diff options
| author | mo khan <mo.khan@gmail.com> | 2020-04-02 15:11:12 +0000 |
|---|---|---|
| committer | mo khan <mo.khan@gmail.com> | 2020-04-02 15:11:12 +0000 |
| commit | 2d200e2bcecb91eadc5ee211f5bb65aafa645054 (patch) | |
| tree | 9749333a7c8878b833b4642afe3071cf1c14012c | |
| parent | 43bcbbd04342faa497725c5b0be3c6d944d850da (diff) | |
| parent | bfd7459419921ff37ee500f0698862eea6788675 (diff) | |
Merge branch '10128-go-modules' into 'master'v3.5.0
Improve license detection in go modules projects
See merge request gitlab-org/security-products/license-management!129
25 files changed, 355 insertions, 65 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index ff5f1ed..7d99ae4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ # GitLab License management changelog +## v3.5.0 + +- Improve license detection in go modules projects. (!129) +- Update gradle to version `6.3`. (!129) +- Update nodejs to version `10.19.0`. (!129) +- Update php to version `7.4.4`. (!129) +- Update python to version `3.8.2`. (!129) + ## v3.4.0 - Scan pipenv projects with [pip-licenses](https://pypi.org/project/pip-licenses/). (!130) diff --git a/Gemfile.lock b/Gemfile.lock index f4f4afa..6f28618 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - license-management (3.4.0) + license-management (3.5.0) license_finder (~> 6.0.0) spandx (~> 0.1) diff --git a/config/.bashrc b/config/.bashrc index e883436..288d919 100644 --- a/config/.bashrc +++ b/config/.bashrc @@ -6,7 +6,6 @@ function inflate() { local file=$1 local to_dir=$2 if [ -f "$file" ]; then - echo "Inflating $file in $to_dir" tar --use-compress-program zstd -xf "$file" -C "$to_dir" rm "$file" fi diff --git a/config/.tool-versions b/config/.tool-versions index a012517..92ddb32 100644 --- a/config/.tool-versions +++ b/config/.tool-versions @@ -1,11 +1,11 @@ elixir system golang system -gradle 6.2 +gradle 6.3 java adopt-openjdk-8u242-b08 adopt-openjdk-11.0.6+10 maven 3.6.3 -nodejs 10.18.0 -php 7.4.3 -python 3.8.1 2.7.17 +nodejs 10.19.0 +php 7.4.4 +python 3.8.2 2.7.17 ruby 2.6.5 rust system sbt 1.3.8 diff --git a/config/install.sh b/config/install.sh index f015620..2fa313c 100644 --- a/config/install.sh +++ b/config/install.sh @@ -62,6 +62,7 @@ apt-get install -y --no-install-recommends \ rebar \ rustc \ software-properties-common \ + sudo \ tk-dev \ unixodbc-dev \ unzip \ diff --git a/lib/license/finder/ext.rb b/lib/license/finder/ext.rb index fffa1c7..24afd37 100644 --- a/lib/license/finder/ext.rb +++ b/lib/license/finder/ext.rb @@ -1,5 +1,6 @@ # frozen_string_literal: true +require 'license/finder/ext/go_modules' require 'license/finder/ext/license' require 'license/finder/ext/maven' require 'license/finder/ext/nuget' diff --git a/lib/license/finder/ext/go_modules.rb b/lib/license/finder/ext/go_modules.rb new file mode 100644 index 0000000..2ef3aa2 --- /dev/null +++ b/lib/license/finder/ext/go_modules.rb @@ -0,0 +1,36 @@ +module LicenseFinder + class GoModules + def prepare + shell.execute([:go, :mod, :tidy, '-v', '&&', :go, :mod, :vendor, '-v']) + end + + def active? + Dir[project_path.join('go.sum')].any? + end + + def current_packages + stdout, _stderr, status = shell.execute([ + :go, :list, '-m', '-mod=vendor', + '-f', "'{{.Path}},{{.Version}},{{.Dir}}'", :all + ]) + return [] unless status.success? + + stdout.lines.map do |line| + name, version, dir = line.chomp.split(',') + next if Pathname(dir).cleanpath == absolute_project_path + + Package.new(name, version, install_path: dir) + end.compact + end + + private + + def shell + @shell ||= ::License::Management::Shell.new + end + + def absolute_project_path + @absolute_project_path ||= Pathname(project_path).cleanpath + end + end +end diff --git a/lib/license/finder/ext/pip.rb b/lib/license/finder/ext/pip.rb index b57d7c8..a55dba7 100644 --- a/lib/license/finder/ext/pip.rb +++ b/lib/license/finder/ext/pip.rb @@ -66,7 +66,7 @@ module LicenseFinder end def legacy_results - pip_output.map do |name, version, children, location| + pip_output.map do |name, version, _children, _location| spec = pypi.definition_for(name, version) Package.new( name, diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb index cee6d57..8440136 100644 --- a/lib/license/management/version.rb +++ b/lib/license/management/version.rb @@ -2,6 +2,6 @@ module License module Management - VERSION = '3.4.0' + VERSION = '3.5.0' end end @@ -9,6 +9,8 @@ export BUNDLE_WITHOUT="development:test" export CI_API_V4_URL="${CI_API_V4_URL:-https://gitlab.com/api/v4}" export CI_DEBUG_TRACE=${CI_DEBUG_TRACE:='false'} export DOTNET_CLI_TELEMETRY_OPTOUT=1 +export GO111MODULE=on +export GOPATH=${HOME}/.local export HISTFILESIZE=0 export HISTSIZE=0 export LANG=C.UTF-8 @@ -61,18 +63,6 @@ function prepare_javascript() { fi } -function prepare_golang() { - if find . -name "*.go" -printf "found" -quit | grep found > /dev/null; then - if [[ ( ! -f glide.lock ) && ( ! -f vendor/manifest ) && (! -f Gopkg.lock ) && (! -f go.mod ) ]]; then - # Only install deps if not using glide, govendor or dep - # Symlink the project into GOPATH to allow fetching dependencies. - ln -sf "$(realpath "$PWD")" /gopath/src/app - pushd /gopath/src/app > /dev/null - go get || true - fi - fi -} - function prepare_java() { [[ -f build.gradle ]] && [[ ! -f gradlew ]] && \ gradle build ${GRADLE_CLI_OPTS:+-x test} @@ -87,7 +77,6 @@ function prepare_project() { asdf install 1> /dev/null prepare_javascript || true - prepare_golang || true prepare_java || true prepare_dotnet || true else diff --git a/spec/fixtures/go/go.mod b/spec/fixtures/go/go.mod new file mode 100644 index 0000000..4733ed8 --- /dev/null +++ b/spec/fixtures/go/go.mod @@ -0,0 +1,12 @@ +module example + +go 1.12 + +require ( + github.com/dimfeld/httptreemux/v5 v5.0.2 + github.com/go-kit/kit v0.9.0 + github.com/go-logfmt/logfmt v0.5.0 + github.com/google/uuid v1.1.1 + github.com/stretchr/testify v1.4.0 + golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d +) diff --git a/spec/fixtures/go/go.sum b/spec/fixtures/go/go.sum new file mode 100644 index 0000000..8fc291d --- /dev/null +++ b/spec/fixtures/go/go.sum @@ -0,0 +1,158 @@ +cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= +github.com/DATA-DOG/go-sqlmock v1.2.0/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= +github.com/DATA-DOG/go-sqlmock v1.4.1 h1:ThlnYciV1iM/V0OSF/dtkqWb6xo5qITT1TJBG1MRDJM= +github.com/DATA-DOG/go-sqlmock v1.4.1/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= +github.com/DataDog/datadog-go v3.1.0+incompatible h1:pWtiFe/oFu7z0Of01jhH8QLhbF8zAA96rZaK6KM1Fog= +github.com/DataDog/datadog-go v3.1.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= +github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= +github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= +github.com/aws/aws-sdk-go v1.17.12/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= +github.com/aws/aws-sdk-go v1.29.8 h1:Kma1ikL7MHs/XH5Q4Aqj53AAhgttW6UFykc8Qj16HGo= +github.com/aws/aws-sdk-go v1.29.8/go.mod h1:1KvfttTE3SPKMpo8g2c6jL3ZKfXtFvKscTgahTma5Xg= +github.com/aws/aws-xray-sdk-go v1.0.0-rc.14 h1:cxRNHoaVNiGhCddLe7A20nVFJsoWhs1jADm/1M97Ytw= +github.com/aws/aws-xray-sdk-go v1.0.0-rc.14/go.mod