Merge branch 'js-names' into 'master'

This maps the hard-coded license names to spdx ids

See merge request gitlab-org/security-products/license-management!67

13 files changed, 134 insertions, 6 deletions

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 473d74e..2b175ee 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -49,6 +49,13 @@ container_scanning:
       - results/
     when: always
 
+unit:
+  stage: test
+  script:
+    - gem install bundler -v '~> 2.0'
+    - bundle install
+    - bundle exec rspec
+
 QA:java-maven:
   extends: .QA
   variables:
@@ -115,7 +122,7 @@ QA:ruby-bundler:
   extends: .QA
   variables:
     QA_PROJECT: ruby-bundler
-    QA_REF: 6b858821
+    QA_REF: master
 
 QA:ruby-bundler-v1-1:
   extends: QA:ruby-bundler
diff --git a/.rspec b/.rspec
new file mode 100644
index 0000000..c99d2e7
--- /dev/null
+++ b/.rspec
@@ -0,0 +1 @@
+--require spec_helper
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7e00978..efeebe2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # GitLab License management changelog
 
+## v1.7.1
+
+- Add mappings for legacy license names
+
 ## v1.7.0
 
 - Convert HTML to JSON transformation to generating a JSON report directly.
diff --git a/Gemfile b/Gemfile
new file mode 100644
index 0000000..fa75df1
--- /dev/null
+++ b/Gemfile
@@ -0,0 +1,3 @@
+source 'https://rubygems.org'
+
+gemspec
diff --git a/Gemfile.lock b/Gemfile.lock
new file mode 100644
index 0000000..9f6acfe
--- /dev/null
+++ b/Gemfile.lock
@@ -0,0 +1,47 @@
+PATH
+  remote: .
+  specs:
+    license-management (1.7.0)
+      license_finder (= 5.6.2)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    diff-lcs (1.3)
+    license_finder (5.6.2)
+      bundler
+      rubyzip
+      thor
+      toml (= 0.2.0)
+      with_env (= 1.1.0)
+      xml-simple
+    parslet (1.8.2)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.0)
+      rspec-support (~> 3.9.0)
+    rspec-expectations (3.9.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.0)
+    rubyzip (2.0.0)
+    thor (0.20.3)
+    toml (0.2.0)
+      parslet (~> 1.8.0)
+    with_env (1.1.0)
+    xml-simple (1.1.5)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  license-management!
+  rspec (~> 3.9)
+
+BUNDLED WITH
+   2.0.2
diff --git a/bin/test_all b/bin/test_all
index 52c7f18..1eb5993 100755
--- a/bin/test_all
+++ b/bin/test_all
@@ -18,6 +18,6 @@ do
   QA_PROJECT=java-maven QA_REF=831c7a04 ./bin/test
   QA_PROJECT=python-pip QA_REF=04dce91b LM_PYTHON_VERSION=2 ./bin/test
   QA_PROJECT=python-pip QA_RESULTS="python3-pip-v$version" QA_REF=48e250a1 LM_PYTHON_VERSION=3 ./bin/test
-  QA_PROJECT=ruby-bundler QA_REF=6b858821 ./bin/test
+  QA_PROJECT=ruby-bundler QA_REF=master ./bin/test
   QA_PROJECT=js-yarn QA_REF=master ./bin/test
 done
diff --git a/license-management.gemspec b/license-management.gemspec
index a4b6daa..3f33e9b 100644
--- a/license-management.gemspec
+++ b/license-management.gemspec
@@ -28,4 +28,5 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
 
