diff options
| author | mo khan <mo.khan@gmail.com> | 2020-02-28 12:53:52 -0700 |
|---|---|---|
| committer | mo khan <mo.khan@gmail.com> | 2020-02-28 12:53:52 -0700 |
| commit | a5214195a3c025581cacbcbb29eca3d46d26bae0 (patch) | |
| tree | fce748069707ff9a11e016cebd29f1eec2801b05 | |
| parent | 9dcd085ca32201156e4595e4cbe35bb2a1d39a17 (diff) | |
| parent | b04960caaf1abe23bc03d96688267f79aa6613a1 (diff) | |
Merge remote-tracking branch 'origin/master' into CraigGardener/license-management-php-gd
| -rw-r--r-- | .env.12-10-stable | 1 | ||||
| -rw-r--r-- | .env.12-9-stable | 1 | ||||
| -rw-r--r-- | .gitlab-ci.yml | 3 | ||||
| -rw-r--r-- | .gitlab/release.yml | 10 | ||||
| -rw-r--r-- | CHANGELOG.md | 20 | ||||
| -rw-r--r-- | Dockerfile | 18 | ||||
| -rw-r--r-- | Gemfile.lock | 8 | ||||
| -rw-r--r-- | README.md | 40 | ||||
| -rwxr-xr-x | bin/docker-build | 10 | ||||
| -rw-r--r-- | lib/license/management.rb | 22 | ||||
| -rw-r--r-- | lib/license/management/python/pipenv.rb | 64 | ||||
| -rw-r--r-- | lib/license/management/python/pypi.rb | 44 | ||||
| -rw-r--r-- | lib/license/management/version.rb | 2 | ||||
| -rw-r--r-- | license-management.gemspec | 3 | ||||
| -rwxr-xr-x | run.sh | 28 | ||||
| -rw-r--r-- | spec/fixtures/build.gradle.kts | 11 | ||||
| -rw-r--r-- | spec/integration/java/gradle_spec.rb | 26 | ||||
| -rw-r--r-- | spec/integration/ruby/bundler_spec.rb | 41 | ||||
| -rw-r--r-- | spec/spec_helper.rb | 2 | ||||
| -rw-r--r-- | spec/support/fixture_file_helper.rb | 5 | ||||
| -rw-r--r-- | spec/support/matchers.rb | 2 | ||||
| -rw-r--r-- | test/results/java-maven-v1.1.json | 216 | ||||
| -rw-r--r-- | test/results/java-maven-v1.json | 148 | ||||
| -rw-r--r-- | test/results/java-maven-v2.json | 144 |
24 files changed, 215 insertions, 654 deletions
diff --git a/.env.12-10-stable b/.env.12-10-stable new file mode 100644 index 0000000..0ee1d53 --- /dev/null +++ b/.env.12-10-stable @@ -0,0 +1 @@ +LM_REPORT_VERSION '2.0' diff --git a/.env.12-9-stable b/.env.12-9-stable new file mode 100644 index 0000000..0ee1d53 --- /dev/null +++ b/.env.12-9-stable @@ -0,0 +1 @@ +LM_REPORT_VERSION '2.0' diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index b29663d..deb4123 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -27,8 +27,7 @@ build commit: script: - docker info - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY - - docker pull $CI_REGISTRY_IMAGE:edge || true - - docker build --cache-from $CI_REGISTRY_IMAGE:edge -t $TMP_IMAGE . + - docker build -t $TMP_IMAGE . - docker push $TMP_IMAGE container_scanning: diff --git a/.gitlab/release.yml b/.gitlab/release.yml index 5d0950d..2f24dbb 100644 --- a/.gitlab/release.yml +++ b/.gitlab/release.yml @@ -12,6 +12,16 @@ major: latest: extends: .release +12-10-stable: + extends: .release + variables: + DOTENV: ".env.12-10-stable" + +12-9-stable: + extends: .release + variables: + DOTENV: ".env.12-9-stable" + 12-8-stable: extends: .release variables: diff --git a/CHANGELOG.md b/CHANGELOG.md index b2b8f7a..dac69aa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,25 @@ # GitLab License management changelog +## v2.7.0 + +- Install project specific versions of gradle at scan time. (!118) + +## v2.6.0 + +- Upgrade to license finder 6.0.0 docker image (!115) + +## v2.5.2 + +- Exclude development/test dependencies by default (!117) + +## v2.5.1 + +- Install bundler `1.x` and `2.x` (!116) + +## v2.5.0 + +- Upgrade [LicenseFinder](https://github.com/pivotal/LicenseFinder/releases/tag/v6.0.0) to version `6.0.0` (!112) + ## v2.4.3 - Add support for `gradlew` (!109) @@ -1,13 +1,8 @@ -FROM licensefinder/license_finder:5.11.1 +FROM licensefinder/license_finder:6.0.0 ENV PATH="${PATH}:/root/.asdf/shims:/root/.asdf/bin" ENV LM_HOME=/opt/license-management ENV LM_PYTHON_VERSION 3 ENV LM_REPORT_VERSION ${LM_REPORT_VERSION:-2} -RUN cd /tmp && \ - wget --quiet --no-cookies https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.5%2B10/OpenJDK11U-jdk_x64_linux_hotspot_11.0.5_10.tar.gz -O jdk-11.tgz && \ - tar xf /tmp/jdk-11.tgz && \ - mv jdk-11.0.5+10 /usr/lib/jvm/adoptopen_jdk11 && \ - rm /tmp/jdk-11.tgz RUN npm install npm-install-peers # Don't let Rubygem fail with the numerous projects using PG or MySQL, @@ -17,6 +12,7 @@ RUN add-apt-repository ppa:ondrej/php -y && apt-get update -y && \ apt-get upgrade -y --no-install-recommends && \ apt-get install -y --no-install-recommends \ bsdmainutils \ + jq \ libjpeg8-dev \ zlib1g-dev \ libpq-dev libmysqlclient-dev realpath \ @@ -24,12 +20,22 @@ RUN add-apt-repository ppa:ondrej/php -y && apt-get update -y && \ git clone --depth 1 --branch v0.7.6 https://github.com/asdf-vm/asdf.git $HOME/.asdf && \ echo 'pip' >> $HOME/.default-python-packages && \ echo 'setuptools' >> $HOME/.default-python-packages && \ + echo 'conan' >> $HOME/.default-python-packages && \ echo '\n. $HOME/.asdf/asdf.sh' >> $HOME/.bashrc && \ + echo 'legacy_version_file = yes' > $HOME/.asdfrc && \ + asdf plugin-add gradle && \ + asdf plugin-add java && \ asdf plugin-add python && \ + echo 'gradle system' >> $HOME/.tool-versions && \ + echo 'java adopt-openjdk-8u242-b08 adopt-openjdk-11.0.6+10' >> $HOME/.tool-versions && \ echo 'python 3.8.1 3.5.9 2.7.17' >> $HOME/.tool-versions && \ asdf install && \ + asdf global gradle system && \ + asdf global java adopt-openjdk-8u242-b08 && \ asdf global python 3.8.1 && \ asdf reshim && \ + bash -lc "gem install --no-document 'bundler:~> 1.7' 'bundler:~> 2.0'" && \ + rm -fr /opt/jdk* && \ rm -rf /var/lib/apt/lists/* COPY config/NuGet /root/.config/NuGet diff --git a/Gemfile.lock b/Gemfile.lock index 02a54aa..740baeb 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,9 +1,8 @@ PATH remote: . specs: - license-management (2.4.3) - license_finder (~> 5.11) - net-hippie (~> 0.3) + license-management (2.7.0) + license_finder (~> 6.0.0) GEM remote: https://rubygems.org/ @@ -13,14 +12,13 @@ GEM diff-lcs (1.3) json-schema (2.8.1) addressable (>= 2.4) - license_finder (5.11.1) + license_finder (6.0.0) bundler rubyzip (>= 1, < 3) thor toml (= 0.2.0) with_env (= 1.1.0) xml-simple - net-hippie (0.3.2) parslet (1.8.2) public_suffix (4.0.3) rspec (3.9.0) @@ -38,12 +38,18 @@ You can then run License Management on some target directory: docker run --rm --volume "/path/to/my/project":/code license-management analyze /code ``` -You can run integration tests on the image like this: +You can run the QA tests using the following command: ```sh ./bin/test-all ``` +Or you can run a specific QA test using the following command: + +```sh +QA_PROJECT=project_name QA_REF=git_ref ./bin/test +``` + where: - `project_name` is the project slug among the @@ -105,7 +111,6 @@ or its shorthand form (`--env MY_SETTING_VAR`) if the configuration comes from a *Tip:* in case you still need to run tests during license management check, supply `MAVEN_CLI_OPTS=-DskipTests=false` to the docker command. - ## Versioning and release process 1. Create a new entry in the `.gitlab/release.yml` file for the new version to release. @@ -126,6 +131,37 @@ to the docker command. Please check the [Release Process documentation](https://gitlab.com/gitlab-org/security-products/release/blob/master/docs/release_process.md). +## Upgrading to the latest version of LicenseFinder + +The License Management projects depends on two different upstream components. + +1. The [LicenseFinder](https://rubygems.org/gems/license_finder) Ruby gem. +2. The [LicenseFinder](https://hub.docker.com/r/licensefinder/license_finder) Docker image. + +Upgrading each can be performed as two separate changes and do not need to occur simultaneously, +unless a new package manager has been added and additional tooling needs to be installed. + +### Upgrading the Ruby gem + +1. Check for the latest version of `LicenseFinder` at [https://rubygems.org/gems/license_finder](https://rubygems.org/gems/license_finder) +1. Check the version of the `license_finder` gem that is currently being used in the `Gemfile.lock`. E.g. [here](https://gitlab.com/gitlab-org/security-products/license-management/-/blob/39afdc40296871d9f7c1732ff3f7e1e3b7b28bbe/Gemfile.lock#L15) +1. If