h1:NCf+n91lACeo8klrI7RsKqDaAEXt321d/cfaJk4YuDM= +github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= +github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= +github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= +github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/cespare/xxhash/v2 v2.1.0 h1:yTUvW7Vhb89inJ+8irsUqiWjh8iT6sQPZiQzI6ReGkA= +github.com/cespare/xxhash/v2 v2.1.0/go.mod h1:dgIUBU3pDso/gPgZ1osOZ0iQf77oPR28Tjxl5dIMyVM= +github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd h1:qMd81Ts1T2OTKmB4acZcyKaMtRnY5Y44NuXGX2GFJ1w= +github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI= +github.com/davecgh/go-spew v0.0.0-20160907170601-6d212800a42e/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dghubble/oauth1 v0.6.0/go.mod h1:8pFdfPkv/jr8mkChVbNVuJ0suiHe278BtWI4Tk1ujxk= +github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= +github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/dimfeld/httptreemux/v5 v5.0.2 h1:q+c+zKVpQocXT2OGa7dsXCX9wdeDq2TO5INqqDfKRLE= +github.com/dimfeld/httptreemux/v5 v5.0.2/go.mod h1:QeEylH57C0v3VO0tkKraVz9oD3Uu93CKPnTLbsidvSw= +github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-kit/kit v0.9.0 h1:wDJmvq38kDhkVxi50ni9ykkdUr1PKgqKOoi01fa0Mdk= +github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= +github.com/go-kit/kit v0.10.0 h1:dXFJfIHVvUcpSgDOV+Ne6t7jXri8Tfv2uOLHUZ2XNuo= +github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= +github.com/go-logfmt/logfmt v0.4.0 h1:MP4Eh7ZCb31lleYCFuwm0oe4/YGak+5l1vA2NOE80nA= +github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= +github.com/go-logfmt/logfmt v0.5.0 h1:TrB8swr/68K7m9CcGut2g3UOihhbcbiMAYiuTXdEih4= +github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= +github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= +github.com/go-stack/stack v1.8.0 h1:5SgMzNM5HxrEjV0ww2lTmX6E2Izsfxas4+YHWRs3Lsk= +github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= +github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= +github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs= +github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.3.3 h1:gyjaxf+svBWX08ZjK86iN9geUJF0H6gp2IRKX6Nf6/I= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= +github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY= +github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= +github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af h1:pmfjZENx5imkbgOkpRUYLnmbU7UEFbjtDA2hxJ1ichM= +github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= +github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= +github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= +github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515 h1:T+h1c/A9Gawja4Y9mFVWj2vyii2bbUNDw3kt9VxK2EY= +github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= +github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= +github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/lestrrat-go/jwx v0.9.0 h1:Fnd0EWzTm0kFrBPzE/PEPp9nzllES5buMkksPMjEKpM= +github.com/lestrrat-go/jwx v0.9.0/go.mod h1:iEoxlYfZjvoGpuWwxUz+eR5e6KTJGsaRcy/YNA/UnBk= +github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= +github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= +github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= +github.com/opentracing/opentracing-go v1.1.0 h1:pWlfV3Bxv7k65HYwkikxat0+s3pV4bsqf19k25Ur8rU= +github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= +github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= +github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= +github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= +github.com/prometheus/client_golang