licenseguard-cli 1.2.2 → 2.1.0

package/bin/licenseguard.js

@@ -1,6 +1,7 @@
 #!/usr/bin/env node
 
 const { program } = require('commander')
+const chalk = require('chalk')
 const { version } = require('../package.json')
 const { runList } = require('../lib/commands/list')
 const { runInit } = require('../lib/commands/init')
@@ -9,44 +10,62 @@ const { setupCommand } = require('../lib/commands/setup')
 
 program
   .version(version)
-  .description('License setup & compliance helper for developers')
+  .description('License setup & compliance guard for developers')
 
+// Init command with subcommand-specific options
 program
-  .option('--init', 'Interactive license setup wizard')
-  .option('--init-fast', 'Non-interactive fast setup')
-  .option('--license <type>', 'License type (for --init-fast)')
-  .option('--owner <name>', 'Copyright owner name (for --init-fast)')
-  .option('--year <year>', 'Copyright year (for --init-fast)')
-  .option('--url <url>', 'Project URL (for --init-fast)')
-  .option('--ls', 'List available license templates')
-  .option(
-    '--setup',
-    'Setup license notification and install git hooks (for npm prepare script)'
-  )
-  .parse(process.argv)
-
-const options = program.opts()
-
-if (options.init) {
-  runInit().catch((err) => {
-    console.error('Error:', err.message)
-    process.exit(1)
-  })
-} else if (options.initFast) {
-  runInitFast(options).catch((err) => {
-    console.error('Error:', err.message)
-    process.exit(1)
+  .command('init')
+  .description('Interactive license setup with dependency scanning')
+  .option('--force', 'Create LICENSE despite conflicts')
+  .option('--noscan', 'Skip dependency scanning')
+  .option('--explain', 'Show authoritative source citations for license compatibility decisions')
+  .option('--fast', 'Non-interactive mode with auto-detection')
+  .option('--license <type>', 'License type (for --fast mode)')
+  .option('--owner <name>', 'Copyright owner name (for --fast mode)')
+  .option('--year <year>', 'Copyright year (for --fast mode)')
+  .option('--url <url>', 'Project URL (for --fast mode)')
+  .action(async (options) => {
+    try {
+      if (options.fast) {
+        await runInitFast(options)
+      } else {
+        await runInit(options)
+      }
+    } catch (error) {
+      console.error(chalk.red('✗ Error:'), error.message)
+      process.exit(1)
+    }
   })
-} else if (options.ls) {
-  runList().catch((err) => {
-    console.error('Error:', err.message)
-    process.exit(1)
+
+// List command
+program
+  .command('ls')
+  .description('List available license templates')
+  .action(async () => {
+    try {
+      await runList()
+    } catch (error) {
+      console.error(chalk.red('✗ Error:'), error.message)
+      process.exit(1)
+    }
   })
-} else if (options.setup) {
-  setupCommand().catch((err) => {
-    // Even on error, don't exit 1 - npm prepare compatibility
-    console.error('Setup warning:', err.message)
+
+// Setup command (kept for npm prepare script compatibility)
+program
+  .command('setup')
+  .description('Setup license notification and install git hooks (for npm prepare script)')
+  .action(async () => {
+    try {
+      await setupCommand()
+    } catch (error) {
+      // Even on error, don't exit 1 - npm prepare compatibility
+      console.error(chalk.yellow('⚠️  Setup warning:'), error.message)
+    }
   })
-} else {
+
+program.parse(process.argv)
+
+// Show help if no command provided
+if (!process.argv.slice(2).length) {
   program.help()
 }

package/lib/commands/init-fast.js

@@ -5,6 +5,8 @@ const chalk = require('chalk')
 const { generateLicense, LICENSE_TEMPLATES } = require('../templates')
 const { writeConfig } = require('../utils/file-ops')
 const { isGitRepo, installHooks } = require('../utils/git-helpers')
+const { scanDependencies, displayConflictReport } = require('../scanner')
+const { toSPDX } = require('../utils/license-mapper')
 
 function getGitConfig(key) {
   try {
@@ -63,19 +65,76 @@ async function runInitFast(options) {
     if (url) console.log(chalk.gray(`URL: ${url}`))
     console.log()
 
