = "A SPDX license normalizer"
+  spec.summary       = "A SPDX license parser"
   spec.homepage      = "https://github.com/librariesio/spdx"
   spec.license       = "MIT"
@@ -18,7 +18,6 @@ Gem::Specification.new do |spec|
   spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
   spec.require_paths = ["lib"]
-  spec.add_dependency "fuzzy_match", "~> 2.1"
   spec.add_dependency "treetop", "~> 1.6"
   spec.add_development_dependency "bundler"
   spec.add_development_dependency "pry"

data/spec/spdx_spec.rb CHANGED Viewed

@@ -3,227 +3,122 @@
 require "spec_helper"
 describe Spdx do
-  describe "find" do
-    it "should return know license from short code" do
-      expect(Spdx.find("Apache-2.0").name).to eq("Apache License 2.0")
-    end
-    it "should work with case-insentive short codes" do
-      expect(Spdx.find("apache-2.0").name).to eq("Apache License 2.0")
-      expect(Spdx.find("agpl-3.0").name).to eq("GNU Affero General Public License v3.0")
-    end
-    it "should return know license from full name" do
-      expect(Spdx.find("Apache License 2.0").name).to eq("Apache License 2.0")
-    end
-    it "should return nil for commercial" do
-      expect(Spdx.find("Commercial")).to be_nil
-    end
-    it "should return nil for garbage" do
-      expect(Spdx.find("foo bar baz")).to be_nil
-      expect(Spdx.find("https://github.com/AuthorizeNet/sdk-ruby/blob/master/license.txt")).to be_nil
-    end
-    it "should return know license from an alias" do
-      expect(Spdx.find("The Apache Software License, Version 2.0").name).to eq("Apache License 2.0")
-      expect(Spdx.find("Apache2").name).to eq("Apache License 2.0")
-      expect(Spdx.find("Apache License, Version 2.0").name).to eq("Apache License 2.0")
-      expect(Spdx.find("Educational Community License, Version 2.0").name).to eq("Educational Community License v2.0")
-      expect(Spdx.find("CDDL + GPLv2 with classpath exception").name).to \
-        eq("GNU General Public License v2.0 w/Classpath exception")
-      expect(Spdx.find("The MIT License").name).to eq("MIT License")
-      expect(Spdx.find("UNLICENSE").name).to eq("The Unlicense")
-    end
-    it "should strip whitespace from strings before lookups" do
-      expect(Spdx.find(" BSD-3-Clause").id).to eq("BSD-3-Clause")
-    end
-    it "should handle pypi classifiers properly" do
-      pypi_mappings = [
-        ["Aladdin Free Public License (AFPL)", "Aladdin"],
-        ["CC0 1.0 Universal (CC0 1.0) Public Domain Dedication", "CC0-1.0"],
-        ["CeCILL-B Free Software License Agreement (CECILL-B)", "CECILL-B"],
-        ["CeCILL-C Free Software License Agreement (CECILL-C)", "CECILL-C"],
-        ["Eiffel Forum License (EFL)", "EFL-2.0"],
-        ["Netscape Public License (NPL)", "NPL-1.1"],
-        ["Nokia Open Source License (NOKOS)", "Nokia"],
-        ["Academic Free License (AFL)", "AFL-3.0"],
-        ["Apache Software License", "Apache-2.0"],
-        ["Apple Public Source License", "APSL-2.0"],
-        ["Artistic License", "Artistic-2.0"],
-        ["Attribution Assurance License", "AAL"],
-        ["Boost Software License 1.0 (BSL-1.0)", "BSL-1.0"],
-        ["BSD License", "BSD-3-Clause"],
-        ["Common Development and Distribution License 1.0 (CDDL-1.0)", "CDDL-1.0"],
-        ["Common Public License", "CPL-1.0"],