v1.2.1 h1:JnMpQc6ppsNgw9QPAGF6Dod479itz7lvlsMzzNayLOI= +github.com/prometheus/client_golang v1.2.1/go.mod h1:XMU6Z2MjaRKVu/dC1qupJI9SiNkDYzz3xecMgSW/F+U= +github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4 h1:gQz4mCbXsO+nc9n1hCxHcGA3Zx3Eo+UHZoInFGUIXNM= +github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= +github.com/prometheus/common v0.7.0 h1:L+1lyG48J1zAQXA3RBX/nG/B3gjlHq0zTt2tlbJLyCY= +github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA= +github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= +github.com/prometheus/procfs v0.0.5 h1:3+auTFlqw+ZaQYJARz6ArODtkaIwtvBTx3N2NehQlL8= +github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= +github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= +github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= +github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.1.1 h1:2vfRuCMp5sSVIDSqO8oNnWJq7mPa6KVP3iPIwFBuy8A= +github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.1.4/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/uber/jaeger-client-go v2.22.1+incompatible h1:NHcubEkVbahf9t3p75TOCR83gdUHXjRJvjoBh1yACsM= +github.com/uber/jaeger-client-go v2.22.1+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk= +github.com/uber/jaeger-lib v2.2.0+incompatible h1:MxZXOiR2JuoANZ3J6DE/U0kSFv/eJ/GfSYVCjK7dyaw= +github.com/uber/jaeger-lib v2.2.0+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U= +go.uber.org/atomic v1.4.0 h1:cxzIVoETapQEqDhQu3QfnvXAV4AlzcvUCxkVUFw3+EU= +go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= +go.uber.org/multierr v1.2.0 h1:6I+W7f5VwC5SV9dNrZ3qXrDB9mD0dyGOi/ZJmYw03T4= +go.uber.org/multierr v1.2.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= +go.uber.org/zap v1.11.0 h1:gSmpCfs+R47a4yQPAI4xJ0IPDLTRGXskm6UelqNXpqE= +go.uber.org/zap v1.11.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= +golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e h1:bRhVy7zSSasaqNksaRZiA5EEI+Ei4I1nO5Jh72wfHlg= +golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= +golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190613194153-d28f0bde5980 h1:dfGZHvZk057jK2MCeWus/TowKpJ8y4AmooUzdBSR9GU= +golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2 h1:CCH4IOTTfewWjGOlSp+zGcjutRKlBEZQ6wTn8ozI/nI= +golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d h1:TzXSXBo42m9gQenoE3b9BGiEpg5IG2JkU5FkPIawgtw= +golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191010194322-b09406accb47 h1:/XfQ9z7ib8eEJX2hdgFTZJ/ntt0swNk5oYBziWeTCvY= +golang.org/x/sys v0.0.0-20191010194322-b09406accb47/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= +gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= +gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/spec/fixtures/go/main.go b/spec/fixtures/go/main.go new file mode 100644 index 0000000..3d0aef4 --- /dev/null +++ b/spec/fixtures/go/main.go @@ -0,0 +1,13 @@ +package main + +import "fmt" +import "github.com/dimfeld/httptreemux/v5" +import "github.com/go-kit/kit" +import "github.com/go-logfmt/logfmt" +import "github.com/google/uuid" +import "github.com/stretchr/testify" +import "golang.org/x/oauth2" + +func main() { + fmt.Println("vim-go") +} diff --git a/spec/integration/dotnet/examples_spec.rb b/spec/integration/dotnet/examples_spec.rb index 87459ee..13f4712 100644 --- a/spec/integration/dotnet/examples_spec.rb +++ b/spec/integration/dotnet/examples_spec.rb @@ -5,7 +5,6 @@ RSpec.describe ".NET Core" do