an update is available, create a new branch +1. Bump the license management version in [CHANGELOG.md](https://gitlab.com/gitlab-org/security-products/license-management/-/blob/master/CHANGELOG.md) and in [version.rb](https://gitlab.com/gitlab-org/security-products/license-management/-/blob/master/lib/license/management/version.rb) +1. Update the `license_finder` version constraint in the [gemspec](https://gitlab.com/gitlab-org/security-products/license-management/-/blob/39afdc40296871d9f7c1732ff3f7e1e3b7b28bbe/license-management.gemspec#L30). +1. Run `bundle update license_finder` +1. Test the changes locally using the `bin/test-all` script. +1. Submit a merge request. + +### Upgrading the Docker image + +1. Check for the latest version of `LicenseFinder` at [https://hub.docker.com/r/licensefinder/license_finder/tags](https://hub.docker.com/r/licensefinder/license_finder/tags) +1. Check the version of `license_finder` docker image that is currently being used in the `Dockerfile`. E.g. [here](https://gitlab.com/gitlab-org/security-products/license-management/-/blob/39afdc40296871d9f7c1732ff3f7e1e3b7b28bbe/Dockerfile#L1) +1. If an update is available, create a branch +1. Bump the license management version in [CHANGELOG.md](https://gitlab.com/gitlab-org/security-products/license-management/-/blob/master/CHANGELOG.md) and in [version.rb](https://gitlab.com/gitlab-org/security-products/license-management/-/blob/master/lib/license/management/version.rb) +1. Edit the version specified in the `DockerFile` to match the desired `license_finder` Docker image tag. +1. Test the changes locally using the `bin/test-all` script. +1. Submit a merge request. + # Contributing If you want to help, read the [contribution guidelines](CONTRIBUTING.md). diff --git a/bin/docker-build b/bin/docker-build index 428dda8..1751c74 100755 --- a/bin/docker-build +++ b/bin/docker-build @@ -4,6 +4,12 @@ set -e cd "$(dirname "$0")/.." -IMAGE_NAME=${IMAGE_NAME:-$(basename "$PWD"):latest} +if command -v docker; then + IMAGE_NAME=${IMAGE_NAME:-$(basename "$PWD"):latest} + + docker build . -t "$IMAGE_NAME" --pull +else + echo "Install docker: https://docs.docker.com/engine/installation/" + exit 1 +fi -docker build . -t "$IMAGE_NAME" --pull diff --git a/lib/license/management.rb b/lib/license/management.rb index ebab5e2..37fe1a0 100644 --- a/lib/license/management.rb +++ b/lib/license/management.rb @@ -6,8 +6,6 @@ require 'json' require 'license_finder' require 'license/management/loggable' require 'license/management/verifiable' -require 'license/management/python/pipenv' -require 'license/management/python/pypi' require 'license/management/repository' require 'license/management/report' require 'license/management/version' @@ -15,26 +13,6 @@ require 'license/management/version' # This applies a monkey patch to the JsonReport found in the `license_finder` gem. LicenseFinder::JsonReport.prepend(License::Management::Report) -# This monkey patch can be removed once https://github.com/pivotal/LicenseFinder/pull/659 is released -LicenseFinder::Scanner.const_set( - :PACKAGE_MANAGERS, - LicenseFinder::Scanner::PACKAGE_MANAGERS + [License::Management::Pipenv] -) - -# This monkey patch can be removed once we upgrade to license_finder 5.9.2. Details [here](https://gitlab.com/gitlab-org/gitlab/issues/13748#note_235810786). -module LicenseFinder - class Bundler < PackageManager - def definition - @definition ||= - begin - Dir.chdir(project_path.to_s) do - ::Bundler::Definition.build(detected_package_path, lockfile_path, nil) - end - end - end - end -end - module License module Management def self.root diff --git a/lib/license/management/python/pipenv.rb b/lib/license/management/python/pipenv.rb deleted file mode 100644 index 482fd25..0000000 --- a/lib/license/management/python/pipenv.rb +++ /dev/null @@ -1,64 +0,0 @@ -# frozen_string_literal: true - -module License - module Management - class Pipenv < LicenseFinder::PackageManager - include Loggable - - def initialize(options = {}) - super - @lockfile = Pathname('Pipfile.lock') - end - - def current_packages - @current_packages ||= - begin - packages = {} - each_dependency(groups: allowed_groups) do |name, data, group| - version = canonicalize(data['version']) - package = packages.fetch(key_for(name, version)) do |key| - packages[key] = build_package_for(name, version) - end - package.groups << group - end - packages.values - end - end - - def possible_package_paths - project_path ? [project_path.join(@lockfile)] : [@lockfile] - end - - private - - def each_dependency(groups: []) - dependencies = JSON.parse(IO.read(detected_package_path)) - groups.each do |group| - dependencies[group].each do |name, data| - yield name, data, group - end - end - end - - def canonicalize(version) - version.sub(/^==/, '') - end - - def build_package_for(name, version) - LicenseFinder::PipPackage.new(name, version, PyPI.definition(name, version)) - end - - def key_for(name, version) - "#{name}-#{version}" - end - - def allowed_groups - %w[default develop] - ignored_groups - end - - def ignored_groups - @ignored_groups.to_a || [] - end - end - end -end diff --git a/lib/license/management/python/pypi.rb b/lib/license/management/python/pypi.rb deleted file mode 100644 index 0397532..0000000 --- a/lib/license/management/python/pypi.rb +++ /dev/null @@ -1,44 +0,0 @@ -# frozen_string_literal: true - -require 'net/hippie' - -module License - module Management - class PyPI - include Loggable - - def initialize(http) - @http = http - end - - def definition_for(name, version) - uri = "https://pypi.org/pypi/#{name}/#{version}/json" - process(@http.with_retry { |client| client.get(uri) }).tap do |definition| - log_info([name, version, definition["license"]].inspect) - end - rescue *Net::Hippie::CONNECTION_ERRORS - {} - end - - class << self - def definition(name, version) - @pypi ||= new(License::Management.http) - @pypi.definition_for(name, version) - end - end - - private - - def process(response) - return JSON.parse(response.body).fetch('info', {}) if ok?(response) - - log_error([response.class, response.code, response.body].inspect) - {} - end - - def ok?(response) - response.is_a?(Net::HTTPSuccess) - end - end - end -end diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb index 7c4b598..7a3cc03 100644 --- a/lib/license/management/version.rb +++ b/lib/license/management/version.rb @@ -2,6 +2,6 @@ module License module Management - VERSION = '2.4.3' + VERSION = '2.7.0' end end diff --git a/license-management.gemspec b/license-management.gemspec index 60ab5e1..1ff11b0 100644 --- a/license-management.gemspec +++ b/license-management.gemspec @@ -27,8 +27,7 @@ Gem::Specification.new do |spec| spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) } spec.require_paths = ['lib'] - spec.add_dependency 'license_finder', '~> 5.11' - spec.add_dependency 'net-hippie', '~> 0.3' + spec.add_dependency 'license_finder', '~> 6.0.0' spec.add_development_dependency 'json-schema', '~> 2.8' spec.add_development_dependency 'rspec', '~> 3.9' end @@ -78,13 +78,14 @@ case "$LM_PYTHON_VERSION" in "3") echo "switching to python $LM_PYTHON_VERSION" LICENSE_FINDER_CLI_OPTS="--python-version 3 $LICENSE_FINDER_CLI_OPTS" + asdf shell python "$(asdf list python | awk '{ print $1 }' | grep '^3' | sort -rn | head -n1)" pip --version ;; "3.5") echo "switching to python $LM_PYTHON_VERSION" LICENSE_FINDER_CLI_OPTS="--python-version 3 $LICENSE_FINDER_CLI_OPTS" - asdf shell python 3.5.9 + asdf shell python "$(asdf list python | awk '{ print $1 }' | grep '^3.5')" pip --version ;; @@ -109,7 +110,10 @@ case "$COMMAND" in shift pushd $APP_PATH > /dev/null + asdf list + asdf current if [[ -z "${SETUP_CMD}" ]]; then + asdf install # Before running license_finder, we need to install dependencies for the project. if test -f Gemfile ; then if test -n "$rvm_recommended_ruby" ; then @@ -117,18 +121,19 @@ case "$COMMAND" in # This always end in the cryptic "bash: Searching: command not found" error but Ruby is installed # So we ignore the