-        ["Eclipse Public License 1.0 (EPL-1.0)", "EPL-1.0"],
-        ["Eclipse Public License 2.0 (EPL-2.0)", "EPL-2.0"],
-        ["Eiffel Forum License", "EFL-2.0"],
-        ["European Union Public Licence 1.0 (EUPL 1.0)", "EUPL-1.0"],
-        ["European Union Public Licence 1.1 (EUPL 1.1)", "EUPL-1.1"],
-        ["European Union Public Licence 1.2 (EUPL 1.2)", "EUPL-1.2"],
-        ["GNU Affero General Public License v3", "AGPL-3.0"],
-        ["GNU Affero General Public License v3 or later (AGPLv3+)", "AGPL-3.0-or-later"],
-        ["GNU Free Documentation License (FDL)", "GFDL-1.3"],
-        ["GNU General Public License (GPL)", "GPL-2.0+"],
-        ["GNU General Public License v2 (GPLv2)", "GPL-2.0"],
-        ["GNU General Public License v2 or later (GPLv2+)", "GPL-2.0+"],
-        ["GNU General Public License v3 (GPLv3)", "GPL-3.0"],
-        ["GNU General Public License v3 or later (GPLv3+)", "GPL-3.0+"],
-        ["GNU Lesser General Public License v2 (LGPLv2)", "LGPL-2.0"],
-        ["GNU Lesser General Public License v2 or later (LGPLv2+)", "LGPL-2.0+"],
-        ["GNU Lesser General Public License v3 (LGPLv3)", "LGPL-3.0"],
-        ["GNU Lesser General Public License v3 or later (LGPLv3+)", "LGPL-3.0+"],
-        ["GNU Library or Lesser General Public License (LGPL)", "LGPL-2.0+"],
-        ["IBM Public License", "IPL-1.0"],
-        ["Intel Open Source License", "Intel"],
-        ["ISC License (ISCL)", "ISC"],
-        # ['MirOS License (MirOS)', 'MirOS'],
-        ["MIT License", "MIT"],
-        ["Motosoto License", "Motosoto"],
-        ["Mozilla Public License 1.0 (MPL)", "MPL-1.0"],
-        ["Mozilla Public License 1.1 (MPL 1.1)", "MPL-1.1"],
-        ["Mozilla Public License 2.0 (MPL 2.0)", "MPL-2.0"],
-        ["Nethack General Public License", "NGPL"],
-        ["Nokia Open Source License", "Nokia"],
-        ["Open Group Test Suite License", "OGTSL"],
-        ["PostgreSQL License", "PostgreSQL"],
-        ["Python License (CNRI Python License)", "CNRI-Python"],
-        # ['Python Software Foundation License', 'Python-2.0'],
-        ["Qt Public License (QPL)", "QPL-1.0"],
-        ["Ricoh Source Code Public License", "RSCPL"],
-        ["SIL Open Font License 1.1 (OFL-1.1)", "OFL-1.1"],
-        ["Sleepycat License", "Sleepycat"],
-        ["Sun Industry Standards Source License (SISSL)", "SISSL-1.2"],
-        ["Sun Public License", "SPL-1.0"],
-        ["Universal Permissive License (UPL)", "UPL-1.0"],
-        ["University of Illinois/NCSA Open Source License", "NCSA"],
-        ["Vovida Software License 1.0", "VSL-1.0"],
-        ["W3C License", "W3C"],
-        ["X.Net License", "Xnet"],
-        ["zlib/libpng License", "zlib-acknowledgement"],
-        ["Zope Public License", "ZPL-2.1"],
-      ]
-      pypi_mappings.each do |license, mapped|
-        expect(Spdx.find(license).id).to eq(mapped)
-      end
-    end
-    it "should return know licenses for special cases" do
-      expect(Spdx.find("MPL1").name).to eq("Mozilla Public License 1.0")
-      expect(Spdx.find("MPL1.0").name).to eq("Mozilla Public License 1.0")
-      expect(Spdx.find("MPL1.1").name).to eq("Mozilla Public License 1.1")
-      expect(Spdx.find("MPL2").name).to eq("Mozilla Public License 2.0")