   spec.add_dependency 'license_finder', ENV.fetch('LICENSE_FINDER_VERSION', '5.6.2')
+  spec.add_development_dependency 'rspec', '~> 3.9'
 end
diff --git a/normalized-licenses.yml b/normalized-licenses.yml
index e26df4f..cc184d5 100644
--- a/normalized-licenses.yml
+++ b/normalized-licenses.yml
@@ -1,10 +1,11 @@
 ---
 ids:
   ASL, version 2: Apache-2.0
+  Apache 2.0: Apache-2.0
   Apache1_1: Apache-1.1
   Apache2: Apache-2.0
-  Apache 2.0: Apache-2.0
   BSD: BSD-4-Clause
+  CC0 1.0 Universal: CC0-1.0
   CC01: CC0-1.0
   EPL1: EPL-1.0
   GPLv2: GPL-2.0
@@ -18,12 +19,17 @@ ids:
   MPL 1.1: MPL-1.1
   MPL1_1: MPL-1.1
   MPL2: MPL-2.0
+  Mozilla Public License 2.0: MPL-2.0
   New BSD License: BSD-3-Clause
+  New BSD: BSD-3-Clause
   NewBSD: BSD-3-Clause
+  Python Software Foundation License: Python-2.0
   Python: Python-2.0
   Ruby: Ruby
+  Simplified BSD: BSD-2-Clause
   SimplifiedBSD: BSD-2-Clause
   http://www.apache.org/licenses/LICENSE-2.0: Apache-2.0
+  ruby: Ruby
   unknown: unknown
 licenses:
   GPL-3.0:
diff --git a/spec/license/management/report/v2_spec.rb b/spec/license/management/report/v2_spec.rb
new file mode 100644
index 0000000..766c08d
--- /dev/null
+++ b/spec/license/management/report/v2_spec.rb
@@ -0,0 +1,43 @@
+RSpec.describe License::Management::Report::V2 do
+  describe "#to_h" do
+    {
+      'AGPL-1.0' => 'AGPL-1.0',
+      'AGPL-3.0' => 'AGPL-3.0',
+      'Apache 2.0' => 'Apache-2.0',
+      'Artistic-2.0' => 'Artistic-2.0',
+      'BSD' => 'BSD-4-Clause',
+      'CC0 1.0 Universal' => 'CC0-1.0',
+      'CDDL-1.0' => 'CDDL-1.0',
+      'CDDL-1.1' => 'CDDL-1.1',
+      'EPL-1.0' => 'EPL-1.0',
+      'EPL-2.0' => 'EPL-2.0',
+      'GPLv2' => 'GPL-2.0',
+      'GPLv3' => 'GPL-3.0',
+      'ISC' => 'ISC',
+      'LGPL' => 'LGPL-3.0-only',
+      'LGPL-2.1' => 'LGPL-2.1',
+      'MIT' => 'MIT',
+      'Mozilla Public License 2.0' => 'MPL-2.0',
+      'MS-PL' => 'MS-PL',
+      'MS-RL' => 'MS-RL',
+      'New BSD' => 'BSD-3-Clause',
+      'Python Software Foundation License' => 'Python-2.0',
+      'ruby' => 'Ruby',
+      'Simplified BSD' => 'BSD-2-Clause',
+      'WTFPL' => 'WTFPL',
+      'Zlib' => 'Zlib'
+    }.each do |old_name, spdx_id|
+      context "when mapping the legacy license name #{old_name}" do
+        subject { described_class.new([dependency]) }
+
+        let(:license) { LicenseFinder::License.new(short_name: old_name, matcher: LicenseFinder::License::NoneMatcher.new, url: nil) }
+        let(:dependency) { double(name: 'x', summary: '', description: '', homepage: '', licenses: [license]) }
+        let(:result) { subject.to_h }
+
+        specify { expect(result[:version]).to eq('2.0') }
+        specify { expect(result[:licenses].count).to be(1) }
+        specify { expect(result[:licenses][0]['id']).to eq(spdx_id) }
+      end
+    end
+  end
+end
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
new file mode 100644
index 0000000..2282613
--- /dev/null
+++ b/spec/spec_helper.rb
@@ -0,0 +1,16 @@
+require 'license/management'
+
+RSpec.configure do |config|
+  config.expect_with :rspec do |expectations|
+    expectations.include_chain_clauses_in_custom_matcher_descriptions = true
+  end
+  config.mock_with :rspec do |mocks|
+    mocks.verify_partial_doubles = true
+  end
+  config.shared_context_metadata_behavior = :apply_to_host_groups
+  config.filter_run_when_matching :focus
+  config.disable_monkey_patching!
+  config.warnings = true
+  config.order = :random
+  Kernel.srand config.seed
+end
diff --git a/test/results/ruby-bundler-v1.1.json b/test/results/ruby-bundler-v1.1.json
index 7bfd775..2a8833e 100644
--- a/test/results/ruby-bundler-v1.1.json
+++ b/test/results/ruby-bundler-v1.1.json
@@ -28,7 +28,7 @@
       },
       "dependency": {
         "name": "bundler",
-        "url": "https://bundler.io",
+        "url": "http://bundler.io",
         "description": "The best way to manage your application's dependencies",
         "pathes": [
           "."
diff --git a/test/results/ruby-bundler-v1.json b/test/results/ruby-bundler-v1.json
index c66a9a3..03b3505 100644
--- a/test/results/ruby-bundler-v1.json
+++ b/test/results/ruby-bundler-v1.json
@@ -21,7 +21,7 @@
       },
       "dependency": {
         "name": "bundler",
-        "url": "https://bundler.io",
+        "url": "http://bundler.io",
         "description": "The best way to manage your application's dependencies",
         "pathes": [
           "."
diff --git a/test/results/ruby-bundler-v2.json b/test/results/ruby-bundler-v2.json
index 31a2c0b..5e4501f 100644
--- a/test/results/ruby-bundler-v2.json
+++ b/test/results/ruby-bundler-v2.json
@@ -23,7 +23,7 @@
   "dependencies": [
     {
       "name": "bundler",
-      "url": "https://bundler.io",
+      "url": "http://bundler.io",
       "description": "The best way to manage your application's dependencies",
       "paths": [
         "."