error. $($rvm_recommended_ruby) 2>/dev/null || true - rvm use . - bundler_version=$(grep -A1 "BUNDLED WITH" Gemfile.lock | tail -n 1) - gem install bundler -v "${bundler_version}" || gem install bundler + rvm use . || rvm use default + gem install --conservative --no-document 'bundler:~> 1.7' 'bundler:~> 2.0' # rvm pulls outdated gems # need this to update system bundler # We need to install the license_finder gem into this Ruby version too. gem install --no-document /opt/license-management/*.gem fi - # Ignore test and development dependencies. - license_finder ignored_groups add development - license_finder ignored_groups add test + ruby -v + gem --version + bundle --version + bundle config --local path 'vendor/bundle' + bundle config --local without 'development test' bundle install --jobs $(nproc) skip_prepare=true fi @@ -162,10 +167,11 @@ case "$COMMAND" in fi if [[ ${LM_JAVA_VERSION} = "11" ]]; then - JAVA_HOME=/usr/lib/jvm/adoptopen_jdk11 + asdf shell java "$(asdf list java | awk '{ print $1 }' | grep '^adopt-openjdk-11')" elif [[ ${LM_JAVA_VERSION} = "8" ]]; then - JAVA_HOME=/usr/lib/jvm/oracle_jdk8 + asdf shell java "$(asdf list java | awk '{ print $1 }' | grep '^adopt-openjdk-8')" fi + export JAVA_HOME=$(asdf where java) if test -f pom.xml ; then # Install Java Maven dependencies. @@ -190,7 +196,11 @@ case "$COMMAND" in echo "Running license_finder $@ in $PWD" if [ "$skip_prepare" != true ]; then prepare="--prepare-no-fail" + else + prepare="--no-prepare" fi + license_management ignored_groups add development + license_management ignored_groups add test echo "Preparing JSON report..." license_management report ${prepare} --format=json --save=gl-license-management-report.json ${LICENSE_FINDER_CLI_OPTS} popd > /dev/null diff --git a/spec/fixtures/build.gradle.kts b/spec/fixtures/build.gradle.kts new file mode 100644 index 0000000..494fc8b --- /dev/null +++ b/spec/fixtures/build.gradle.kts @@ -0,0 +1,11 @@ +plugins { + `java-library` +} +repositories { + jcenter() +} +dependencies { + api("org.apache.commons:commons-math3:3.6.1") + implementation("com.google.guava:guava:28.1-jre") + testImplementation("junit:junit:4.12") +} diff --git a/spec/integration/java/gradle_spec.rb b/spec/integration/java/gradle_spec.rb index fc52c72..ddde21c 100644 --- a/spec/integration/java/gradle_spec.rb +++ b/spec/integration/java/gradle_spec.rb @@ -47,4 +47,30 @@ plugins { end end end + + [ + '6.2', + '5.6', + '4.9', + '3.5', + '2.9', + '1.9', + ].each do |gradle_version| + %w{8 11}.each do |java_version| + context "when scanning a gradle (v#{gradle_version}) project that uses a kotlin build script" do + let(:build_file_content) { fixture_file_content("build.gradle.kts") } + + it 'scans a gradle project' do + runner.add_file('build.gradle.kts', build_file_content) + runner.add_file('settings.gradle.kts', 'rootProject.name = "example"') + runner.add_file('.tool-versions', "gradle #{gradle_version}") + + report = runner.scan(env: { 'LM_JAVA_VERSION' => java_version }) + expect(report).to match_schema(version: '2.0') + expect(report[:licenses]).to be_empty + expect(report[:dependencies]).to be_empty + end + end + end + end end diff --git a/spec/integration/ruby/bundler_spec.rb b/spec/integration/ruby/bundler_spec.rb index 2cb8f7d..d9b9c85 100644 --- a/spec/integration/ruby/bundler_spec.rb +++ b/spec/integration/ruby/bundler_spec.rb @@ -13,7 +13,6 @@ gem 'saml-kit' end report = runner.scan - expect(report).not_to be_empty expect(report).to match_schema(version: '2.0') expect(report[:licenses]).not_to be_empty expect(report[:dependencies].map { |x| x[:name] }).to include("saml-kit") @@ -87,4 +86,44 @@ BUNDLED WITH expect(report[:dependencies].map { |x| x[:name] }).to include("saml-kit") end end + + context "when a project depends on bundler `~> 2.0`" do + it 'produces a valid report' do + runner.add_file('Gemfile') do + <<~RAW +source 'https://rubygems.org' + +gem 'net-hippie' + RAW + end + runner.add_file('Gemfile.lock') do + <<~RAW +GEM + remote: https://rubygems.org/ + specs: + net-hippie (0.3.2) + +PLATFORMS + ruby + +DEPENDENCIES + net-hippie + +BUNDLED WITH + 2.1.4 + RAW + end + + report = runner.scan + expect(report).to match_schema(version: '2.0') + expect(report[:licenses]).not_to be_empty + expect(find_in(report, 'net-hippie')).to eql({ + name: 'net-hippie', + description: "net/http for hippies. ☮️", + url: "https://github.com/mokhan/net-hippie/", + paths: ['.'], + licenses: ['MIT'] + }) + end + end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 1889335..15c9dad 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -2,10 +2,12 @@ require 'license/management' require 'json' require 'securerandom' require 'json-schema' +require 'support/fixture_file_helper' require 'support/integration_test_helper' require 'support/matchers' RSpec.configure do |config| + config.include FixtureFileHelper config.include IntegrationTestHelper, type: :integration config.define_derived_metadata(file_path: /\/spec\/integration/) do |metadata| metadata[:type] = :integration diff --git a/spec/support/fixture_file_helper.rb b/spec/support/fixture_file_helper.rb new file mode 100644 index 0000000..c98b98a --- /dev/null +++ b/spec/support/fixture_file_helper.rb @@ -0,0 +1,5 @@ +module FixtureFileHelper + def fixture_file_content(path) + IO.read(License::Management.root.join("spec/fixtures/#{path}")) + end +end diff --git a/spec/support/matchers.rb b/spec/support/matchers.rb index 12bbdf7..595cd17 100644 --- a/spec/support/matchers.rb +++ b/spec/support/matchers.rb @@ -3,7 +3,7 @@ RSpec::Matchers.define :match_schema do |version: '2.0'| License::Management.root.join("spec/fixtures/schema/v#{version}.json").to_s end match do |actual| - !actual.nil? && JSON::Validator.fully_validate(schema_for(version), actual).empty? + !actual.nil? && (@errors = JSON::Validator.fully_validate(schema_for(version), actual)).empty? end failure_message do |response| diff --git a/test/results/java-maven-v1.1.json b/test/results/java-maven-v1.1.json index 0195bee..e337e49 100644 --- a/test/results/java-maven-v1.1.json +++ b/test/results/java-maven-v1.1.json @@ -2,28 +2,20 @@ "version": "1.1", "licenses": [ { - "count": 25, + "count": 19, "name": "Apache 2.0" }, { - "count": 3, - "name": "MIT" - }, - { "count": 2, "name": "CDDL + GPLv2 with classpath exception" }, { - "count": 1, - "name": "BSD" - }, - { - "count": 1, - "name": "BSD style" + "count": 2, + "name": "MIT" }, { "count": 1, - "name": "Common Public License Version 1.0" + "name": "BSD" }, { "count": 1, @@ -31,10 +23,6 @@ }, { "count": 1, - "name": "MPL 1.1, GNU Lesser General Public License version 2.1, Apache 2.0" - }, - { - "count": 1, "name": "Mozilla Public License 2.0" } ], @@ -232,24 +220,6 @@ { "licenses": [ { - "name": "BSD style", - "url": "" - } - ], - "license": { - "name": "BSD style" - }, - "dependency": { - "name": "hamcrest-core", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "licenses": [ - { "name": "Apache 2.0", "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" } @@ -307,33 +277,6 @@ { "licenses": [ { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - { - "name": "GNU Lesser General Public License version 2.1", - "url": "https://opensource.org/licenses/LGPL-2.1" - }, - { - "name": "MPL 1.1", - "url": "" - } - ], - "license": { - "name": "MPL 1.1, GNU Lesser General Public License version 2.1, Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { - "name": "javassist", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "licenses": [ - { "name": "CDDL + GPLv2 with classpath exception", "url": "" } @@ -430,24 +373,6 @@ { "licenses": [ { - "name": "Common Public License Version 1.0", - "url": "" - } - ], - "license": { - "name": "Common Public License Version 1.0" - }, - "dependency": { - "name": "junit", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "licenses": [ - { "name": "Apache 2.0", "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" } @@ -505,25 +430,6 @@ { "licenses": [ { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - } - ], - "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "mockito-core", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "licenses": [ - { "name": "Apache 2.0", "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" } @@ -552,25 +458,6 @@ "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, "dependency": { - "name": "objenesis", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "licenses": [ - { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - } - ], - "license": { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { "name": "plexus-utils", "description": "", "pathes": [ @@ -581,101 +468,6 @@ { "licenses": [ { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - } - ], - "license": { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { - "name": "powermock-api-mockito", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "licenses": [ - { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - } - ], - "license": { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { - "name": "powermock-api-mockito-common", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "licenses": [ - { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - } - ], - "license": { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { - "name": "powermock-api-support", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "licenses": [ - { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - } - ], - "license": { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { - "name": "powermock-core", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "licenses": [ - { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - } - ], - "license": { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { - "name": "powermock-reflect", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "licenses": [ - { "name": "Mozilla Public License 2.0", "url": "https://www.mozilla.org/media/MPL/2.0/index.815ca599c9df.txt" } diff --git a/test/results/java-maven-v1.json b/test/results/java-maven-v1.json index 6dbc2f3..f0bb0f5 100644 --- a/test/results/java-maven-v1.json +++ b/test/results/java-maven-v1.json @@ -1,28 +1,20 @@ { "licenses": [ { - "count": 25, + "count": 19, "name": "Apache 2.0" }, { - "count": 3, - "name": "MIT" - }, - { "count": 2, "name": "CDDL + GPLv2 with classpath exception" }, { - "count": 1, - "name": "BSD" - }, - { - "count": 1, - "name": "BSD style" + "count": 2, + "name": "MIT" }, { "count": 1, - "name": "Common Public License Version 1.0" + "name": "BSD" }, { "count": 1, @@ -30,10 +22,6 @@ }, { "count": 1, - "name": "MPL 1.1, GNU Lesser General Public License version 2.1, Apache 2.0" - }, - { - "count": 1, "name": "Mozilla Public License 2.0" } ], @@ -170,18 +158,6 @@ }, { "license": { - "name": "BSD style" - }, - "dependency": { - "name": "hamcrest-core", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "license": { "name": "Apache 2.0", "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -221,19 +197,6 @@ }, { "license": { - "name": "MPL 1.1, GNU Lesser General Public License version 2.1, Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { - "name": "javassist", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "license": { "name": "CDDL + GPLv2 with classpath exception" }, "dependency": { @@ -296,18 +259,6 @@ }, { "license": { - "name": "Common Public License Version 1.0" - }, - "dependency": { - "name": "junit", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "license": { "name": "Apache 2.0", "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -347,19 +298,6 @@ }, { "license": { - "name": "MIT", - "url": "http://opensource.org/licenses/mit-license" - }, - "dependency": { - "name": "mockito-core", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "license": { "name": "Apache 2.0", "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, @@ -377,19 +315,6 @@ "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" }, "dependency": { - "name": "objenesis", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { "name": "plexus-utils", "description": "", "pathes": [ @@ -399,71 +324,6 @@ }, { "license": { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { - "name": "powermock-api-mockito", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { - "name": "powermock-api-mockito-common", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { - "name": "powermock-api-support", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { - "name": "powermock-core", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "license": { - "name": "Apache 2.0", - "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" - }, - "dependency": { - "name": "powermock-reflect", - "description": "", - "pathes": [ - "." - ] - } - }, - { - "license": { "name": "Mozilla Public License 2.0", "url": "https://www.mozilla.org/media/MPL/2.0/index.815ca599c9df.txt" }, diff --git a/test/results/java-maven-v2.json b/test/results/java-maven-v2.json index ce83702..4b4a06c 100644 --- a/test/results/java-maven-v2.json +++ b/test/results/java-maven-v2.json @@ -5,13 +5,7 @@ "id": "Apache-2.0", "name": "Apache License 2.0", "url": "https://opensource.org/licenses/Apache-2.0", - "count": 27 - }, - { - "id": "MIT", - "name": "MIT License", - "url": "https://opensource.org/licenses/MIT", - "count": 3 + "count": 20 }, { "id": "cddl + gplv2 with classpath exception", @@ -20,33 +14,21 @@ "count": 2 }, { - "id": "LGPL-2.1", - "name": "GNU Lesser General Public License v2.1 only", - "url": "https://opensource.org/licenses/LGPL-2.1", + "id": "MIT", + "name": "MIT License", + "url": "https://opensource.org/licenses/MIT", "count": 2 }, { - "id": "BSD-3-Clause", - "name": "BSD 3-Clause \"New\" or \"Revised\" License", - "url": "https://opensource.org/licenses/BSD-3-Clause", - "count": 1 - }, - { "id": "BSD-4-Clause", "name": "BSD 4-Clause \"Original\" or \"Old\" License", "url": "http://directory.fsf.org/wiki/License:BSD_4Clause", "count": 1 }, { - "id": "CPL-1.0", - "name": "Common Public License 1.0", - "url": "https://opensource.org/licenses/CPL-1.0", - "count": 1 - }, - { - "id": "MPL-1.1", - "name": "Mozilla Public License 1.1", - "url": "https://opensource.org/licenses/MPL-1.1", + "id": "LGPL-2.1", + "name": "GNU Lesser General Public License v2.1 only", + "url": "https://opensource.org/licenses/LGPL-2.1", "count": 1 }, { @@ -168,17 +150,6 @@ ] }, { - "name": "hamcrest-core", - "url": "", - "description": "", - "paths": [ - "." - ], - "licenses": [ - "BSD-3-Clause" - ] - }, - { "name": "jackson-annotations", "url": "", "description": "", @@ -212,19 +183,6 @@ ] }, { - "name": "javassist", - "url": "", - "description": "", - "paths": [ - "." - ], - "licenses": [ - "Apache-2.0", - "LGPL-2.1", - "MPL-1.1" - ] - }, - { "name": "javax.resource-api", "url": "", "description": "", @@ -281,17 +239,6 @@ ] }, { - "name": "junit", - "url": "", - "description": "", - "paths": [ - "." - ], - "licenses": [ - "CPL-1.0" - ] - }, - { "name": "log4j-api", "url": "", "description": "", @@ -325,17 +272,6 @@ ] }, { - "name": "mockito-core", - "url": "", - "description": "", - "paths": [ - "." - ], - "licenses": [ - "MIT" - ] - }, - { "name": "netty", "url": "", "description": "", @@ -347,17 +283,6 @@ ] }, { - "name": "objenesis", - "url": "", - "description": "", - "paths": [ - "." - ], - "licenses": [ - "Apache-2.0" - ] - }, - { "name": "plexus-utils", "url": "", "description": "", @@ -369,61 +294,6 @@ ] }, { - "name": "powermock-api-mockito", - "url": "", - "description": "", - "paths": [ - "." - ], - "licenses": [ - "Apache-2.0" - ] - }, - { - "name": "powermock-api-mockito-common", - "url": "", - "description": "", - "paths": [ - "." - ], - "licenses": [ - "Apache-2.0" - ] - }, - { - "name": "powermock-api-support", - "url": "", - "description": "", - "paths": [ - "." - ], - "licenses": [ - "Apache-2.0" - ] - }, - { - "name": "powermock-core", - "url": "", - "description": "", - "paths": [ - "." - ], - "licenses": [ - "Apache-2.0" - ] - }, - { - "name": "powermock-reflect", - "url": "", - "description": "", - "paths": [ - "." - ], - "licenses": [ - "Apache-2.0" - ] - }, - { "name": "rhino", "url": "", "description": "", |