From 8b02daa94fcced8bd9cf306936fe2c17327172dc Mon Sep 17 00:00:00 2001 From: mo khan Date: Tue, 18 Feb 2020 10:07:33 -0700 Subject: Update license_finder to 6.0.0 --- Dockerfile | 2 +- Gemfile.lock | 4 ++-- license-management.gemspec | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0cda3fd..beb6ad3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM licensefinder/license_finder:5.11.1 +FROM licensefinder/license_finder:6.0.0 ENV PATH="${PATH}:/root/.asdf/shims:/root/.asdf/bin" ENV LM_HOME=/opt/license-management ENV LM_PYTHON_VERSION 3 diff --git a/Gemfile.lock b/Gemfile.lock index 02a54aa..efee511 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,7 +2,7 @@ PATH remote: . specs: license-management (2.4.3) - license_finder (~> 5.11) + license_finder (~> 6.0) net-hippie (~> 0.3) GEM @@ -13,7 +13,7 @@ GEM diff-lcs (1.3) json-schema (2.8.1) addressable (>= 2.4) - license_finder (5.11.1) + license_finder (6.0.0) bundler rubyzip (>= 1, < 3) thor diff --git a/license-management.gemspec b/license-management.gemspec index 60ab5e1..7fb7dcc 100644 --- a/license-management.gemspec +++ b/license-management.gemspec @@ -27,7 +27,7 @@ Gem::Specification.new do |spec| spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) } spec.require_paths = ['lib'] - spec.add_dependency 'license_finder', '~> 5.11' + spec.add_dependency 'license_finder', '~> 6.0' spec.add_dependency 'net-hippie', '~> 0.3' spec.add_development_dependency 'json-schema', '~> 2.8' spec.add_development_dependency 'rspec', '~> 3.9' -- cgit v1.2.3 From f2c615a310e7280c018e879836ded13f28c5c22b Mon Sep 17 00:00:00 2001 From: mo khan Date: Tue, 18 Feb 2020 10:43:27 -0700 Subject: AdoptOpenJDK installation step --- Dockerfile | 5 ----- 1 file changed, 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index beb6ad3..fdaf108 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,11 +3,6 @@ ENV PATH="${PATH}:/root/.asdf/shims:/root/.asdf/bin" ENV LM_HOME=/opt/license-management ENV LM_PYTHON_VERSION 3 ENV LM_REPORT_VERSION ${LM_REPORT_VERSION:-2} -RUN cd /tmp && \ - wget --quiet --no-cookies https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10/OpenJDK11U-jdk_x64_linux_hotspot_11.0.5_10.tar.gz -O jdk-11.tgz && \ - tar xf /tmp/jdk-11.tgz && \ - mv jdk-11.0.5+10 /usr/lib/jvm/adoptopen_jdk11 && \ - rm /tmp/jdk-11.tgz RUN npm install npm-install-peers # Don't let Rubygem fail with the numerous projects using PG or MySQL, -- cgit v1.2.3 From 90e68a0a0c6fa0a7df09a36b168c725faf58b6f9 Mon Sep 17 00:00:00 2001 From: mo khan Date: Tue, 18 Feb 2020 11:01:26 -0700 Subject: Revert Dockerfile change --- Dockerfile | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index fdaf108..0cda3fd 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,13 @@ -FROM licensefinder/license_finder:6.0.0 +FROM licensefinder/license_finder:5.11.1 ENV PATH="${PATH}:/root/.asdf/shims:/root/.asdf/bin" ENV LM_HOME=/opt/license-management ENV LM_PYTHON_VERSION 3 ENV LM_REPORT_VERSION ${LM_REPORT_VERSION:-2} +RUN cd /tmp && \ + wget --quiet --no-cookies https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10/OpenJDK11U-jdk_x64_linux_hotspot_11.0.5_10.tar.gz -O jdk-11.tgz && \ + tar xf /tmp/jdk-11.tgz && \ + mv jdk-11.0.5+10 /usr/lib/jvm/adoptopen_jdk11 && \ + rm /tmp/jdk-11.tgz RUN npm install npm-install-peers # Don't let Rubygem fail with the numerous projects using PG or MySQL, -- cgit v1.2.3 From 6b1bf9f28f36c3e28329cbcf232d976db9a81b71 Mon Sep 17 00:00:00 2001 From: mo khan Date: Tue, 18 Feb 2020 11:07:28 -0700 Subject: Remove Pipfile overrides --- Gemfile.lock | 2 -- lib/license/management.rb | 8 ----- lib/license/management/python/pipenv.rb | 64 --------------------------------- lib/license/management/python/pypi.rb | 44 ----------------------- license-management.gemspec | 1 - 5 files changed, 119 deletions(-) delete mode 100644 lib/license/management/python/pipenv.rb delete mode 100644 lib/license/management/python/pypi.rb diff --git a/Gemfile.lock b/Gemfile.lock index efee511..cd4592a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -3,7 +3,6 @@ PATH specs: license-management (2.4.3) license_finder (~> 6.0) - net-hippie (~> 0.3) GEM remote: https://rubygems.org/ @@ -20,7 +19,6 @@ GEM toml (= 0.2.0) with_env (= 1.1.0) xml-simple - net-hippie (0.3.2) parslet (1.8.2) public_suffix (4.0.3) rspec (3.9.0) diff --git a/lib/license/management.rb b/lib/license/management.rb index ebab5e2..8804c36 100644 --- a/lib/license/management.rb +++ b/lib/license/management.rb @@ -6,8 +6,6 @@ require 'json' require 'license_finder' require 'license/management/loggable' require 'license/management/verifiable' -require 'license/management/python/pipenv' -require 'license/management/python/pypi' require 'license/management/repository' require 'license/management/report' require 'license/management/version' @@ -15,12 +13,6 @@ require 'license/management/version' # This applies a monkey patch to the JsonReport found in the `license_finder` gem. LicenseFinder::JsonReport.prepend(License::Management::Report) -# This monkey patch can be removed once https://github.com/pivotal/LicenseFinder/pull/659 is released -LicenseFinder::Scanner.const_set( - :PACKAGE_MANAGERS, - LicenseFinder::Scanner::PACKAGE_MANAGERS + [License::Management::Pipenv] -) - # This monkey patch can be removed once we upgrade to license_finder 5.9.2. Details [here](https://gitlab.com/gitlab-org/gitlab/issues/13748#note_235810786). module LicenseFinder class Bundler < PackageManager diff --git a/lib/license/management/python/pipenv.rb b/lib/license/management/python/pipenv.rb deleted file mode 100644 index 482fd25..0000000 --- a/lib/license/management/python/pipenv.rb +++ /dev/null @@ -1,64 +0,0 @@ -# frozen_string_literal: true - -module License - module Management - class Pipenv < LicenseFinder::PackageManager - include Loggable - - def initialize(options = {}) - super - @lockfile = Pathname('Pipfile.lock') - end - - def current_packages - @current_packages ||= - begin - packages = {} - each_dependency(groups: allowed_groups) do |name, data, group| - version = canonicalize(data['version']) - package = packages.fetch(key_for(name, version)) do |key| - packages[key] = build_package_for(name, version) - end - package.groups << group - end - packages.values - end - end - - def possible_package_paths - project_path ? [project_path.join(@lockfile)] : [@lockfile] - end - - private - - def each_dependency(groups: []) - dependencies = JSON.parse(IO.read(detected_package_path)) - groups.each do |group| - dependencies[group].each do |name, data| - yield name, data, group - end - end - end - - def canonicalize(version) - version.sub(/^==/, '') - end - - def build_package_for(name, version) - LicenseFinder::PipPackage.new(name, version, PyPI.definition(name, version)) - end - - def key_for(name, version) - "#{name}-#{version}" - end - - def allowed_groups - %w[default develop] - ignored_groups - end - - def ignored_groups - @ignored_groups.to_a || [] - end - end - end -end diff --git a/lib/license/management/python/pypi.rb b/lib/license/management/python/pypi.rb deleted file mode 100644 index 