-      expect(Spdx.find("MPL2.0").name).to eq("Mozilla Public License 2.0")
-      expect(Spdx.find("GPL3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("GPL v3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("GPL3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("GPL 3.0").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("GPL-3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("GPL-2 | GPL-3 [expanded from: GPL (≥ 2)]").name).to \
-        eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("GPL-2 | GPL-3 [expanded from: GPL]").name).to \
-        eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("GPL (≥ 3)").name).to eq("GNU General Public License v3.0 or later")
-      expect(Spdx.find("gpl30").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("GPL v2+").name).to eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("GPL 2").name).to eq("GNU General Public License v2.0 only")
-      expect(Spdx.find("GPL v2").name).to eq("GNU General Public License v2.0 only")
-      expect(Spdx.find("GPL2").name).to eq("GNU General Public License v2.0 only")
-      expect(Spdx.find("GPL-2 | GPL-3").name).to eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("GPL-2 | GPL-3 [expanded from: GPL (≥ 2.0)]").name).to \
-        eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("GPL2 w/ CPE").name).to eq("GNU General Public License v2.0 w/Classpath exception")
-      expect(Spdx.find("GPL 2.0").name).to eq("GNU General Public License v2.0 only")
-      expect(Spdx.find("New BSD License (GPL-compatible)").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("The GPL V3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("perl_5").name).to eq("Artistic License 1.0 (Perl)")
-      expect(Spdx.find("BSD3").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("BSD").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("GPLv3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("LGPLv2 or later").name).to eq("GNU Library General Public License v2.1 or later")
-      expect(Spdx.find("GPLv2 or later").name).to eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("Public Domain").name).to eq("The Unlicense")
-      expect(Spdx.find("GPL-2").name).to eq("GNU General Public License v2.0 only")
-      expect(Spdx.find("GPL").name).to eq("GNU General Public License v2.0 or later")
-      expect(Spdx.find("GNU LESSER GENERAL PUBLIC LICENSE").name).to \
-        eq("GNU Library General Public License v2.1 or later")
-      expect(Spdx.find("New BSD License").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("(MIT OR X11) ").name).to eq("MIT License")
-      expect(Spdx.find("mit-license").name).to eq("MIT License")
-      expect(Spdx.find("lgpl-3").name).to eq("GNU Lesser General Public License v3.0 only")
-      expect(Spdx.find("agpl-3").name).to eq("GNU Affero General Public License v3.0")
-      expect(Spdx.find("cc by-sa 4.0").name).to eq("Creative Commons Attribution Share Alike 4.0 International")
-      expect(Spdx.find("cc by-nc-sa 3.0").name).to \
-        eq("Creative Commons Attribution Non Commercial Share Alike 3.0 Unported")
-      expect(Spdx.find("cc by-sa 3.0").name).to eq("Creative Commons Attribution Share Alike 3.0 Unported")
-      expect(Spdx.find("gpl_1").name).to eq("GNU General Public License v1.0 only")