+    // Scanner integration (Story 2.3) - Fast mode
+    let scanResult = null
+    if (!options.noscan) {
+      const spdxLicense = toSPDX(flags.license)
+
+      try {
+        console.log(chalk.blue('🔍 Scanning dependencies for license conflicts...\n'))
+
+        scanResult = await scanDependencies(spdxLicense)
+        const hasConflicts = displayConflictReport(scanResult, spdxLicense)
+
+        if (hasConflicts && !options.force) {
+          // Block LICENSE creation due to conflicts
+          console.error(chalk.red('\n✗ LICENSE NOT created due to license conflicts.'))
+          console.log(chalk.yellow('\nFix conflicts or use --force to proceed anyway:'))
+          console.log(chalk.blue('  licenseguard init --fast --force --license ' + flags.license + '\n'))
+          process.exit(1)
+        }
+
+        if (hasConflicts && options.force) {
+          console.log(chalk.yellow('\n⚠️  Creating LICENSE despite conflicts (--force mode)\n'))
+        }
+      } catch (scanError) {
+        // If scanning fails (not process.exit), warn but don't block
+        if (scanError.message !== 'process.exit called') {
+          console.log(chalk.yellow(`\n⚠️  Dependency scanning failed: ${scanError.message}`))
+          console.log(chalk.yellow('Continuing with LICENSE creation...\n'))
+        } else {
+          // Re-throw process.exit errors
+          throw scanError
+        }
+      }
+    }
+
     // Generate license text
     const licenseContent = generateLicense(flags.license, owner, year, url)
 
     // Write LICENSE file directly (no prompt in fast mode)
     fs.writeFileSync('LICENSE', licenseContent, 'utf8')
 
-    // Write config file
-    writeConfig({
+    // Auto-save scan results in fast mode (Story 2.4: AC #1, #2)
+    // Default: YES for clean scans, NO for conflicts
+    const configData = {
       license: flags.license,
       owner: owner,
       year: year,
       url: url,
-    })
+    }
+
+    if (scanResult) {
+      const hasConflicts = scanResult.incompatible > 0
+      const shouldSave = !hasConflicts // Auto-save if clean
+
+      if (shouldSave) {
+        configData.scanResult = scanResult
+      }
+    }
+
+    // Write config file
+    writeConfig(configData)
+
+    // Feedback for scan result save
+    if (scanResult) {
+      const hasConflicts = scanResult.incompatible > 0
+      if (!hasConflicts) {
+        console.log(chalk.green('✓ Scan results saved to .licenseguardrc'))
+      } else {
+        console.log(chalk.gray('Scan results not saved (conflicts detected)'))
+      }
+    }
 
     // Success messages
     console.log(chalk.green('✓ LICENSE file created'))

package/lib/commands/init.js

@@ -3,8 +3,10 @@ const chalk = require('chalk')
 const { generateLicense } = require('../templates')
 const { writeLicenseFile, writeConfig } = require('../utils/file-ops')
 const { isGitRepo, initGitRepo, installHooks } = require('../utils/git-helpers')
+const { scanDependencies, displayConflictReport } = require('../scanner')
+const { toSPDX } = require('../utils/license-mapper')
 
-async function runInit() {
+async function runInit(options = {}) {
   try {
     console.log(chalk.blue('📜 LicenseGuard - Interactive License Setup\n'))
 
@@ -48,6 +50,40 @@ async function runInit() {
       },
     ])
 
+    // Scanner integration (Story 2.3)
+    let scanResult = null
+    if (!options.noscan) {
+      const spdxLicense = toSPDX(answers.license)
+
+      try {
+        console.log(chalk.blue('\n🔍 Scanning dependencies for license conflicts...\n'))
+
+        scanResult = await scanDependencies(spdxLicense)
+        const hasConflicts = displayConflictReport(scanResult, spdxLicense, { explain: options.explain })
+
+        if (hasConflicts && !options.force) {
+          // Block LICENSE creation due to conflicts
+          console.error(chalk.red('\n✗ LICENSE NOT created due to license conflicts.'))
+          console.log(chalk.yellow('\nFix conflicts or use --force to proceed anyway:'))
+          console.log(chalk.blue('  licenseguard init --force\n'))
+          process.exit(1)
+        }
+
+        if (hasConflicts && options.force) {
+          console.log(chalk.yellow('\n⚠️  Creating LICENSE despite conflicts (--force mode)\n'))
+        }
+      } catch (scanError) {
+        // If scanning fails (not process.exit), warn but don't block
+        if (scanError.message !== 'process.exit called') {
+          console.log(chalk.yellow(`\n⚠️  Dependency scanning failed: ${scanError.message}`))
+          console.log(chalk.yellow('Continuing with LICENSE creation...\n'))
+        } else {
+          // Re-throw process.exit errors
+          throw scanError
+        }
+      }
+    }
+
     // Generate license text
     const licenseContent = generateLicense(
       answers.license,
@@ -64,13 +100,47 @@ async function runInit() {
       process.exit(0)
     }
 