0397532..0000000 --- a/lib/license/management/python/pypi.rb +++ /dev/null @@ -1,44 +0,0 @@ -# frozen_string_literal: true - -require 'net/hippie' - -module License - module Management - class PyPI - include Loggable - - def initialize(http) - @http = http - end - - def definition_for(name, version) - uri = "https://pypi.org/pypi/#{name}/#{version}/json" - process(@http.with_retry { |client| client.get(uri) }).tap do |definition| - log_info([name, version, definition["license"]].inspect) - end - rescue *Net::Hippie::CONNECTION_ERRORS - {} - end - - class << self - def definition(name, version) - @pypi ||= new(License::Management.http) - @pypi.definition_for(name, version) - end - end - - private - - def process(response) - return JSON.parse(response.body).fetch('info', {}) if ok?(response) - - log_error([response.class, response.code, response.body].inspect) - {} - end - - def ok?(response) - response.is_a?(Net::HTTPSuccess) - end - end - end -end diff --git a/license-management.gemspec b/license-management.gemspec index 7fb7dcc..9acbcaf 100644 --- a/license-management.gemspec +++ b/license-management.gemspec @@ -28,7 +28,6 @@ Gem::Specification.new do |spec| spec.require_paths = ['lib'] spec.add_dependency 'license_finder', '~> 6.0' - spec.add_dependency 'net-hippie', '~> 0.3' spec.add_development_dependency 'json-schema', '~> 2.8' spec.add_development_dependency 'rspec', '~> 3.9' end -- cgit v1.2.3 From effde26ffbf6c94742aa5e99f98ee3d4f7cc12cd Mon Sep 17 00:00:00 2001 From: mo khan Date: Tue, 18 Feb 2020 13:23:29 -0700 Subject: Remove temporary monkey patch needed before the 5.9.2 upgrade --- lib/license/management.rb | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/lib/license/management.rb b/lib/license/management.rb index 8804c36..37fe1a0 100644 --- a/lib/license/management.rb +++ b/lib/license/management.rb @@ -13,20 +13,6 @@ require 'license/management/version' # This applies a monkey patch to the JsonReport found in the `license_finder` gem. LicenseFinder::JsonReport.prepend(License::Management::Report) -# This monkey patch can be removed once we upgrade to license_finder 5.9.2. Details [here](https://gitlab.com/gitlab-org/gitlab/issues/13748#note_235810786). -module LicenseFinder - class Bundler < PackageManager - def definition - @definition ||= - begin - Dir.chdir(project_path.to_s) do - ::Bundler::Definition.build(detected_package_path, lockfile_path, nil) - end - end - end - end -end - module License module Management def self.root -- cgit v1.2.3 From 7352e16643fed6ed96d5f63476efd4b4bce71c5f Mon Sep 17 00:00:00 2001 From: mo khan Date: Tue, 18 Feb 2020 13:29:26 -0700 Subject: Add CHANGELOG entry --- CHANGELOG.md | 4 ++++ Gemfile.lock | 2 +- lib/license/management/version.rb | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b2b8f7a..a17c714 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # GitLab License management changelog +## v2.5.0 + +- Upgrade [LicenseFinder](https://github.com/pivotal/LicenseFinder/releases/tag/v6.0.0) to version `6.0.0` (!112) + ## v2.4.3 - Add support for `gradlew` (!109) diff --git a/Gemfile.lock b/Gemfile.lock index cd4592a..39c1142 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - license-management (2.4.3) + license-management (2.5.0) license_finder (~> 6.0) GEM diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb index 7c4b598..69fb69d 100644 --- a/lib/license/management/version.rb +++ b/lib/license/management/version.rb @@ -2,6 +2,6 @@ module License module Management - VERSION = '2.4.3' + VERSION = '2.5.0' end end -- cgit v1.2.3