runner.clone('https://github.com/microsoft/RockPaperScissorsLizardSpock.git') report = runner.scan(env: { 'LICENSE_FINDER_CLI_OPTS' => '--recursive' }) - expect(report).not_to be_empty expect(report).to match_schema(version: '2.0') expect(report[:licenses].count).not_to be_zero expect(report[:dependencies].count).not_to be_zero diff --git a/spec/integration/dotnet/nuget_spec.rb b/spec/integration/dotnet/nuget_spec.rb index 0efbcf0..6eeb261 100644 --- a/spec/integration/dotnet/nuget_spec.rb +++ b/spec/integration/dotnet/nuget_spec.rb @@ -26,10 +26,9 @@ RSpec.describe "nuget" do runner.add_file('packages.config', packages_config) report = runner.scan - expect(report).not_to be_empty expect(report).to match_schema(version: '2.0') expect(report[:licenses].count).not_to be_zero - expect(report[:dependencies].map { |x| x[:name] }).to match_array([ + expect(report.dependency_names).to match_array([ "Microsoft.CodeDom.Providers.DotNetCompilerPlatform", "Microsoft.Net.Compilers", "Microsoft.Web.Infrastructure", @@ -68,10 +67,9 @@ RSpec.describe "nuget" do runner.add_file('winforms/packages.config', winforms_packages) report = runner.scan(env: { 'LICENSE_FINDER_CLI_OPTS' => '--recursive' }) - expect(report).not_to be_empty expect(report).to match_schema(version: '2.0') - expect(find_in(report, 'jive')[:licenses]).to match_array(['MIT']) - expect(find_in(report, 'MvcMailer')[:licenses]).to match_array(['MIT']) + expect(report.licenses_for('jive')).to match_array(['MIT']) + expect(report.licenses_for('MvcMailer')).to match_array(['MIT']) end end @@ -89,11 +87,10 @@ RSpec.describe "nuget" do runner.add_file('packages.config', packages) report = runner.scan - expect(report).not_to be_empty expect(report).to match_schema(version: '2.0') expect(report[:licenses].count).not_to be_zero expect(report[:licenses].map { |x| x[:id] }.uniq).to match_array(['LGPL-2.1', 'Apache-2.0', 'BSD-3-Clause']) - expect(report[:dependencies].map { |x| x[:name] }).to match_array([ + expect(report.dependency_names).to match_array([ 'Iesi.Collections', 'Remotion.Linq', 'Remotion.Linq.EagerFetching', diff --git a/spec/integration/go/modules_spec.rb b/spec/integration/go/modules_spec.rb index ebe0359..143d8ea 100644 --- a/spec/integration/go/modules_spec.rb +++ b/spec/integration/go/modules_spec.rb @@ -2,4 +2,52 @@ require 'spec_helper' RSpec.describe "modules" do include_examples "each report version", "go", "modules" + + context "when scanning a customers go.mod and go.sum files" do + let(:report) { runner.scan } + + before do + runner.add_file('main.go', fixture_file_content('go/main.go')) + runner.add_file('go.mod', fixture_file_content('go/go.mod')) + runner.add_file('go.sum', fixture_file_content('go/go.sum')) + end + + specify { expect(report).to match_schema(version: '2.0') } + specify { expect(report[:licenses]).not_to be_empty } + + specify do + expect(report.dependency_names).to match_array([ + "github.com/davecgh/go-spew", + "github.com/dimfeld/httptreemux/v5", + "github.com/go-logfmt/logfmt", + "github.com/golang/protobuf", + "github.com/google/uuid", + "github.com/pmezard/go-difflib", + "github.com/stretchr/objx", + "golang.org/x/net", + "golang.org/x/oauth2", + "google.golang.org/appengine", + "gopkg.in/yaml.v2", + 'github.com/stretchr/testify' + ]) + end + + specify { expect(report.licenses_for('github.com/dimfeld/httptreemux/v5')).to match_array(['MIT']) } + specify { expect(report.licenses_for('github.com/go-logfmt/logfmt')).to match_array(['MIT']) } + specify { expect(report.licenses_for('github.com/google/uuid')).to match_array(['BSD-3-Clause']) } + specify { expect(report.licenses_for('github.com/stretchr/testify')).to match_array(['MIT']) } + specify { expect(report.licenses_for('golang.org/x/oauth2')).to match_array(['BSD-3-Clause']) } + end + + context "when scanning the `gitaly` project" do + let(:report) { runner.scan } + + before do + runner.clone('https://gitlab.com/gitlab-org/gitaly.git') + end + + specify { expect(report).to match_schema(version: '2.0') } + specify { expect(report[:licenses]).not_to be_empty } + specify { expect(report[:dependencies]).not_to be_empty } + end end diff --git a/spec/integration/java/gradle_spec.rb b/spec/integration/java/gradle_spec.rb index 7a510ac..1b566bb 100644 --- a/spec/integration/java/gradle_spec.rb +++ b/spec/integration/java/gradle_spec.rb @@ -34,7 +34,6 @@ plugins { end it 'is able to detect licenses' do - expect(result).not_to be_empty expect(result).to match_schema(version: '2.0') expect(result[:licenses]).not_to be_empty @@ -45,7 +44,7 @@ plugins { { name: 'sitemesh', licenses: ['Apache-1.1'] }, { name: 'hibernate-jpa-2.1-api', licenses: ['BSD-3-Clause', 'EPL-1.0'] } ].each do |dependency| - expect(find_in(result, dependency[:name])[:licenses]).to match_array(dependency[:licenses]) + expect(result.licenses_for(dependency[:name])).to match_array(dependency[:licenses]) end end end diff --git a/spec/integration/java/maven_spec.rb b/spec/integration/java/maven_spec.rb index 176cb6e..92444e8 100644 --- a/spec/integration/java/maven_spec.rb +++ b/spec/integration/java/maven_spec.rb @@ -72,10 +72,10 @@ RSpec.describe "maven" do { name: "netty-all", licenses: ["Apache-2.0"] }, { name: "stax2-api", licenses: ["BSD-4-Clause"] } ].each do |dependency| - expect(find_in(report, dependency[:name])[:licenses]).to match_array(dependency[:licenses]) + expect(report.licenses_for(dependency[:name])).to match_array(dependency[:licenses]) end - expect(report[:dependencies].map { |x| x[:name] }).not_to include('junit') + expect(report.dependency_names).not_to include('junit') end end end diff --git a/spec/integration/php/composer_spec.rb b/spec/integration/php/composer_spec.rb index 1419dd4..62ff598 100644 --- a/spec/integration/php/composer_spec.rb +++ b/spec/integration/php/composer_spec.rb @@ -9,10 +9,11 @@ RSpec.describe "composer" do runner.add_file('composer.json', fixture_file_content('php/drupal_composer.json')) report = runner.scan + expect(report).to match_schema(version: '2.0') expect(report[:version]).not_to be_empty expect(report[:licenses]).not_to be_empty - expect(report[:dependencies].map { |x| x[:name] }).to match_array(%w[ + expect(report.dependency_names).to match_array(%w[ asm89/stack-cors behat/mink behat/mink-browserkit-driver diff --git a/spec/integration/python/pip_spec.rb b/spec/integration/python/pip_spec.rb index d22121b..2183dd1 100644 --- a/spec/integration/python/pip_spec.rb +++ b/spec/integration/python/pip_spec.rb @@ -9,11 +9,10 @@ RSpec.describe "pip" do report = runner.scan - expect(report).not_to be_empty expect(report).to match_schema(version: '2.0') expect(report[:version]).to start_with('2') - expect(report[:dependencies].map { |x| x[:name] }).to include("sentry-sdk") - expect(find_in(report, 'sentry-sdk')[:licenses]).to match_array(["BSD-4-Clause"]) + expect(report.dependency_names).to include("sentry-sdk") + expect(report.licenses_for('sentry-sdk')).to match_array(["BSD-4-Clause"]) end end @@ -39,7 +38,6 @@ RSpec.describe "pip" do report = runner.scan - expect(report).not_to be_empty expect(report).to match_schema(version: '2.0') expect(report[:version]).to start_with('2') expect(report[:licenses]).not_to be_empty @@ -60,7 +58,7 @@ RSpec.describe "pip" do runner.clone(url, branch: python[:commit]) report = runner.scan(env: environment) - expect(JSON.pretty_generate(report)).to eq(expected_content) + expect(JSON.pretty_generate(report.to_h)).to eq(expected_content) expect(report).to match_schema(version: report_version) end end @@ -74,7 +72,7 @@ RSpec.describe "pip" do expect(report).to match_schema(version: '2.0') expect(report[:dependencies]).not_to be_empty - expect(find_in(report, 'boto3')[:licenses]).to match_array(['Apache-2.0']) + expect(report.licenses_for('boto3')).to match_array(['Apache-2.0']) end it 'detects licenses in a more complicated `setup.py`' do @@ -83,7 +81,7 @@ RSpec.describe "pip" do expect(report).to match_schema(version: '2.0') expect(report[:dependencies]).not_to be_empty - expect(find_in(report, 'peppercorn')[:licenses]).to match_array(['BSD-2-Clause']) + expect(report.licenses_for('peppercorn')).to match_array(['BSD-2-Clause']) end end @@ -96,7 +94,7 @@ RSpec.describe "pip" do report = runner.scan(env: { 'PIP_INDEX_URL' => 'https://test.pypi.org/simple/' }) expect(report).to match_schema(version: '2.0') - expect(find_in(report, 'six')[:licenses]).to match_array(["MIT"]) + expect(report.licenses_for('six')).to match_array(["MIT"]) end end @@ -109,8 +107,8 @@ RSpec.describe "pip" do report = runner.scan(env: { 'SETUP_CMD' => 'pip install -r requirements.txt' }) expect(report).to match_schema(version: '2.0') - expect(find_in(report, 'six')[:licenses]).to match_array(["MIT"]) - expect(report[:dependencies].map { |x| x[:name] }).to contain_exactly('six') + expect(report.licenses_for('six')).to match_array(["MIT"]) + expect(report.dependency_names).to contain_exactly('six') end end diff --git a/spec/integration/python/pipenv_spec.rb b/spec/integration/python/pipenv_spec.rb index 983ea8b..410d3c7 100644 --- a/spec/integration/python/pipenv_spec.rb +++ b/spec/integration/python/pipenv_spec.rb @@ -24,11 +24,10 @@ RSpec.describe "pipenv" do report = runner.scan - expect(report).not_to be_empty expect(report).to match_schema(version: '2.0') expect(report[:version]).not_to be_empty expect(report[:licenses]).not_to be_empty - expect(report[:dependencies].map { |x| x[:name] }).to contain_exactly("six") + expect(report.dependency_names).to contain_exactly("six") end end @@ -71,10 +70,9 @@ RSpec.describe "pipenv" do report = runner.scan expect(report).to match_schema(version: '2.0') - expect(report).not_to be_empty expect(report[:version]).not_to be_empty expect(report[:licenses]).not_to be_empty - expect(report[:dependencies].map { |x| x[:name] }).to match_array([ + expect(report.dependency_names).to match_array([ "backports.shutil_get_terminal_size", "click", "colorama", @@ -132,10 +130,9 @@ RSpec.describe "pipenv" do report = runner.scan expect(report).to match_schema(version: '2.0') - expect(report).not_to be_empty expect(report[:version]).not_to be_empty expect(report[:licenses]).not_to be_empty - expect(report[:dependencies].map { |x| x[:name] }).to match_array(%w[ + expect(report.dependency_names).to match_array(%w[ certifi chardet idna @@ -171,7 +168,7 @@ RSpec.describe "pipenv" do expect(report).to match_schema(version: '2.0') expect(report[:licenses]).not_to be_empty expect(report[:dependencies].count).to be(1) - expect(find_in(report, 'six')).not_to be_nil + expect(report.find('six')).not_to be_nil end end @@ -192,13 +189,13 @@ RSpec.describe "pipenv" do it 'includes dependencies in the default group' do lockfile_hash['default'].keys.each do |key| - expect(find_in(report, key)).not_to be_nil + expect(report.find(key)).not_to