-      expect(Spdx.find("gpl_2").name).to eq("GNU General Public License v2.0 only")
-      expect(Spdx.find("gpl_3").name).to eq("GNU General Public License v3.0 only")
-      expect(Spdx.find("artistic_2").name).to eq("Artistic License 2.0")
-      expect(Spdx.find("artistic_1").name).to eq("Artistic License 1.0")
-      expect(Spdx.find("apache_2_0").name).to eq("Apache License 2.0")
-      expect(Spdx.find("apache_v2").name).to eq("Apache License 2.0")
-      expect(Spdx.find("lgpl_2_1").name).to eq("GNU Lesser General Public License v2.1 only")
-      expect(Spdx.find("lgpl_v2_1").name).to eq("GNU Lesser General Public License v2.1 only")
-      expect(Spdx.find("BSD 3-Clause").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("BSD 3-Clause").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("BSD 2-Clause").name).to eq('BSD 2-Clause "Simplified" License')
-      expect(Spdx.find("BSD 2-clause").name).to eq('BSD 2-Clause "Simplified" License')
-      expect(Spdx.find("BSD Style").name).to eq('BSD 3-Clause "New" or "Revised" License')
-      expect(Spdx.find("GNU LGPL v3+").name).to eq("GNU Lesser General Public License v3.0 only")
-      expect(Spdx.find("ZPL 2.1").name).to eq("Zope Public License 2.1")
-    end
-  end
   context "spdx parsing" do
-    context "valid_spdx?" do
+    context "valid?" do
       it "returns false for invalid spdx" do
-        expect(Spdx.valid_spdx?("AND AND")).to be false
-        expect(Spdx.valid_spdx?("MIT OR MIT AND OR")).to be false
-        expect(Spdx.valid_spdx?("MIT OR FAKEYLICENSE")).to be false
-        expect(Spdx.valid_spdx?(nil)).to be false
-        expect(Spdx.valid_spdx?("")).to be false
+        expect(Spdx.valid?("AND AND")).to be false
+        expect(Spdx.valid?(" AND ")).to be false
+        expect(Spdx.valid?(" WITH ")).to be false
+        expect(Spdx.valid?("MIT AND ")).to be false
+        expect(Spdx.valid?("MIT OR MIT AND OR")).to be false
+        expect(Spdx.valid?("MIT OR FAKEYLICENSE")).to be false
+        expect(Spdx.valid?(nil)).to be false
+        expect(Spdx.valid?("")).to be false
+        expect(Spdx.valid?("MIT (MIT)")).to be false
       end
       it "returns true for valid spdx" do
-        expect(Spdx.valid_spdx?("(MIT OR MPL-2.0)")).to be true
-        expect(Spdx.valid_spdx?("MIT")).to be true
-        expect(Spdx.valid_spdx?("((MIT OR AGPL-1.0) AND (MIT OR MPL-2.0))")).to be true
+        expect(Spdx.valid?("(MIT OR MPL-2.0)")).to be true
+        expect(Spdx.valid?("MIT")).to be true
+        expect(Spdx.valid?("MIT OR MPL-2.0 AND AGPL-1.0")).to be true
+        expect(Spdx.valid?("MIT OR (GPL-1.0 OR MPL-2.0) AND AGPL-1.0")).to be true
+        expect(Spdx.valid?("MIT AND MPL-2.0 OR AGPL-1.0")).to be true
+        expect(Spdx.valid?("MIT AND (GPL-1.0 OR MPL-2.0) OR AGPL-1.0")).to be true
+        expect(Spdx.valid?("MIT OR (DocumentRef-something-1:LicenseRef-MIT-style-1 OR MPL-2.0) AND AGPL-1.0")).to be true
+        expect(Spdx.valid?("((MIT OR AGPL-1.0) AND (MIT OR MPL-2.0))")).to be true
+        expect(Spdx.valid?("MIT OR (MIT)")).to be true
       end
       it "returns true for NONE and NOASSERTION" do
-        expect(Spdx.valid_spdx?("NONE")).to be true
-        expect(Spdx.valid_spdx?("(NONE)")).to be false
-        expect(Spdx.valid_spdx?("NOASSERTION")).to be true