-    // Write config file
-    writeConfig({
+    // Prompt to save scan results (Story 2.4: AC #1, #2)
+    let saveScanResult = false
+    if (scanResult) {
+      // Determine default: YES for clean scans, NO for conflicts
+      const hasConflicts = scanResult.incompatible > 0
+      const defaultSave = !hasConflicts
+
+      const saveAnswer = await inquirer.prompt([
+        {
+          type: 'confirm',
+          name: 'saveScanResult',
+          message: 'Save scan results to .licenseguardrc?',
+          default: defaultSave,
+        },
+      ])
+
+      saveScanResult = saveAnswer.saveScanResult
+    }
+
+    // Write config file (Story 2.4: AC #3)
+    const configData = {
       license: answers.license,
       owner: answers.owner,
       year: answers.year,
       url: answers.url,
-    })
+    }
+
+    if (saveScanResult && scanResult) {
+      configData.scanResult = scanResult
+    }
+
+    writeConfig(configData)
+
+    // Feedback for scan result save choice
+    if (scanResult) {
+      if (saveScanResult) {
+        console.log(chalk.green('✓ Scan results saved to .licenseguardrc'))
+      } else {
+        console.log(chalk.gray('Scan results not saved'))
+      }
+    }
 
     // Success messages
     console.log(chalk.green('\n✓ LICENSE file created'))

package/lib/commands/scan.js

@@ -0,0 +1,121 @@
+/**
+ * Scan Command Handler
+ * Runs dependency scanning without modifying project files
+ */
+
+const chalk = require('chalk')
+const fs = require('fs')
+const path = require('path')
+const { scanDependencies, displayConflictReport } = require('../scanner')
+const { detectLicenseFromText } = require('../scanner/license-detector')
+
+/**
+ * Try to detect project license from local files
+ * @returns {string|null} Detected license or null
+ */
+function detectProjectLicense() {
+  // 1. Try .licenseguardrc
+  if (fs.existsSync('.licenseguardrc')) {
+    try {
+      const config = JSON.parse(fs.readFileSync('.licenseguardrc', 'utf8'))
+      if (config.license) return config.license
+    } catch (e) {
+      // Ignore config error
+    }
+  }
+
+  // 2. Try LICENSE file
+  const licenseFiles = ['LICENSE', 'LICENSE.txt', 'LICENSE.md', 'COPYING']
+  for (const file of licenseFiles) {
+    if (fs.existsSync(file)) {
+      const content = fs.readFileSync(file, 'utf8')
+      const detected = detectLicenseFromText(content)
+      if (detected && detected !== 'UNKNOWN') {
+        return detected
+      }
+    }
+  }
+
+  // 3. Try package managers (basic check)
+  if (fs.existsSync('package.json')) {
+    try {
+      const pkg = JSON.parse(fs.readFileSync('package.json', 'utf8'))
+      if (pkg.license) return pkg.license
+    } catch (e) {}
+  }
+
+  if (fs.existsSync('Cargo.toml')) {
+    // TODO: Parse Cargo.toml for license
+  }
+
+  return null
+}
+
+/**
+ * Run the scan command
+ * @param {Object} options - Command options
+ */
+async function runScan(options) {
+  // 1. Handle CWD
+  if (options.cwd) {
+    try {
+      process.chdir(options.cwd)
+    } catch (error) {
+      throw new Error(`Failed to change directory to ${options.cwd}: ${error.message}`)
+    }
+  }
+
+  console.log(chalk.blue(`📂 Scanning in: ${process.cwd()}`))
+
+  // 2. Determine Project License
+  let projectLicense = options.license
+
+  if (!projectLicense) {
+    projectLicense = detectProjectLicense()
+    if (projectLicense) {
+      console.log(chalk.blue(`ℹ️  Detected project license: ${projectLicense}`))
+    }
+  }
+
+  if (!projectLicense) {
+    throw new Error(
+      'Could not determine project license.\n' +
+      'Please create a LICENSE file, use "licenseguard init", or specify --license <type>'
+    )
+  }
+
+  // 3. Run Scan
+  console.log(chalk.gray('🔍 Scanning dependencies...'))
+  
+  try {
+    const results = await scanDependencies(projectLicense)
+
+    // 4. Display Report
+    const hasConflicts = displayConflictReport(results, projectLicense, {
+      explain: options.explain
+    })
+
+    // 5. Handle Exit Code
+    if (hasConflicts && !options.allow) {
+      console.log(chalk.red('\n❌ Scan failed: License conflicts detected.'))
+      process.exit(1)
+    } else if (hasConflicts && options.allow) {
+      console.log(chalk.yellow('\n⚠️  Scan passed (conflicts allowed via flag).'))
+    } 
+    
+    // Handle unknown licenses if fail-on-unknown flag is set
+    if (options.failOnUnknown && results.unknown > 0) {
+      console.log(chalk.red('\n❌ Scan failed: Unknown licenses detected (--fail-on-unknown).'))
+      process.exit(1)
+    }
+
+  } catch (error) {
+    // Check for specific plugin errors
+    if (error.message.includes('No supported package manager')) {
+      throw new Error('No supported package manager found (package.json, go.mod, Cargo.toml, etc.)')
+    }
+    throw error
+  }
+}
+
+module.exports = { runScan }