be_nil end end it 'excludes dependencies in the development group' do lockfile_hash['develop'].keys.each do |key| - expect(find_in(report, key)).to be_nil + expect(report.find(key)).to be_nil end end end diff --git a/spec/integration/ruby/bundler_spec.rb b/spec/integration/ruby/bundler_spec.rb index f2f2873..5236adf 100644 --- a/spec/integration/ruby/bundler_spec.rb +++ b/spec/integration/ruby/bundler_spec.rb @@ -82,10 +82,10 @@ BUNDLED WITH end report = runner.scan - expect(report).not_to be_empty + expect(report).to match_schema(version: '2.0') expect(report[:licenses]).not_to be_empty - expect(report[:dependencies].map { |x| x[:name] }).to include("saml-kit") + expect(report.dependency_names).to include("saml-kit") end end @@ -117,9 +117,10 @@ BUNDLED WITH end report = runner.scan + expect(report).to match_schema(version: '2.0') expect(report[:licenses]).not_to be_empty - expect(find_in(report, 'net-hippie')).to eql({ + expect(report.find('net-hippie')).to eql({ name: 'net-hippie', description: "net/http for hippies. ☮️", url: "https://github.com/mokhan/net-hippie/", diff --git a/spec/support/integration_test_helper.rb b/spec/support/integration_test_helper.rb index c4c0d88..bcc5c1f 100644 --- a/spec/support/integration_test_helper.rb +++ b/spec/support/integration_test_helper.rb @@ -1,4 +1,42 @@ module IntegrationTestHelper + class Report + attr_reader :report + + def initialize(raw) + @report = JSON.parse(raw, symbolize_names: true) + end + + def [](key) + report[key] + end + + def dependency_names + report[:dependencies].map { |x| x[:name] } + end + + def licenses_for(name) + find(name)[:licenses] + end + + def find(name) + report[:dependencies].find do |dependency| + dependency[:name] == name + end + end + + def nil? + report.nil? + end + + def to_hash + to_h + end + + def to_h + report + end + end + class IntegrationTestRunner attr_reader :project_path @@ -30,7 +68,7 @@ module IntegrationTestHelper report_path = "#{project_path}/gl-license-management-report.json" return {} unless File.exist?(report_path) - JSON.parse(IO.read(report_path), symbolize_names: true) + Report.new(IO.read(report_path)) end def execute(env = {}, *args) @@ -47,10 +85,4 @@ module IntegrationTestHelper def runner(*args) @runner ||= IntegrationTestRunner.new(*args) end - - def find_in(report, name) - report[:dependencies].find do |dependency| - dependency[:name] == name - end - end end diff --git a/spec/support/matchers.rb b/spec/support/matchers.rb index 595cd17..66bb92c 100644 --- a/spec/support/matchers.rb +++ b/spec/support/matchers.rb @@ -2,8 +2,9 @@ RSpec::Matchers.define :match_schema do |version: '2.0'| def schema_for(version) License::Management.root.join("spec/fixtures/schema/v#{version}.json").to_s end + match do |actual| - !actual.nil? && (@errors = JSON::Validator.fully_validate(schema_for(version), actual)).empty? + !actual.nil? && (@errors = JSON::Validator.fully_validate(schema_for(version), actual.to_h)).empty? end failure_message do |response| diff --git a/spec/support/shared.rb b/spec/support/shared.rb index ba3d3cc..51b161a 100644 --- a/spec/support/shared.rb +++ b/spec/support/shared.rb @@ -11,7 +11,7 @@ RSpec.shared_examples "each report version" do |language, package_manager, branc it 'matches the expected report' do actual = runner.scan(env: { 'LM_REPORT_VERSION' => version }) - expect(JSON.pretty_generate(actual)).to eq(JSON.pretty_generate(expected_content)) + expect(JSON.pretty_generate(actual.to_h)).to eq(JSON.pretty_generate(expected_content)) expect(actual).to match_schema(version: version) end end |