-        expect(Spdx.valid_spdx?("MIT OR NONE")).to be false
+        expect(Spdx.valid?("NONE")).to be true
+        expect(Spdx.valid?("(NONE)")).to be false
+        expect(Spdx.valid?("NOASSERTION")).to be true
+        expect(Spdx.valid?("MIT OR NONE")).to be false
       end
       it "returns true for + expression" do
-        expect(Spdx.valid_spdx?("AGPL-1.0+"))
+        expect(Spdx.valid?("AGPL-3.0+")).to be true
+      end
+      it "is case insentive for license ids" do
+        expect(Spdx.valid?("mit OR agpl-3.0+")).to be true
+      end
+      it "handles LicenseRef" do
+        expect(Spdx.valid?("MIT OR LicenseRef-MIT-style-1")).to be true
       end
+      it "handles DocumentRef" do
+        expect(Spdx.valid?("MIT OR DocumentRef-something-1:LicenseRef-MIT-style-1")).to be true
+        expect(Spdx.valid?("MIT OR DocumentRef-something-1")).to be false
+      end
+    end
+  end
+  context "normalize" do
+    it "normalizes simple licenses" do
+      expect(Spdx.normalize("MIT")).to eq "MIT"
+      expect(Spdx.normalize("mit")).to eq "MIT"
+      expect(Spdx.normalize("MiT")).to eq "MIT"
+      expect(Spdx.normalize("(MiT)")).to eq "MIT"
+      expect(Spdx.normalize("(((MiT)))")).to eq "MIT"
+      expect(Spdx.normalize("LicenseRef-MIT-style-1")).to eq "LicenseRef-MIT-style-1"
+      expect(Spdx.normalize("DocumentRef-something-1:LicenseRef-MIT-style-1")).to eq "DocumentRef-something-1:LicenseRef-MIT-style-1"
+      expect(Spdx.normalize("Apache-2.0+")).to eq "Apache-2.0+"
+      expect(Spdx.normalize("apache-2.0+")).to eq "Apache-2.0+"
+    end
+    it "normalizes NONE/NOASSERTION" do
+      expect(Spdx.normalize("NONE")).to eq "NONE"
+      expect(Spdx.normalize("NOASSERTION")).to eq "NOASSERTION"
+    end
+    it "normalizes boolean expressions" do
+      expect(Spdx.normalize("mit AND gPL-2.0")).to eq "MIT AND GPL-2.0"
+      expect(Spdx.normalize("mit OR gPL-2.0")).to eq "MIT OR GPL-2.0"
+      expect(Spdx.normalize("mit OR gPL-2.0")).to eq "MIT OR GPL-2.0"
+      # With top level parens
+      expect(Spdx.normalize("mit AND gPL-2.0", top_level_parens: true)).to eq "(MIT AND GPL-2.0)"
+      expect(Spdx.normalize("mit OR gPL-2.0", top_level_parens: true)).to eq "(MIT OR GPL-2.0)"
+      expect(Spdx.normalize("mit OR gPL-2.0", top_level_parens: true)).to eq "(MIT OR GPL-2.0)"
+      # Does semantic grouping
+      expect(Spdx.normalize("mit OR gPL-2.0 AND apAcHe-2.0+")).to eq "MIT OR (GPL-2.0 AND Apache-2.0+)"
+      # But also preserves original groups
+      expect(Spdx.normalize("(mit OR gPL-2.0) AND apAcHe-2.0+")).to eq "(MIT OR GPL-2.0) AND Apache-2.0+"
+    end
+    it "normalizes WITH expressions" do
+      expect(Spdx.normalize("GPL-2.0-only WITH Classpath-exception-2.0")).to eq "GPL-2.0-only WITH Classpath-exception-2.0"
+      expect(Spdx.normalize("Gpl-2.0-ONLY WITH ClassPath-exception-2.0")).to eq "GPL-2.0-only WITH Classpath-exception-2.0"
+      # With top level parens
+      expect(Spdx.normalize("GPL-2.0-only WITH Classpath-exception-2.0", top_level_parens: true)).to eq "(GPL-2.0-only WITH Classpath-exception-2.0)"
+      expect(Spdx.normalize("Gpl-2.0-ONLY WITH ClassPath-exception-2.0", top_level_parens: true)).to eq "(GPL-2.0-only WITH Classpath-exception-2.0)"
+      expect(Spdx.normalize("EPL-2.0 OR (GPL-2.0-only WITH Classpath-exception-2.0)")).to eq "EPL-2.0 OR (GPL-2.0-only WITH Classpath-exception-2.0)"
+      expect(Spdx.normalize("epl-2.0 OR (gpl-2.0-only WITH classpath-exception-2.0)")).to eq "EPL-2.0 OR (GPL-2.0-only WITH Classpath-exception-2.0)"
+      expect(Spdx.normalize("epl-2.0 OR gpl-2.0-only WITH classpath-exception-2.0")).to eq "EPL-2.0 OR (GPL-2.0-only WITH Classpath-exception-2.0)"
+      expect(Spdx.normalize("epl-2.0 OR gpl-2.0-only WITH classpath-exception-2.0 AND mpl-2.0+")).to eq "EPL-2.0 OR ((GPL-2.0-only WITH Classpath-exception-2.0) AND MPL-2.0+)"
     end
   end
   context "licenses" do
     it "returns a list of possible licenses" do
-      expect(Spdx.parse_spdx("MIT OR MPL-2.0").licenses).to eq ["MIT", "MPL-2.0"]
+      expect(Spdx.parse("MIT OR MPL-2.0").licenses).to eq ["MIT", "MPL-2.0"]
     end
     it "returns empty array for NONE or NOASSERTION" do
-      expect(Spdx.parse_spdx("NONE").licenses).to eq []
-      expect(Spdx.parse_spdx("NOASSERTION").licenses).to eq []
+      expect(Spdx.parse("NONE").licenses).to eq []
+      expect(Spdx.parse("NOASSERTION").licenses).to eq []
+    end
+    it "returns LicenseRefs" do
+      expect(Spdx.parse("MIT OR LicenseRef-MIT-style-1").licenses).to eq %w[MIT LicenseRef-MIT-style-1]
+    end
+    it "returns DocumentRefs" do
+      expect(Spdx.parse("MIT OR DocumentRef-something-1:LicenseRef-MIT-style-1").licenses).to eq %w[MIT DocumentRef-something-1:LicenseRef-MIT-style-1]
     end
   end
   context "exceptions" do
-    it "parses a valid spdx with expression" do
-      expect(Spdx.valid_spdx?("EPL-2.0 OR (GPL-2.0-only WITH Classpath-exception-2.0)")).to be true
+    it "parses a valid spdx WITH expression" do
+      expect(Spdx.valid?("EPL-2.0 OR (GPL-2.0-only WITH Classpath-exception-2.0)")).to be true
     end
     it "returns false for a license in the exception spot" do
-      expect(Spdx.valid_spdx?("EPL-2.0 OR (GPL-2.0-only WITH AGPL-3.0)")).to be false
+      expect(Spdx.valid?("EPL-2.0 OR (GPL-2.0-only WITH AGPL-3.0)")).to be false
     end
     it "provides full details for a parse error" do
-      expect { Spdx.parse_spdx("MIT OR ((WHAT)") }.to raise_error(SpdxGrammar::SpdxParseError, "Unable to parse expression '(MIT OR ((WHAT))'. Parse error at offset: 0")
+      expect { Spdx.parse("MIT OR ((WHAT)") }.to raise_error(SpdxGrammar::SpdxParseError, "Unable to parse expression 'MIT OR ((WHAT)'. Parse error at offset: 3")
     end
   end
 end

metadata CHANGED Viewed

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: spdx
 version: !ruby/object:Gem::Version
-  version: 2.0.11
+  version: 4.0.0
 platform: ruby
 authors:
 - Tidelift, Inc.
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-06-16 00:00:00.000000000 Z
+date: 2021-02-08 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: fuzzy_match
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.1'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '2.1'
 - !ruby/object:Gem::Dependency
   name: treetop
   requirement: !ruby/object:Gem::Requirement
@@ -161,10 +147,10 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.1.2
 signing_key:
 specification_version: 4
-summary: A SPDX license normalizer
+summary: A SPDX license parser
 test_files:
 - spec/spdx_spec.rb
 - spec/spec_helper.rb